Website Privacy Policy

This Privacy Policy was last updated on 12 November 2019.

Welcome to the website (the “Site”) of Obsidian Security, Inc. (“Obsidian”, “we”, “us” and/or “our”). This Site is operated by Obsidian and has been created to provide information about our company to our visitors (“you”, “your”). This Website Privacy Policy (“Privacy Policy“) sets forth Obsidian’s policy with respect to information including personally identifiable data (“Personal Data”) that is collected from visitors to obsidiansecurity.com. We have a separate privacy statement that covers users of our product, available to users who are logged in to our product. We also wrote a three part blog series (1, 2, 3) on our data guardianship and privacy principles.

Information We Collect: When you interact with us through obsidiansecurity.com, we may collect Personal Data and other information from you, as further described below:

Personal Data: We collect Personal Data from you when you voluntarily provide such information, such as when you contact us with inquiries or submit your contact information into our web forms.

By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Site, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Obsidian and the authorized third parties referred to herein located in the United States.

Passively Collected Data: When you interact with Obsidian through obsidiansecurity.com, we and third parties that provide functionality on the Service, may engage, receive, collect and store certain types of information through automatic data collection tools including cookies, encrypted authentication tokens and similar technology. Such information, which is collected passively using various technologies, may include but is not limited to information about your device, referring/exit pages and URLs, and what you click on while at obsidiansecurity.com. Obsidian may store such information itself or such information may be included in databases owned and maintained by Obsidian agents or service providers. The Site may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors’ Internet service providers. Such information that we collect will allow Obsidian to make educated decisions on how to provide a better product for our users. In operating the Site, we may use cookies. Our cookies help provide additional functionality to the Site and help us analyze Site usage more accurately.

Aggregated Data: In an ongoing effort to better understand and serve the users of the Site, Obsidian often conducts research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Obsidian may share this aggregate data with its affiliates, agents and business partners for any purpose. This aggregate information does not identify you personally. Obsidian may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

Analytics: We allow third party service providers to use cookies, web beacons, or similar technologies to collect information about your browsing activities over time during and immediately preceding your use of obsidiansecurity.com. For example, we use Google Analytics and tools provided by Hubspot. Google Analytics is a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use obsidiansecurity.com. For more information on how Google uses this data, go to www.google.com/policies/privacy/partners/. Hubspot installs browser cookies and web beacons to help us understand what visitors to obsidiansecurity.com do while on the Site and where they come from before they arrive at obsidiansecurity.com. For more information on how Hubspot handles data, please visit Hubspot’s Legal Stuff page: https://legal.hubspot.com/legal-stuff.

Our Use of Your Personal Data and Other Information: Obsidian uses the Personal Data you provide in a manner that is consistent with this Privacy Policy. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Obsidian may also use your Personal Data and other personally non-identifiable information collected through the Site to help us improve the content and functionality of the Site, to better understand our users and to improve the Site. Obsidian may use this information to contact you in the future to tell you about services and features we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to “opt-out” of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing lists, please contact privacy@obsidiansecurity.com and request a global opt-out from all communication.

Our Disclosure of Your Personal Data and Other Information: Obsidian is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.

Agents, Consultants and Related Third Parties: Obsidian, like many businesses, sometimes hires other companies to perform certain business-related functions and to help us understand and improve the use of our Site. Examples of such functions include mailing information, maintaining databases and processing payments. We may share any information we receive with vendors and service providers retained in connection with providing the Service.

Legal Requirements: Obsidian may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Obsidian, (iii) act in urgent circumstances to protect the personal safety of users of the Site or the public, or (iv) protect against legal liability.

Children: Obsidian does not knowingly collect Personal Data from children under the age of 16. If you are under the age of 16, please do not submit any Personal Data through the Site, as our Site is not designed for people under age 16.

Feedback: Obsidian is on a continual quest for improvement. We invite most kinds of feedback from customers, interested third parties, and visitors to obsidiansecurity.com. Constructive, humorous, scathing, brilliant, crushing, typographical, grammatical, award-winning, thoughtful, and/or limerick-style feedback can be submitted anonymously here.