We at Morphisec Information Security 2014 Ltd. (“Morphisec”) respect your privacy. This Privacy Policy explains the privacy practices used when you use and interact with our website: https://www.morphisec.com (the “Website”). We wrote this policy to help you understand what information we collect, how we use it, and what choices you have about it. It also describes the rights and options available to you concerning your information.

If you are a Morphisec subscriber, or just visiting our website, this policy applies to you. If you are a Morphisec customer, the data processing addendum applicable to our engagement applies.

If you are an employee, consultant, end-user, or otherwise engaged with one of our customers, and in such circumstances, we process your personal data on behalf of our customer, we function as a processor of such data as instructed by the data processing addendum between us and the customer. Please refer to the relevant customer for its privacy policy and any privacy related inquiries.

If you provide us with personal data about other people, or if others give us your information, we will only use it for the specific reason for which it was provided to us. By submitting the information, you confirm that you have the right to authorize us to process it on your behalf in accordance with this Privacy Policy.

We collect and process the personal information you provide us freely and knowingly. 

You are not legally required to provide such data to us.

Support inquiry. To log in to our support portal, we will ask you to provide your email address and password.

Become a partner, request a Free Trial or Demo or schedule a Meeting. If you want to become a partner of Morphisec or request a free trial or demo or schedule a meeting with us, you can notify us through our Website. We will ask you to provide information such as your name, company name, job title, business email, phone number, country, and the text of your message. 

Newsletters and offers. If you wish to sign up to receive our newsletter with information about products and offers, or to receive offers from us when certain products become available, we will ask you to provide your email address.

Job application. If you wish to apply for a job at Morphisec we will ask you to provide information such as your name, email address, phone number, and your resume. At your choice, you may provide us with your LinkedIn URL, personal website URL, a cover letter about yourself, and any other personal notes.

Contract data. We collect data in relation to the conclusion or performance of a contract, for example, information about the contracts and the services provided or to be provided, as well as data from the period leading up to the conclusion of a contract, information required or used for performing a contract, and information about feedback (for example complaints, feedback about satisfaction, etc.). We generally collect this data from you, from contractual partners, and from third parties involved in the performance of the contract, but also from third-party sources (for example credit information providers) and public sources.

Behavioral and preference data. Depending on our relationship with you, we try to get to know you better and tailor our products, services, and offers to you. We do so by evaluating information about your behavior in our domain, and we may also supplement this information with third-party information, including from public sources. Based on this data, we can for example determine the likelihood that you will use certain services or behave in a certain way. The data processed for this purpose is already known to us (for example where and when you use our services), or we collect it by recording your behavior.

Inquiries. You can send us your inquiries through any of our contact methods. We may ask you to provide information such as your name, email address, phone number, your company and department, the topic of your inquiry, and the text of your message. When you are in contact with us via the contact form, by e-mail, telephone, or chat, or by letter or other means of communication, we collect the data exchanged between you and us, including your contact details and the metadata of the communication.

You do not have a legal obligation to provide any of the above information to us. However, you will not be able to request a demo, schedule a meeting, apply for a job, submit inquiries, or sign up for our newsletter, without providing the requested information. If you wish to subscribe to our solutions or sign a contract with us, you must also provide us with certain data, as part of your contractual obligation under the relevant contract. However, in the case of behavioral and preference data, you generally have the option of objecting or not giving consent.

We obtain information from third parties.

We may obtain information from third parties such as Google, LinkedIn, TechTarget, HubSpot, Salesforce, and Salesloft for Website analytics, advertisement, or retargeting purposes. We may also collect information about you that is publicly available. We may combine this information with the information we collect from you directly to enhance or supplement the information we have about you. 

We may make social networks or other services available on the Website. If you connect a social network, such as Facebook, to our Website we may collect personal information from the social network in accordance with your privacy settings on that social network. These services will authenticate your identity and provide you the option to share certain personal information with us, which could include your name, email address, or other information.

Similarly, when you interact with us through a social media site or third-party service, such as when you like, follow, or share our content on Facebook, or other sites, we may receive information from the social network, including your profile information, the user ID associated with your social media account, photo, and any other information you permit the social network to share with third parties.

The data we receive is dependent on your privacy settings with the social network. You should always review and, if necessary, adjust your privacy settings on social network websites before linking or connecting them to our Website.

We also collect analytics and technical information about your use of the Website.

When you use our Website, we may collect specific information about your visit and use of the Website, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency, and duration of your activities.

Analytical information we collect includes your IP address, the general location corresponding to your IP address, time and date of access, type of browser used, language used, links clicked, and the web pages you accessed. We also collect information about how you use our Website. For example, we log when you're using and have last used our Website, and what posts and other content you view on our Website.

