last updated: June 20, 2015
WHAT INFORMATION WE COLLECT
TECHNICAL AND USAGE INFORMATION
CHILDREN UNDER THE AGE OF 13
HOW WE USE THE INFORMATION WE COLLECT
HOW WE SHARE INFORMATION WITH THIRD PARTIES
LINKS TO OTHER WEBSITES
CIGITAL BLOGS AND OTHER FORUMS
WHERE WE HOLD DATA – SAFE HARBOR FRAMEWORK
We collect personal and business related information on our Sites. Personal information is information that can be used to identify you individually, such as your name, address, phone and fax numbers, and email address. We also collect certain technical information which may include information about how you use our Sites, the areas of our Sites that you visit, internet protocol (“IP”) addresses you may access our Sites from, browser types, and internet service provider (“ISP”) that you may use.
The following is a more detailed explanation of these types of information.
We may collect information that identifies you personally, such as your name, address, job title, phone and fax numbers and e-mail address, when you submit a form, such as, but not limited to, a form that requests additional information about Cigital solutions (“personal information”). We may collect additional information if you choose to submit it, especially, but not limited to the “Careers” section of our Site, including, but not limited to: job title, employer (past and present), educational background, business telephone number, social security number, prior employment, personal references, race, and mailing addresses. We will only collect and use this information to the extent it is necessary to respond to your inquiry, form / amend or perform a contractual relationship with you, and to send you communications related to our solutions, products, services, promotions, company, and other products or services as further described in the section entitled, “How we use information we collect”, below. If you choose to submit your resume to us through our Sites or via a third party website, we will collect the information provided in order to contact you about potential employment opportunities.
Technical and usage information
We and our third party service providers may collect technical information from you, including anonymized information about how you use our Sites and the areas of our Sites that you visit.
Children Under the Age of 13
Our Sites are not intended for children under 13 years of age. No one under age 13 may provide any information to or on our Sites. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Site or on or through any of its features, register on the Site, make any purchases on or through the Site, use any of the interactive or public comment features of this Site, or provide any information about yourself to us, including your name, address, telephone number, e-mail address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under the age of 13, please contact us at firstname.lastname@example.org.
We collect personal information about you through the Sites to communicate with you, to the extent permitted by applicable law, about our solutions, products, services, promotions, company, and other products or services we think may be of interest to you. In the absence of your express prior consent, we will only send you marketing emails to advertise for our own products or services that are similar to those you purchased from us. You can object (opt-out) to the receipt of such marketing emails at any time, without any costs arising (other than transmission costs), by following the unsubscribe link found at the bottom of each marketing email or by contacting us as described in the section entitled, “Contact Us”, below. In addition, if you submit your resume, we will contact you about potential employment opportunities. We may share your personal information with third parties that provide services on our behalf or with whom we have partnered to offer a particular product or service as described in the section entitled “How we share information with third parties” below.
We use technical information which does not identify individual users, to improve user experience and overall quality of our Sites, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. For example, each visitor to the Site is identified by an IP address during their visit and IP addresses are automatically captured by Site management software. Cigital uses this information to help improve the operation of the Site and may at some time use this information to help adjust the content of the Site to the general geographic location of the visitor and for reporting purposes. Because technical information does not personally identify you, we may also use and disclose technical information for any other purpose. To the extent permitted by applicable law, we may combine personal information with technical information. If we do so, we will treat all combined information as personal information as long as it is combined. The personal information we collect is deleted once it is no longer used for the purposes stated above and if no statutory retention obligations apply (in which case the data will be deleted after the applicable retention period).
We will share your personal information with third parties only in the ways that are described in this policy. We do not sell your personal information to third parties and we will not provide any of your personal information to third parties for their marketing purposes without your explicit consent. The personal and technical information you provide to the Site may be shared, to the extent permitted by applicable law and to the extent necessary, with our third party agents and service providers who help Cigital operate the Sites; help Cigital provide the services requested by you; contribute to Cigital’s own sales and marketing efforts; and help Cigital with its recruitment and staffing efforts.
We may also transfer and disclose information, including personal information, to third parties in order to comply with a legal obligation; when the law requires it, at the request of governmental authorities conducting an investigation; when we believe in good faith that disclosure is necessary to protect our rights; to investigate fraud; to respond to an emergency or properly issued court order; or otherwise to protect the rights, property, safety, or security of users of the Sites or others, in all cases only if and to the extent such transfer and disclose is permitted by applicable law.
In addition, in the event Cigital goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personal information will likely be among the assets transferred. By providing your personal information, you agree that we may transfer such information to the acquiring entity without your further consent. You will be notified via email and/or a notice posted on our Sites of any such change in ownership or control of your personal information.
The security of your personal information is important to us. Please be assured that we have adequate security measures in place to protect against the loss, misuse and alteration of any personal information we receive from you.
We operate the Sites from the United States. If you are located outside of the United States, please be aware that information we collect will be transferred to and processed in the United States. By visiting the Sites, or providing us with any information, you fully understand and unambiguously consent to this transfer, processing and storage of your information in the United States, a jurisdiction in which the privacy laws may not be as comprehensive as those in the country where you reside and/or are a citizen.
We recognize that the European Community has established a data protection regime pursuant to Directive 95/46/EC, which applies to the European Economic Area (“EEA”) and restricts companies in the EEA in transferring personal data about individuals in the EEA to the United States, unless there is “adequate protection” for such personal data when it is received in the United States. To create such “adequate protection” and to overcome the restriction on international data transfers established by the Directive, Cigital complies with the U.S.-E.U. Safe Harbor framework and the U.S.-Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Cigital has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Cigital’s certification, please visit http://www.export.gov/safeharbor/.