logo
Log in
Book a Demo

Privacy Policy

This privacy policy (“PP”) explains how Orion Cyber Security Inc. (“Company”) collect, process and share personal data of you (“Users”) in connection with Company website available at https://orionsec.io/ and any other websites, Company events or webinars and Company landing pages, which link to this PP (collectively, “Site”). This PP is an integral part of any terms of use of the Site which are available at https://orionsec.io/terms-of-use/ (“TOU” together with the PP, the “Terms”). For the purpose of this PP “Personal Data” shall mean personal data or personal information pursuant to the applicable data protection law. 

1. Applicability

1.1. User is not under any legal obligation to submit personal data to Company. However, if User chooses not to do so, certain Services (as defined in the TOU) might not be available to User.

1.2. By attempting to use or access, or by using or accessing the Site, User agrees to be bound by the Terms. If User does not agree with the Terms, User must not access and/or use the Site.

1.3. Company may change this PP from time to time. Any amended PP will come into effect when posted on the Site. Company will seek User’s prior consent to any material changes, if and where this is required by applicable data protection law.

1.4. Capitalized terms not defined herein shall have the meaning assigned to them in the TOU.

2. Personal Data Collected by Company

2.1. Information provided by User. Company collects any information User provides Company with, including but not limited to:

2.1.1. Contact Information. This information may include full name, work email address, business address, position and title, which is collected for example when User submits a Request a Demo form or an application form on the Site or registers for one of the Company’s events or subscribes to Company’s newsletter. 

2.1.2. Other Communications & Interactions. Any communication or interaction between User and the Company, e.g., emails, phone conversations, chat sessions, surveys User’s inquiries, including interactions through the Site, social media channels, feedback, and analyses thereof, including in connection with Company’s business initiatives, such as events and webinars. 

The above-mentioned information is collected for the purpose of providing Users with information and for Company’s marketing activities, on the legal basis of our legitimate interest and, where applicable, User’s consent.

2.2. Information collected automatically. Company automatically collects, directly or indirectly (e.g., through third parties’ cookies and advertisement platforms), data when User visits, interacts with, or uses the Site, including but not limited to:

2.2.1. Online Identifiers. Identifiers and information contained in cookies, as further detailed under Section ‎4 and in the ‘Cookies Settings’ tool available on the footer of the Site, including: 

  1. User’s settings preferences, backup information; 
  2. Content User viewed or searched for, page response times, and page interaction information (such as scrolling, clicks, mouse-overs and any other information that relates to User’s activity through the Site);
  3. Network and connection information, such as the Internet protocol (IP) address and information about User’s Internet service provider; 
  4. Device information, such as browser type and version, operating system, or time zone setting; location of the device, encounters with other devices using the Site;

The above-mentioned information is collected for the purpose of operation and improvement of the Site, analytics and advertising purposes, on the legal basis of Company’s legitimate interest and, where applicable, User’s consent (e.g., when third party cookies are used).

2.3 Information collected from Third Parties. The Company collects or receives information about User from other sources, including third parties, or publicly available information, for example, from an organizer of events or webinars which User has participated in, that the Company sponsors, for the purpose of business development and networking including identifying potential business opportunities. Such data is collected on the legal basis of Company’s legitimate interest or, where applicable, User’s consent (e.g., when we send newsletters or targeted communications).

3. Cookies and Tracking Technologies

3.1. Company may use tracking mechanisms such as cookies on the Site so that Company may: (i) facilitate, analyze, personalize and customize the User’s experience of the Site; and (ii) track User’s use of the Site. 

3.2. A cookie is a small text file that is stored on User’s computer for record-keeping purposes which contains information about that User. Most browsers automatically accept cookies, but User may be able to modify its browser settings to decline cookies. Please note that if User declines or deletes these cookies, some parts of the Site may not work properly. Users may find more information about cookies the Company uses as well as options to opt-out of cookies or to change User’s cookie preferences at any time by using the ‘Cookies Setting’ tool available on the footer of the Site. 

3.3. Without derogating from the generality of the foregoing, the Company uses the following tools within its Site for functional, performance, analytics and  marketing purposes, in order to learn via the information collected   more about Users’  interaction with our Site as well as for purposes detailed below:

3.3.1. Google Analytics: we use Google Analytics to collect information about your use of the Site. Google Analytics uses cookies to collect information about Users’ visit of the Site, such as how often you visit the Site, which pages you visit, which other sites was used prior to coming to our Site, your IP address, the time spent on the Site, and your interactions with our content. The data collected is anonymous and is used to improve the functionality of our website. To learn more about how Google Analytics collects and processes data, please read Google Analytics privacy policy here: https://policies.google.com/privacy. Further information about Users’ option to opt-out of Google’s analytics services can be found here: https://tools.google.com/dlpage/gaoptout.