When using our Website, the processing of certain technical data necessary to operate the Website cannot be avoided.

How and why we use your data

Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:

To provide you with the service and deliver our solution.

We process your data for the conclusion, administration, and performance of our contractual relationship with you to deliver our services and solutions, like processing your account information to accept and fulfill your subscription, charging you for the fees, keeping you informed about the status of your subscription, and delivering the solution. We may also process your data for security and access control purposes.

To recommend you products and solutions.

We will process the information you provide us, or information we automatically collect about your preferences, or information we collect from third parties such as Facebook or LinkedIn to identify your preferences and personalize your experience with our Website and recommend additional relevant Morphisec products and solutions.

To provide you with our newsletter or marketing emails and for personalized advertising.

If you sign up to receive our newsletter, we will then process your email address to send you our periodic marketing communication. We may also do so where applicable law makes this permissible.

We process data for marketing purposes and relationship management, for example, to send you personalized advertising for products and services from us and third parties (for example from advertising partners). This may happen in the form of newsletters and other regular contacts (electronically, by e-mail, or by telephone), through other channels for which we have contact information from you, but also as part of marketing campaigns (for example events, contests, etc.). You can object to such contacts at any time or refuse or withdraw consent to be contacted for marketing purposes. With your consent, we can target our online advertising on the internet more specifically to you.

You can refuse or opt out of our newsletter or marketing emails at any time by sending an email to: marketing@morphisec.com

For reporting and business planning.

We process your information for accounting and financial record-keeping purposes. We may also process your information to adapt the Website and its content to users' preferences, to better understand the market demand in which we operate, and for reporting and business planning purposes.

To respond to your inquiry, question, or request. Subject to your consent, we will use your inquiry information for profiled marketing purposes.


If you submit an inquiry to us, we will use the information you provide in your request or question to process, handle, and contact you about the inquiry.

Subject to your explicit consent, we will use your Inquiry Information in a profiled manner to contact you occasionally, either by us or by a representative on our behalf, including by sending emails with information related to our products and services.

You may ‘opt-out’ of using your profiled Information and inquiry information for promotional communications at any time by sending an email to: marketing@morphisec.com.

To assess your suitability for a role at Morphisec.

Our purpose for processing your resume and job application request is to assess your suitability for a role you have applied for and to help us develop and improve our recruitment process.

We use analytics information to improve and enhance the Website, and for business administration.

 

We use analytics information to improve the Website and the content on the Website, our email communications, and our solutions to customers. We also use the analytics information to adapt the website and its content to users' preferences. Finally, we will use the analytics information to understand the market in which we operate and for reporting and business planning purposes.


How and when do we share your data

We share your data with our service providers to help us operate our business and Website and to fulfill subscriptions

We will share your personal information with our service providers such as HubSpot, Salesforce, SalesLoft, TechTarget and Comeet who assist us in performing certain business-related functions. These include, mailing information, maintaining databases, hosting services, recruitment, and internal service operations. These companies are authorized to use your information only as necessary to provide their specific relevant services to us and not for their purposes.

We will share your information with competent authorities or other parties if you violated the law or abused our agreement or Website.

We will share your personal information if you have violated any agreement you have with us, abused the Website, or violated any applicable law. Your information will be shared with competent authorities and with third parties such as legal counsels and advisors to handle the violation or breach.

We will share your information if we are legally required.

We will share your personal information if we are required to disclose it by a judicial, governmental, or regulatory authority.

We will share your data with a third party in the event of a change in our structure.

We will share your data to enable structural change if we reorganize our business, merge, consolidate or resolve to operate in any different framework or legal structure or entity, for example, due to a merger or acquisition.

We will share your data in case of an emergency concerning you


We will share your data if we need to act immediately to protect the personal safety of our customers or the public.


Where do we store the data

We will internationally transfer your data in accordance with applicable data protection laws.

We will internationally transfer data in accordance with applicable data protection laws. If we transfer your data for processing at locations outside your jurisdiction, we will abide by data transfer rules applicable to these situations.

When we transfer data from within Europe to other jurisdictions outside of Europe such as when we engage our service providers, it relies on either adequacy decisions as adopted by European Commission, for example, when we access from Israel, or Standard Contractual Clauses issued by the European Commission.


Automatic data collection tools

What are automatic data collection tools?

Cookies are text files that include a small amount of data we store on your computer, tablet, or smartphone when you use the internet and visit our Website. It allows us or a third party to recognize you. We use both session Cookies and Persistent cookies as described below.

Session cookies data is read by a website you visit, during the session of your visit. Session cookies expire when you close your browser. Persistent cookies data is read by a website you visit when you return to revisit it. A persistent cookie remains on your computer until it expires, or you delete your cookies. 

We may also use techniques called web beacons and web pixels for purposes similar to the use of cookies. Subject to your consent, we may allow third-party advertising companies to use cookies on our Website to optimize our advertisements and marketing and to serve ads specific to your interests on other websites. Those may use retargeting and behavioral advertising technologies to tailor those advertisements to your perceived interests.

We use the Cookie Consent add-on. Our Consent Management Platform will provide you with detailed information about the cookies we use and enable you to control the use of cookies.

We use the Cookie Consent add-on to provide you with more detailed information about the cookies we use, their origin, purpose, and expiration dates. It also enables you to control the use of marketing cookies, personalization cookies, and analytics cookies. 

You can, at any time, enable or disable individual categories of cookies. However, you cannot disable the strictly necessary cookies because the website cannot operate without them. By enabling cookies, you give your consent to collect the data for the cookie purpose.

We use cookies necessary to operate our Website, for Website statistics, for marketing purposes and to remember your Website preferences.

We use cookies for several purposes, as explained below, and may allow certain third parties to do so as well. You can review additional information about the types of cookies we use, through our Cookie notice page https://www.morphisec.com/cookie-policy. It also enables you to control the use of cookies.

Essential cookies are those that are strictly necessary for the functioning of our Website. Our Website cannot operate properly without these cookies. For example, they ensure that you can move between pages without losing information that was entered in a form. They also ensure that you stay logged in. These cookies have an expiration date of up to 12 months.

You can block or receive an alert about these cookies by setting your browser configuration. Still, some parts of our Website may not function properly without these cookies.

Personalization cookies are those that remember your choices when you use our Website and allow the Website to react by reflecting your preferences. Before we use such cookies, we ask for your consent. You can withdraw consent at any time through the cookie settings here https://www.morphisec.com/cookie-policy. These cookies have an expiration date of up to 24 months.

Analytics cookies help us to discern how you and others interact with our Website by collecting data that does not directly identify you. Before we use such cookies, we ask for your consent. You can withdraw consent at any time through the cookie settings here https://www.morphisec.com/cookie-policy. Analytics cookies also have an expiration date of up to 12 months. Details can be found on the websites of the third-party providers.

Marketing cookies help us and our advertising partners who have an interest in targeting advertising as precisely as possible, only showing it to those we wish to address. For this purpose, we, and our advertising partners – if you consent – use cookies that can record the content that has been accessed or the contracts that have been concluded. This allows us and our advertising partners to display advertisements that we think will interest you on our website, but also on other websites that display advertisements from us or our advertising partners. These cookies have an expiration period of a few days to 24 months, depending on the circumstances.

We may also integrate additional third-party offers on our website, in particular from social media providers. These offers are deactivated by default. As soon as you activate them (for example by clicking a button), these providers can determine that you are using our website. If you have an account with that social media provider, it can assign this information to you and thereby track your use of online offers. These social media providers process this data as separate controllers.

We are not responsible for the privacy practices of other third-party platforms.

Our Website may contain links to social networks such as Facebook, Instagram, WhatsApp, Twitter, and YouTube. Please be aware that we are not responsible for the privacy practices of such other platforms. We encourage you to read the privacy statements of each platform you chose to engage with.


How secure is the data we process

We implement technical and organizational measures to secure your data.

We implement safeguards to reduce the risks of damage, loss of information, and unauthorized access or use of the information we collect and maintain. However, these measures do not guarantee absolute information security. Therefore, although we take reasonable precautions and make an appropriate effort to secure your information, you cannot expect that the Website and our systems will be immune to information security risks.


How long do we store your data

We will retain your data for as long as we need it to operate the Website and interact with customers, and after that, as required for record-keeping matters.

We keep your data for the duration of our business relationship with you, interacting with you as a customer, to the extent permitted by applicable laws. We may keep your information for as long as necessary to administer our business, and our bookkeeping requirements, resolve disputes, establish, and defend legal claims, and enforce our agreements. When we no longer need your data, we will delete it from our systems and records or anonymize the data.


Your privacy choices and rights

You have certain rights to access, update or correct your information. 

If you are a resident of the EU, you have the following additional rights to erase your information, obtain a copy of your information, withdraw your consent, object to, or restrict certain data processing activities and port your data.

If you are a resident of the EU, you have the following additional rights to erase your information, obtain a copy of your information, withdraw your consent, object to, or restrict certain data processing activities and port your data.

We provide you with the ability to:

Access the data that we process and have about you and receive a copy of it.

Rectify incorrect, inaccurate, or incomplete personal data we have about you. 

