Product Security Hub Logo

Legal

Privacy Policy

Last updated: July 19, 2023

Our Privacy Policy was last updated on July 19, 2023.

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal Data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Account means a unique account created for You to access our Service or parts of our Service.
  • Business, for the purpose of the CCPA, refers to the Company as the legal entity that collects Consumers’ personal information and determines the purposes and means of the processing of Consumers’ personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of consumers’ personal information, that does business in the State of California.
  • CalOPPA means the California Online Privacy Protection Act of 2003.
  • CCPA means the California Consumer Privacy Act of 2018, amending Part 4 of Division 3 of the California Civil Code.
  • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Product Security Hub LLC. For the purpose of the GDPR, the Company is the Data Controller.
  • Country refers to United States of America (USA).
  • Consumer, for the purpose of the CCPA, means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA who is outside the USA for a temporary or transitory purpose.
  • Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
  • Data Controller, for the purposes of the GDPR, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
  • Device means any device that can access the Service such as a computer, a cell phone or a digital tablet.
  • Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.
  • GDPR means the European Union’s General Data Protection Regulation (2016/679).
  • Personal Data is any information that relates to an identified or identifiable individual. For the purposes of GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity. For the purposes of the CCPA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with You.
  • Website refers to Product Security Hub, accessible from https://www.productsecurityhub.com and https://app.productsecurityhub.com.
  • You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable. Under GDPR, You can be referred to as the Data Subject or as the User as you are the individual using the Service.

Collecting and Using Your Personal Data

Types of Data Collected — Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, ZIP/Postal code, City
  • Usage Data
  • Purchasing Details

Usage Data

Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:

  • Cookies — small files placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. If You do not accept Cookies, You may not be able to use some parts of our Service.
  • Web Beacons — small electronic files used to count users who have visited pages or opened an email and for related website statistics.

Cookies can be “Persistent” or “Session” Cookies. We use both for purposes such as essential site functionality, remembering cookie preferences, personalization, and tracking and performance analytics.

How do we collect your data?

You directly provide Our Company with most of the data we collect. We collect data and process data when you:

  • Register online or place an order for any of our products or services.
  • Voluntarily enter information in any service in the platform, complete a customer survey or provide feedback.
  • Use or view our website via your browser’s cookies.

We may also receive your data indirectly from sources such as email, phone calls, cloud sharing platforms, or from Service Providers we employ to support our Service.

Use of Your Personal Data

The Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage Your Account and provide access to functionality for registered users.
  • For the performance of a contract related to products or services You purchase.
  • To contact You by email, telephone, SMS, or other equivalent forms of electronic communication regarding updates or information related to the Service.
  • To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about.
  • To manage Your requests and provide customer support.
  • For business transfers such as mergers, acquisitions or asset sales.
  • For analytics, identifying usage trends, determining effectiveness of campaigns and improving our Service.

Disclosure and Sharing

We may share Your personal information in the following situations:

  • With Service Providers (e.g., analytics, hosting, email, payment processors).
  • For business transfers such as a merger, sale, or acquisition.
  • With Affiliates and business partners (including Apraciti, LLC and the Medical Device Innovation Consortium).
  • With other users when You choose to share information publicly.
  • With Your consent or when required by law.

Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy, to comply with legal obligations, resolve disputes, and enforce our agreements. Usage Data is generally retained for a shorter period, except when used to strengthen security or meet legal requirements.

Transfer of Your Personal Data

Your information may be processed in locations outside Your state or country. By using the Service and submitting information, You consent to such transfers. We take reasonable steps to ensure Your data is treated securely and in accordance with this Privacy Policy.

Disclosure of Your Personal Data

We may disclose Personal Data in connection with business transactions, to comply with legal obligations, or to protect rights and safety as described below.

  • Business Transactions: In a merger, acquisition or asset sale, Personal Data may be transferred.
  • Law enforcement: When required by law or valid public authorities’ requests.
  • Other legal requirements: When necessary to comply with court orders or to protect rights, property or safety.

Security of Your Personal Data

We implement commercially reasonable measures to protect Your Personal Data, but no method of internet transmission or electronic storage is 100% secure. We cannot guarantee absolute security.

Detailed Information on the Processing

Our Service Providers may have access to Your Personal Data to perform services on our behalf. We require vendors to process data in accordance with this Privacy Policy and applicable law.

Analytics and Marketing

We may use third-party providers for analytics and marketing. You may opt-out of marketing emails using the unsubscribe link in our messages or by contacting privacy@productsecurityhub.com.

Payments

We may use third-party payment processors for transactions. We do not store payment card details; such information is handled directly by the payment processors and governed by their privacy policies and PCI-DSS standards.

GDPR — Your Rights

Legal basis for processing under GDPR may include consent, contract performance, legal obligations, vital interests, public interest, or legitimate interests. You have rights including access, correction, erasure, restriction, portability, objection, and withdrawal of consent where applicable. To exercise these rights contact us using the details below. You may also lodge a complaint with a supervisory authority.

CCPA — California Residents

This section supplements the Privacy Policy for California residents. We describe categories of personal information collected, purposes, sharing and the rights available under the CCPA, including the right to request access, deletion, opt out of sale, and non-discrimination.

Categories of Personal Information Collected

We may have collected the following categories of personal information in the last 12 months:

  • Category A: Identifiers (e.g., name, email, IP address) — Collected
  • Category B: Personal information in California Customer Records statute — Collected
  • Category D: Commercial information — Collected
  • Category F: Internet or similar network activity — Collected

We do not sell Personal Information. If you believe otherwise or wish to opt out of future sales, contact privacy@productsecurityhub.com.

Exercising Your CCPA Rights

California residents may submit verifiable requests to access, delete, or opt out. Requests must provide sufficient information to reasonably verify identity and describe the request. We will respond within the timeframes required by law.

Do Not Track and CalOPPA

Our Service does not respond to Do Not Track signals. Some third-party websites may track your browsing; adjust your browser settings to manage tracking preferences.

Children's Privacy

Our Service does not address anyone under the age of 13 and we do not knowingly collect Personal Data from children under 13. If you believe a child under 13 has provided us with Personal Data, please contact us and we will delete the information.

Links to Other Websites

Our Service may contain links to third-party websites. We are not responsible for their content or privacy practices and encourage you to review their privacy policies.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify You by posting the new Privacy Policy on this page and, where appropriate, via email or a prominent notice before changes take effect. Please review periodically.

Contact Us

If you have questions about this Privacy Policy, contact us at: