[New Blog] Credential Harvesting Made Easy

Privacy Policy

Effective Date: May 1, 2018

This Privacy Policy (“Policy”) describes how Randori Inc. (“Company” or “we” or “our” or “us”) treats information collected or provided in connection with an end user’s (“you” or “your” or “user”) use of the Randori website and corresponding service that provides information and analysis with respect to internet and data security located at www.randori.com (collectively, the “Service”). Please note that your use of the Service constitutes your acceptance of this Policy as set forth below:

  1. Collected Information.The information collected during your use of the Service includes the following:

(a) Submitted Information. As part of using the Service, you may submit certain information to us. For example, we collect your name and email address when you register for an account on the Service and will also collect other optional information you may choose to provide as part of such registration and as part of creating your user profile within the Service. When you use the Service, we collect all information and data contained in your queries and requests (“Inputted Data”). We will also collect other information you choose to provide to us through customer service requests and other communications you may initiate. To the extent you decline to share certain information with us, we may not be able to provide some or all of the features and functionalities found on the Service.

(b) Automatically Collected Information. When you use the Service, we gather certain non-personally identifiable information from you, and this information can be associated with your user account and information you submit to us. This includes usage information, such as information on when, how often and for how long you use the Service, as well as server log data such as your device type, operating system and IP address.

(c) Analytics. Our third party analytics service providers will receive data regarding your usage of the Service in order to provide analytics services to us. As of the date of this Policy, these service providers include Google Analytics. For information about the privacy practices of Google Analytics, you can visit http://www.google.com/policies/privacy/partners/. If you elect to opt-out of data collection by these Google Analytics (to the extent available) and subsequently use the Service through a difference device or otherwise change your cookie or privacy settings on your device, you will need to opt-out again.

 (d) Public Information. With your permission, the Company will collect and store Public Information (as defined in our Terms of Service at www.randori.com/terms-of- service/) which we may combine with other information you provide us and use in accordance with this Privacy Policy.

(e) Transaction Information.  If you subscribe to a paid account type, such third-party payment processor as Company may utilize from time to time will receive your payment information for purposes of processing such transactions.  Note that the Company does not receive your credit card information.  

  1. Use of Information.We internally use the information we collect about you as follows:

(a) Provision of Services. We may use collected information for the purposes for which you provided the information including, for example, to create and maintain a Service account for you or to respond to a question that you e-mail to us. We also use the collected information as necessary to provide the features and functionality of the Service to you.

(b) Updates and Troubleshooting. We may also use the collected information to contact you regarding updates or modifications to the Service, to help troubleshoot problems, or alert you to changes in our policies or agreements that may affect your use of the Service.

(c) Personalized Content; Improvements. We may use the collected information to personalize the content that you and others see based on personal characteristics or preferences. We may also analyze collected information relating to your use of the Service in order to help us improve the Service and develop and improve other products and services.

(d) E-mail Information and Offers. We may use the collected information to provide you with newsletters, promotional materials and offers via e-mail. However, we will give you the ability to opt out of receiving such e-mails in accordance with applicable law. We will not provide your personally identifiable information to third parties for their own marketing purposes without your consent. 

(e) Combination. We may combine personal information collected through the Service with other information that we or third parties collect about you in other contexts, such as our communications with you via e-mail, phone, or your customer service records.

  1. Disclosure of Information.We share and disclose the information we collect about you as follows:

(a) Third-party Service Providers. We use contractors and third-party service providers to assist us in the operation of the Service, including service providers who assist us with providing customer service and e-mail newsletter management. Such third-party contractors or service providers may obtain access to the information you provide, including personally identifiable information.

 (b) Business Arrangements. We may disclose non-personally identifiable information to third-party partners in furtherance of our business arrangements with them, including without limitation to jointly offer a product or service to you or create interoperability between our products and services and the products and services of such partners.

(c) Legal Requirement. We will use and disclose any information (including Inputted Data and Public Information) where we, in good faith, believe that the law or legal process (such as a court order, search warrant or subpoena) requires us to do so or in other circumstances where we believe it is necessary to protect the rights or property of Company, our users and/or third parties.

 (d) Affiliates. We may disclose this information to our affiliates for use as described in this Policy.

  1. Effective Date; Changes.This Policy applies to all information collected by or provided to us on and after the Effective Date. When we make any material changes to this Policy, we will change the Effective Date. We will treat your continued use of the Service following such change as your acceptance of the changes.
  2. Third Parties.The Service may contain offers from third parties or links to third-party websites. This Policy does not apply to information that you may provide to or that may be collected by third parties. We encourage you to request such third parties to provide you with their applicable privacy policies and other terms and conditions before engaging with or making a purchase from such third parties.
  3. Viewing, Amending and Deleting Information.You can log into your account and view, amend or delete your account information at any time. Please note that while changes to your profile information are reflected promptly in active user databases, our servers may retain previously provided information. Deletion of your Service user account will not result in the deletion of Inputted Data or Public Information from our servers.
  4. Security.The personally identifiable information we collect about you is stored in limited access servers. We will maintain reasonable safeguards to protect the security of these servers and your personally identifiable information. However, no security measures are 100% effective and we cannot guarantee the security of your personally identifiable information. We expressly disclaim any representation or warranty, whether express or implied, with respect to ensuring, guaranteeing or otherwise offering any definitive promise of security in connection with your personal information or usage information. The Company does not recommend using the Service to exchange any financial, medical or other sensitive information (including credit card numbers).
  5. Children Under 13.We do not knowingly collect information from children under 13 and the Service is not directed at persons under 18. If you are a parent and believe your child under the age of 13 has used the Service and provided personally identifiable information to us through the Service, please contact us at the phone number and address provided in Section 11 of this Policy and we will work to delete that Service account and any such personally identifiable information.
  6. Transfer as Corporate Asset.In the event of a merger, sale of capital stock or assets, reorganization, consolidation or similar transaction involving Company, the information we possess, including personally identifiable information, shall be transferred as a corporate asset to the acquiring entity, provided that such entity will continue to handle such information in accordance with this Policy.
  7. Transfer to the U.S. or Other Countries.The Company uses facilities in the United States. Your information will be stored and processed in the United States or other countries where Company has facilities. By using the Service, you consent to the transfer of information outside of your country, even if your country has more rigorous data protection standards.
  8. Contacting Us.If you have any questions about this Policy, please contact us at: Randori Inc., support@randori.com, telephone: 617.501.2621.