If you are a resident of the EU, you have the following additional rights:

Object to the processing of your data for marketing purposes or our other legitimate interests. However, we may override your objection to our legitimate interest if we demonstrate compelling legitimate grounds, or for the establishment, exercise, or defense of legal claims. At any time, you can also object to our processing of your data for direct marketing purposes, by simply opting out of our newsletters or marketing emails.

Restrict the processing of your data for the duration we require to verify its accuracy. You have the right to restrict the processing of your data if you consider it unlawful processing. You can also restrict the deletion of your data if you need it for the establishment, exercise, or defense of legal claims. You can also request the restriction of the processing during the time we review your objection to our legitimate interest. 

Withdraw consent to processing your data, at any time. If you do that, we will still process certain information on a legal basis other than consent, as described in this Policy. Withdrawing your consent will not affect the lawfulness of data processing we carried out based on your consent before such withdrawal.

Erase your data when it is no longer needed. For example, when you withdraw your consent to our newsletters, you have the right to ask us to erase your data relating to that. However, we may still process your data if we need to comply with a legal obligation, if we are subject to do so under the law, or for the establishment, exercise, or defense of legal claims.

Data Portability. You have the right to receive the personal data that you provided to us in a structured, commonly used, and machine-readable format and to send that information to other businesses. Where technically feasible, you also have the right to have your data transmitted directly from us to another business you designate.

If you wish to exercise any of these rights, contact us at Legal@morphisec.com.

We have the right to ask for reasonable evidence to confirm your identity before we provide you with the data. When we are not able to provide you with the data that you have requested, we will explain the reason for our inability to do so.


Additional information for users in the EU

We are data controllers of the personal data we collect about you through our Website. 

Morphisec is the data controller for the personal data we collect through our Website. Our registered address is at 77, Haenergia St. Gav Yam Park Bldg. 1, Beer-Sheva, Israel 8470912. Contact us by email at Legal@morphisec.com.

Legal bases for processing your data.

The legal basis for collecting and processing your account data for subscription, fulfillment, and billing, is the performance of the contract for the service and solutions we provide.

The legal basis for collecting and processing your email address to send you our marketing emails is your explicit consent.

The legal basis for processing your inquiry information is our legitimate interest in responding to your question or request.

The legal basis for processing your personal data for a job application is to perform a contract or to take steps at your request, before entering a contract. 

The legal basis for processing your information for Website adaptations, and business planning, is our legitimate business interest in enhancing our Website and our business development and planning.

The legal basis for our collecting and processing your preferences is your consent or our legitimate business interest of offering you solutions that are suitable to your interests and provide you the service.

The legal basis for processing analytics information about you is our legitimate interest in managing our Website and our business development and planning.

The legal basis for collecting and processing information about you from third parties for marketing purposes is our legitimate interest in offering you solutions that are suitable to your interests.

The legal basis for sharing your data with our service providers is our legitimate interest in performing certain business-related functions.

The legal basis for sharing your data with others if you breached our terms is our legitimate interest in protecting ourselves from abuses.

The legal basis for disclosing your data to a judicial, governmental, or regulatory authority is our compliance with our legal obligation to do so.

The legal basis for sharing your data to enable a structural change of Morphisec is our legitimate business interests in our business continuity following any structural change.

The legal basis for sharing your data in a case of emergency is to protect your or another natural person's vital interests.

You have a right to complain to the relevant supervisory data protection authority.

Subject to applicable law, you have the right to complain to your local data protection authority. If you are in the EU, you can complain to the supervisory authority, in particular in the state of your residence, place of work, or place of an alleged infringement of the GDPR. 

Names and contact information of the competent supervisory authorities in the European Union can be found at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

To contact our representative in Europe.

Our European representative for this Policy, pursuant to Article 27 of the GDPR, is European Data Protection Office (EDPO). If you are within the European Economic Area, you may contact our European representative at:


Children

Our Website is intended for 18 years of age and older.

We are a business-to-business company with products and solutions directed to and intended for use only by those who are 18 years of age or over. We do not knowingly collect personal information of children who are under the age of 16 through our Website. If you are under the age of 18, you should not use our Website.

Changes to this Privacy Policy

If we change this Privacy Policy, we will post the updated policy on our Website.

If we modify this Privacy Policy, we will publish a revised version with an updated revision date. The privacy link on our Website will then lead to the new policy. If you continue to use our Website after those changes are in effect, you agree to the new policy. If the changes are significant, we may provide a more prominent notice or get your consent, as required by law.

Contact us

You can contact us at Legal@morphisec.com.

If you have any questions, complaints, or suggestions, you may contact us at Legal@morphisec.com

We will do our best to resolve your issue promptly.

Morphisec is strongly committed to protecting the privacy and the information of the users of its products, services, and Site (as defined below). 

Last Updated: June 2023