your privacy is important to us. Accordingly, we’re providing this Privacy
Policy to explain our practices regarding the collection, use and disclosure of
personal information in respect of the individuals with whom we interact,
including those who access and use our website at [INSERT URL] (which is
composed of numerous websites and webpages operated by us) [INSERT DESCRIPTION OF SERVICES] (collectively,
as defined in the Terms.
however, that if you are using the Services on behalf of a company,
partnership, association, government or any entity or organization (“Organization”), your use of the Services may be subject to
an applicable enterprise agreement, between you and us pertaining to your or
your authorized users’ use of the Services (“Enterprise Agreement“). In this event, the terms of the
Enterprise Agreement (including as to our collection, use and disclosure of
(except as otherwise set forth in the Enterprise Agreement).
to you (the individual or Organization engaging the Services, “you”, “your”) by YellowHat Technology Inc. (“YellowHat”) and any of its subsidiaries or affiliates
(collectively, “YellowHat”, “we”, “us”, “our”), and
apply to any third-party websites, services or applications, even if they are
accessible through our Services.
personal information is collected. We may, however, modify and revise this
Policy, we’ll notify you of those changes by posting them on our website or by
sending you an email or other notification, and we’ll indicate when those
changes will become effective.
information about our personal information policies and practices. If you have
here, you should contact us by email at [INSERT
It is YellowHat’s
policy to comply with the privacy legislation within each jurisdiction in which
we operate. Sometimes the privacy legislation and / or an individual’s right to
privacy are different from one jurisdiction to another. Consequently, the
all individuals or in all jurisdictions.
contact our Privacy
Officer for more information.
TYPES OF PERSONAL INFORMATION WE COLLECT
“personal information” means information about an identifiable individual, including
name, address, email address, and other information about an individual.
submitted by you, which may include, but is not limited to: first and last
name, email address and telephone number;
which may include, but is not limited to: Internet Protocol (IP) address,
browser type, operating system, the web page that you visited before accessing
our Website, the pages or features of our Website to which you browsed and the
time spent on those pages or features, search terms, the links on our Website
that you clicked on and other statistics; and
sent by your device: device identifier, user settings, operating system, as
well as information about your use of our Website.
also collect market-related information, which may include personal
information, concerning market trends and activities impacting our business.
This information may include contract terms, financial information and other
information for the purpose of market analysis and strategic planning. We may
also collect information related to our media, investor and public relations
activities and information related to our interactions with financial and other
analysts and advisors.
As a general rule, YellowHat collects personal
information directly from you.
In addition to the above, any information we
collect or that you provide directly to us may be de-identified or aggregated
with the information of other users in order to gain an understanding of the
usage habits and preferences of our users and to assist us with the selection
and adjustment of future content and features for the Website.
From time to time, we may utilize the services
of third parties in our business and may also receive personal information
collected by those third parties in the course of the performance of their
services for us or otherwise. Where this is the case, we will take reasonable
steps to ensure that such third parties have represented to us that they have
the right to disclose your personal information to us.
Where permitted or required by applicable law
or regulatory requirements, we may collect information about you without your
knowledge or consent.
WHY WE COLLECT, USE, AND DISCLOSE PERSONAL
facilitate and process the delivery of Services by us to you;
establish, maintain and manage our relationship with you;
enforce our Terms or any other agreement between you and us;
review and improve the Services that we provide to you;
comply with your requests;
enable us to provide certain security and privacy safeguards;
deal with security, debugging and technical support issues;
protect us against error, fraud, theft and damage to our goods
and property; and
comply with applicable law or regulatory requirements.
Related to the Services
elect to register for the Services, you will be required to provide us with
your contact information. We use this information to: (a) create your account
during the registration process; (b) manage your account; and (c) to help us
efficiently provide the Services. Additionally, in order to provide you with
the Services, we will access and store information and data from your accounts.
To the extent you add authorized users to your account (“Authorized Users“), we may collect
information that you provide to us regarding those Authorized Users.
servers may automatically record your log data. We use this information to
administer the Services and we analyze (and may engage third parties to
analyze) this information to improve and enhance the Services by expanding
their features and functionality and tailoring them to your needs and preferences.
use your personal information to contact you in connection with your use of the
Services. We may use also use your personal information to tailor our Services
to your interests and to track your compliance with our policies and terms.