For a complete description of our use of cookies and similar technologies, please see our cookie Settings.

4. Third-Parties Services

4.1. This PP does not apply any products, services, websites, links or any other content that are offered by third parties on the Site (e.g., pop-up additions). User is advised to check the applicable third-party policies. Company has no control over such third parties’ privacy practices, or the technology used by such third parties. Each User is advised to thoroughly review such third parties’ privacy policies before making any use of such third party’s products and services.

4.2. By clicking on a link to a third-party website or service on the Site, a third party may transmit cookies to User. This PP does not cover the use of cookies by any third parties, and Company is not responsible for such third parties’ privacy policies and practices.

4.3. Without derogating from the generality of the above, when clicking on certain social media links provided on the Site (e.g., Twitter, Facebook, LinkedIn, Instagram) User will be transferred to Company’s sites on such social media (“Social Media Sites”). It shall hereby be clarified that such Social Media Sites are governed by the terms of use and privacy policy of the respective social media and not by the Company.

5. Company’s Use of Personal Data

5.1. Company processes User’s personal data to operate, provide, and improve the Site, including but not limited to: 

  1. operating, improving, maintaining, administrating and providing the Site;
  2. contacting User and communicating with User with respect to the Site and/or Company’s services; 
  3. identifying User’s interests and recommending offers that might be of interest to User; 
  4. marketing and promoting Company’s services;
  5. providing assistance, notification and support; 
  6. fulfilling User requests; meeting contractual or legal obligations; 
  7. protecting Users security, e.g. preventing and detecting fraud;
  8. protecting the rights or property of the Company;
  9. complying with applicable laws and regulatory requirements, or as requested by government or regulatory authorities;
  10. use of aggregated, non-personal non-identifiable information about Users interaction with the Site, without limitation and for any purpose;
  11. internal purposes, e.g. trouble shooting, data analysis, testing and statistical purposes. 

5.2. Except as provided herein, Company does not use any personal data obtained hereunder, without obtaining User’s prior consent. 

6. Sharing Personal Data of User

6.1. Company may be required to retain or disclose personal data in the following cases to:

  1. provide User’s with the Services;
  2. comply with applicable laws or regulations;
  3. comply with a court order, subpoena or other legal process;
  4. respond to a lawful request by a government authority, law enforcement agency or similar government body; 
  5. engage with third-party service providers and/or sub-contractors (such as data storage providers, IT providers, data and cyber security services, fraud detection, web analytics, advertising and marketing service providers etc.) which provide services for Company’s business operations, a list of which can be received upon request;
  6. disclose and/or transfer data to affiliated companies of the Company or to another entity if Company is acquired by or merged with another entity, if Company sells or transfer a business unit or assets to another entity, as part of a bankruptcy proceeding, or as part of any other similar business transfer;
  7. Company believes release is appropriate to comply with the law, enforce or apply Company’s terms and other agreements, or protect the rights, property, or security of Company, Users, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.

6.2. When Company shares User’s data with third parties as specified above, Company makes reasonable efforts to require such recipients to agree to only use the personal data Company shares with them in accordance with this PP and Company’s contractual specifications and for no other purpose than those determined by Company in line with this PP.

7. Direct Maerketing and Advertisement

7.1. Company may provide Users with direct marketing, as such term is defined in the Israeli Privacy Protection Law, 1981.

7.2. Company may also send Users advertisements, as such term is defined in the Israeli Media Law (Bezeq and Broadcasting), 1982.

7.3. User can opt out of receiving these direct marketing and/or advertisements from Company at any time by unsubscribing, using the unsubscribe link within each of the above communications, or by emailing the Company at: privacy@orionsec.io to have User’s contact information removed from Company’s email list.

8. Security

Company has taken appropriate technical and organizational measures to protect the information Company collects about User from loss, misuse, unauthorized access, disclosure, alteration, destruction, and any other form of unauthorized processing. User should be aware, however, that no data protection and security measures can guarantee 100% protection and security of any data stored either with Company or with any third parties.

