^Privacy Policy

Information we collect

We collect information from you when you register on our site or fill out a form. Any data we request that is not required will be specified as voluntary or optional. When registering on our site, as appropriate, you may be asked to enter your name, e-mail address, mailing address or credit card information. You may, however, visit our site anonymously.

‍

The information we may collect includes, without limitation:

1. Service Interaction Data: IP address, details about your browser, pages that you visited before and during your visit, clicks and other information about how you use the service.
2. Service Inquiries or Demo Requests: We may collect Personal Data that you provide when you inquire about our Services or request a demo. This information may include your business information including your first name, last name, email, phone number, company, company size, industry type, and any other information you provide, including your interests in relation to our Services or applicable business information. We use this information to communicate with you about your inquiry or interests, provide a demo or agree to a proof of concept trial period, or schedule an information call to discuss our Services in more detail.
3. Registration information: We collect business information that you provide when you register to use our Services. This information may include your email, and password. We use this information to administer your account, provide you with the relevant Services and information, communicate with you regarding your account, the Services, and for customer support purposes.
4. Payment information: If you sign up for our Services, we may collect the information provided in connection with your payments for such Services. Please note that we also use third party payment processors to process payments you make to us. As such, we do not retain any personally identifiable financial information such as credit card numbers when payments are made through such third parties. Rather, all such information is provided directly by you to that third-party processor. The payment processor’s use of your Personal Data is governed by their privacy policy.
5. Cloud Office Productivity Data: Metadata, user generated content, permissions, actions (e.g., internal and external file sharing) and access settings across user cloud productivity applications that contain Personal Data.

How we use your information

The Personal Data we collect from you may be used as follows:

• We provide the Services to protect your cloud productivity applications. We process Personal Data as necessary to perform these activities. In addition to storing and retrieving data, we carry out necessary processing to generate reports of your productivity application activity and help you make informed security decisions.
• Take action on your behalf to maintain desired security properties of your cloud environment and your data.
• To personalize your experience (your information helps us to better respond to your individual needs).
• To improve our Services (we continually strive to improve our Services based on the information and feedback we receive from you and external reports).
• To improve customer service (your information helps us to more effectively respond to your customer service and support needs).

Cookies

We use cookies to provide our Service to you. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service provider systems to recognize your browser and capture and remember certain information. If you turn off cookies, you may still access the material.security site and learn about the product, but registering and enabling our Service requires cookies in order to connect with your account.

Our role as exclusive data processor

Our enterprise customers may choose to use our Services to process their organization's cloud productivity applications, which may contain your Personal Data. The data that we process through our Service is processed by us on behalf of our customers, and our privacy practices will be governed by the agreements that we have in place with our customers, not this Privacy Policy.

If you have any questions or concerns about how such data is handled or would like to exercise your rights, you should contact the person or entity (i.e., the data controller) who has contracted with us to process this data. Our customers control the processing of Personal Data in these cases and determine the security settings within the Service, its access controls and credentials. We will, however, provide assistance to our customers to address any concerns you may have, in accordance with the terms of our agreement with them.

Disclosing your information to third parties

We do not sell, trade, or otherwise transfer your Personal Data except in accordance with this Privacy Policy. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is required to comply with applicable law, enforce our site policies, or protect our or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses as long as it adheres to applicable data use policies (e.g., Google API Services User Data Policy).

We use sub-processors to provide us with some services that are necessary to provide the features of our website. Those subprocessors and the services they provide are listed at https://material.security/subprocessors.

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by applicable law and contract.

Limited use of your cloud email data

We adhere to all restrictions and limitations defined by your cloud environment and productivity service provider. For example, Material Security's use and transfer to any other app of information received from Google Restricted scopes APIs will adhere to Google’s Google API Services User Data Policy including its Limited Use requirements.

Datacenter location

We locate our data centers in the United States and by utilizing our Services, you expressly instruct us to process Personal Data within the United States and consent to its processing in accordance with this Privacy Policy.

Your choices

You have certain choices about your Personal Data. Where you have consented to the processing of your Personal Data, you may withdraw that consent at any time and prevent further processing by contacting us.

If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you may continue to receive transaction-related emails regarding the services you have requested. We may also send you certain non-promotional communications regarding us and our Service, and you will not be able to opt out of those communications (e.g., communications regarding the Service or updates to our Service or this Privacy Policy).

Your data privacy rights

In accordance with applicable law, you may have the right to:

• Access Personal Data we hold about you consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic Personal Data transferred to another party.
• Request correction of your Personal Data where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your Personal Data or we may refer you to the controller of your Personal Data who is able to make the correction.
• Request deletion of your Personal Data, subject to certain exceptions prescribed by applicable law.
• Request restriction of or object to processing of your Personal Data, including the right to opt in or opt out of the sale of your Personal Data to third parties, if applicable, where such requests are permitted by law.

If you would like to exercise any of these rights please contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.

Data Deletion

We store the Personal Data we receive as described in this Privacy Policy for as long as you use our Service or as necessary to fulfill the purpose(s) for which it was collected, provide our service, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

Once you cancel or terminate your use of our Service, the Personal Data will be deleted within 30 days of the termination date, with the exception of data that is required to establish proof of a right or a contract, which will be stored for the duration provided by applicable law.

Once deleted, your Personal Data cannot be restored.

You may also request transfer of ownership of your Personal Data upon termination by contacting us.

Information Security

We take steps to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy. We may manually handle your Personal Data if it is necessary to provide you with support for our Service, respond to security issues affecting your Personal Data, aggregate and anonymize data for internal use only or comply with applicable laws. In all other situations, we will request express consent from you before handling your Personal Data.

CalOPPA Compliance

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not transfer your Personal Data to outside parties without your consent.

Children's Information

Our Service is not directed to children under 17 (or other age as required by applicable local law), and we do not knowingly collect Personal Data from children. If you learn that your child has provided us with Personal Data without your consent, you may contact us as set forth below. If we learn that we have collected any Personal Data in violation of applicable law, we will promptly take steps to delete such data and terminate the child’s account.

Supervisory Authority

If you are located in the European Economic Area or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your Personal Data violates applicable law.

Changes to our Privacy Policy

If we decide to change our Privacy Policy, we will post those changes on this page, send an email notifying you of any changes, and/or update the Privacy Policy modification date below. Policy changes will apply only to information collected after the date of the change.

Online Privacy Policy only

This online Privacy Policy applies only to Personal Data collected through our website and not to Personal Data collected offline.

Your consent

By using our Service, you consent to our Privacy Policy. If you do not consent to the collection and processing of the information required to be processed, we are unable to provide you with our Service, and you should not use our site.

Contact us

If you have any questions about our privacy practices or this Privacy Policy, or if you wish to submit a request to exercise your rights as detailed in this Privacy Policy, please contact us at:

Material Security, Inc.

1003 Main St

Redwood City, CA 94063

info@material.security