Questions and Comments
also provide us with feedback or a comment, question or complaint. We use this
information to respond to you and may retain this information to assist you in
the future. We also may use your feedback, comments, questions or complaints to
monitor and improve our Services.
Polls and Customer Research
time to time, we may offer you the opportunity to participate in one of our
surveys, polls or other customer research. The information obtained through our
surveys and customer research is used in an aggregated form. We use this
information to help us understand activities engaged through our Services and/or
to enhance our Services offerings, promotions and events.
time to time, we may also use your personal information to send you email or
other communications that may be of interest to you and to tailor
communications to your interests. You may opt out of any communications, other
than communications necessary as part of any Services you use, by using the
“Unsubscribe” mechanism or otherwise contacting us as set out in the
“How to Contact Us” section below.
Collected Using Cookies and other Web Technologies
Services uses automated data collection tools such as Cookies to collect certain
information. “Cookies” are small text files that are placed on your hard drive
by a web server when you access our Services. We may use both session Cookies
and persistent Cookies to identify that you’ve logged in to the Services and to
monitor aggregate usage and web traffic routing on our Services and to
customize and improve our Services. Unlike persistent Cookies, session Cookies
are deleted when you log off from the Services and close your browser. Although
most browsers automatically accept Cookies, you can change your browser options
to stop automatically accepting Cookies or to prompt you before accepting
Cookies. Please note, however, that if you don’t accept Cookies, you may not be
able to access all portions or features of the Services. Some third-party
services providers that we engage (including third-party advertisers) may also
place their own Cookies on your hard drive. YellowHat does not control these
third party Cookies and shall bear no responsibility or liability for them, and
may also use a technology provided by third parties called “tracer tags” or
“Web beacons” which are tiny graphic files embedded in a website or email that
send information from your browser back to the Web beacon’s originating server.
This technology allows us to understand which pages you visit on our website
and the sites you visit before and after ours and is used to help us optimize
and tailor our website for your visits to our website. YellowHat does not
control these third party “tracer tags” or “Web beacons” and shall bear no
responsibility or liability for them, and they are also not subject to this
DISCLOSURE OF PERSONAL INFORMATION
For the purposes described
employees, contractors, consultants and other parties who require such
information to assist us with managing our relationship with you. We may engage
third party service providers to work with us to administer and provide the
Services. These third-party services providers have access to your personal
information only for the purpose of performing services on our behalf. For
additional information about the manner in which our third party service
providers treat your personal information, contact us by email at [INSERT EMAIL]. YellowHat
uses contractual or other means to provide a level of protection comparable to
third party on YellowHat’s behalf.
Shared with Third Parties
share aggregated information and non-identifying information with third parties
for industry research and analysis, demographic profiling and other similar
may contain links to other sites that we do not own or operate. The Services
also integrate with third party applications and tools (“Third Party Applications”). We do not have any control over the
linked websites and the Third Party Applications, and therefore we have no
responsibility or liability for the manner in which the organizations that
operate the linked websites and the Third Party Applications may collect, use,
disclose, secure and otherwise treat any personal information you provide to
them. The linked websites and the Third Party Applications have separate and
you read carefully.
Disclosed in Connection with Business Transactions
transfer any information we have about you as an asset in connection with a
merger or sale (including transfers made as part of insolvency or bankruptcy
proceedings) involving all or part of YellowHat or as part of a corporate
reorganization or stock sale or other change in corporate control.
Disclosed for Our Protection and the Protection of Others
our service providers may provide your personal information in response to a
search warrant or other legally valid enquiry or order, or to an investigative
body in the case of a breach of an agreement or contravention of law, or as
otherwise required or permitted by applicable Canadian, United States or other
law. We may also disclose personal information where necessary for the
establishment, exercise or defense of legal claims or to prevent actual or
suspected loss or harm to persons or property.
our third party service providers may engage in certain information, technology,
data, and processing in the United States so that we may operate our business,
provide you with our Services and otherwise for the purposes described in this
result, your personal information may be processed by us and/or our service
providers in the United States, where it may be subject to laws regarding the
disclosure of personal information to government authorities in the United
addition to the above, we may disclose your personal information with your
consent for specific purposes that we advise you at or before the time we
collect such personal information.