9. Users in the European Economic Area (EEA)

9.1. Definition. “Personal Data” means data that may be used, either alone or together with other information, to identify an individual user, including, without limitation, a user’s name, address, telephone number, username, email address, city and country, geolocation, unique identifiers, picture, or other similar information and includes personal data as defined in the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”). 

9.2. Legal Basis for Processing of Personal Data

Company will only process User’s Personal Data if it has one or more of the following legal bases for doing so:

9.2.1. Contractual Necessity: processing of Personal Data is necessary to enter into a contract with User, to perform Company’s contractual obligations to User under the TOU, to respond to requests from User, or to provide User with customer support;

9.2.2. Legitimate Interest: Company has a legitimate interest to process User’s Personal Data;

9.2.3. Legal Obligation: processing of User’s Personal Data is necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or

9.2.4. Consent: processing of User’s Personal Data with User’s consent.

9.3. User’s Rights regarding Personal Data

9.3.1. Subject to applicable law, User has certain rights with respect to User’s Personal Data, including the following:

  1. User may ask whether Company holds Personal Data about User and request copies of such Personal Data and information about how it is processed;
  2. User may request that inaccurate Personal Data is corrected;
  3. User may request the deletion of certain Personal Data (as long as the Company does not have a legitimate reason for retaining the data);
  4. User may request Company to cease restrict the processing of Personal Data where the processing is inappropriate;
  5. User may request Company to exercise User’s right of data portability;
  6. User may contact a supervisory authority in User’s jurisdiction and file a complaint.
  7. When User consents to processing User’s Personal Data for a specified purpose by Company, User may withdraw User’s consent at any time, and Company will stop any further processing of User’s data for that purpose (to the extent applicable).

9.3.2. In certain circumstances, Company may not be able to fully comply with User’s request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, however, in those circumstances, Company will still respond to notify User of such a decision

9.3.3. User can exercise User’s rights of access, rectification, erasure, restriction, objection, and data portability by contacting Company at the email address set forth below. In some cases, Company may need User to provide Company with additional information, which may include Personal Data, if necessary to verify User’s identity and the nature of User’s request.

9.4. Transfer of User’s Personal Data outside of the EEA

9.4.1. The data that Company processes in relation to Users may be transferred to and stored at a destination outside the European Economic Area (“EEA“), e.g., Israel and the USA, that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who works for us or for one of our service providers: (i) in order to store it; (ii) where we are legally required to do so; (iii) in order to facilitate the operation of our businesses, where it is in our legitimate interests and we have concluded these are not overridden by User’s rights.

9.4.2. Where Personal Data is transferred by Company or Company’s affiliates in relation to providing the services Company will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, which may include by entering into European Commission approved standard contractual clauses relevant to transfers of Personal Data and that it is treated securely and in accordance with this PP.

10. International Storage

Each User is advised to be aware that personal data Company collects may be transferred to, processed and stored outside User’s jurisdiction, and that data protection laws in the jurisdiction where the information is collected stored and/or processed may differ from User’s jurisdiction including in Israel, the EU, and the US, as reasonably necessary for the proper performance and delivery of the Company services, or as may be required by law. Each User hereby gives User’s consent to this transfer, processing and storage of User’s information outside User’s jurisdiction.

11. Retention

Company will retain users Personal Data for a period of time consistent with the original purpose of collection (see Section ‎3, “Company’s Use of Personal Data”). Company determines the appropriate retention period for Personal Data on the basis of the amount, nature and sensitivity of Users’ Personal Data processed, the potential risk of harm from unauthorized use or disclosure of Users’ Personal Data, and whether Company can achieve the purposes of the processing through other means, as well as on the basis of applicable data protection law requirements (such as applicable minimum statutory retention requirements). After the expiration of the applicable retention periods, Company will delete Company Personal Data. If there is any data that Company are unable, for technical reasons, to delete entirely from Company’s systems, Company will put in place appropriate measures to prevent any further use of such Personal Data.

12. Children’s Privacy

Company does not knowingly collect or solicit any information from anyone under the age of 18. The Site is not directed at children under the age of 18. In the event that Company learns that it has collected personal data from a child under the age of 18 without consent from a parent or a guardian, Company will delete that personal data as quickly as possible. If User believes that Company might have any information from or about a child under 18, User should contact Company at the email address set forth below.

13. Questions Regarding User’s Personal Data? 

If User has any questions about this PP, including in connection with Users rights related to their personal data, or Company’s privacy and/or data protection practices in general, please contact us at privacy@orionsec.io.

5 minutes deployment, 30 minutes to full coverage. But first, a demo.

Book a call