HOW WE SAFEGUARD PERSONAL INFORMATION
endeavors to maintain physical, technical and procedural safeguards that are
appropriate to the sensitivity of the personal information in question. These
safeguards are designed to protect your personal information from loss and
unauthorized access, copying, use, modification or disclosure.
security of your personal information is important to us. Please immediately
advise us at [INSERT EMAIL] of any
incident involving the loss of or unauthorized access to or disclosure of
personal information that is in our custody or control.
makes good faith efforts to safeguard your personal information and to secure
your data during use of the Services, no transmission of data over the
Internet, wireless network, or any other public network can be guaranteed to be
In addition, if you are visiting, using or interacting with our Services from a
country other than the United States and Canada, your personal information may
be transferred to, and maintained on, computers located outside of your country
or other governmental jurisdiction where the privacy laws may not be as
protective as those in your jurisdiction . YellowHat
cannot ensure or warrant the security of any information that you transmit to
us and we do not take any responsibility for any breach that may occur.
RETENTION OF PERSONAL INFORMATION
retain personal information of users for no longer than necessary for the
purposes stated above or to otherwise meet legal requirements.
YOUR CONSENT IS IMPORTANT TO US
the Services, we assume that you consent to the collection, use and disclosure
addition, you may change or withdraw your consent at any time, subject to legal
or contractual restrictions and reasonable notice, by contacting us at [INSERT EMAIL]. In some circumstances, a
change in or withdrawal of consent may severely limit or even prevent our
ability to provide our Services to you. All communications with respect to such
withdrawal or variation of consent should be in writing and addressed to [INSERT EMAIL].
UPDATING YOUR PERSONAL INFORMATION
the right to access, update, and correct inaccuracies in your personal
information in our custody and control, subject to limited exceptions
prescribed by applicable laws. You may do so directly by updating your account
or by emailing us at [INSERT EMAIL].
requesting access to your personal information, please note that we may request
specific information from you to enable us to confirm your identity and right
to access, as well as to search for and provide you with the personal
information that we hold about you. In the event that we cannot provide you
with access to your personal information, we will endeavor to inform you of the
reasons why, subject to any legal or regulatory restrictions.
circumstances, we may not agree with your request to change your personal
information and will instead append an alternative text to the record in
right to access the personal information that we hold about you is not absolute.
There are instances where applicable law or regulatory requirements allow or
require us to refuse to provide some or all of the personal information that we
hold about you. In addition, the personal information may have been destroyed,
erased or made anonymous in accordance with our record retention obligations
the manner in which we or our service providers treat your personal
information, please contact us at:
[INSERT MAILING ADDRESS]
ATTN: PRIVACY OFFICER
examples but is not intended to be restricted in its application to such
examples, therefore where the word ‘including’ is used, it shall mean
‘including without limitation’.
impose upon YellowHat any rights or obligations outside of, or in addition to,
any rights or obligations imposed by applicable laws. Should there be, in a
effect to, and comply with, such laws.
As noted in the draft Terms of Service, please advise if YellowHat may enter into an overarching b2b enterprise
that such an overarching agreement might exist and which might take precedence
Officer” can be replaced with the title of the individual who is
overseeing the administration of this policy.
Please confirm the scope of information that will be collected from the YellowHat
website. We have included some baseline information that is typically collected
(e.g. information submitted by a user, or information that may be automatically
collected on the backend such as log data and device data).
We have included various reasons why collection might occur—please review and
let us know if adjustments are needed.
We have included various typical uses for which collected information is
put—please review and let us know if adjustments are required (some of these
may not be relevant if they are not intended to be in scope for the Services,
e.g. the account creation process; cookies, etc.).
We have inserted various reasons for which information may be disclosed. Please
review and let us know if adjustments are needed.
If personal information will be transferred outside of Canada (e.g. via a third
party processor), please provide the list of countries to which such
information will be transferred. We have included placeholder language for
US-based transfers in the meantime.