KnowBe4.com Privacy Policy And Terms Of Service


Website Privacy Policy - December 20, 2018

Important Information

Thank you for visiting KnowBe4.com, kb4compliance.com, hackbusters.com, and all of their subdomains and aliases (collectively, the “Website” or “Site”). This Privacy Policy tells you how KnowBe4, Inc. (“KnowBe4”, “we” “our” or “us”) uses Personal Information collected at this Site.

We at KnowBe4 are committed to protecting your privacy. The privacy practices set forth in this Privacy Policy (the “Privacy Policy”) are for websites owned by KnowBe4. If you link to other web sites, please review the privacy policies posted at those sites.

By using this Site, you are accepting the practices described in this Privacy Policy. We may make changes to this Privacy Policy at our sole discretion at any time. If you do not agree with the data practices provided in the Privacy Policy, you should not use the websites owned by KnowBe4. Your continued use of this Website after we make changes to the Privacy Policy is deemed to be acceptance of those changes.

 Our Privacy Policy details:

  • The information we collect and why we collect it
  • Your right to access your Personal Information
  • How the information is used
  • The use of cookies and other related technologies

 

Notice

Personal Information
“Personal Information” is personally identifiable information such as your name, address, date of birth, phone number, and email address. In scope of the services provided, the personal data that is generally collected is first name, last name, and business email address. We will not use information stored in our products and services for direct marketing.

Visiting Our Website
You are free to browse our Website without providing Personal Information. We do, however, collect Personal Information when you use one of our submission forms or subscribe to our informational newsletters and products and services updates.

What Personal Information Do We Collect?
When you voluntarily submit information through our submission forms, you are submitting Personal Information. This may include names, email addresses, phone numbers, city, state, country and company information. When submitting Personal Information through our submission form, you expressly consent to the collection, use, and disclosure of your Personal Information in accordance with this Privacy Policy. Other information we collect includes public information that is available on the internet or other information that we obtain from service providers.

You also may provide information to be published or displayed on public areas of the Website or transmitted to other users of the Website or third parties (“User Contributions”). Your User Contributions are posted and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.  

If you contact us via email, we will collect your name and email address as well as any other information in the body of the email in order to provide a prompt response.

Visitors under the age of 16.
Our Website is not intended for persons under the age of 16. Thus, we do not intentionally gather Personal Information from visitors who are under the age of 16. If you are under the age of 16, please do not submit your Personal Information via our submission forms.

  

Choice

Cookies & Related Technologies
This Site may use cookie and tracking technology depending on the features offered. Cookie and tracking technology is useful for gathering information such as browser type and operating system, tracking the number of visitors to the Site, and understanding how visitors use the Site. Cookies can also help customize the Site for visitors. Personal Information cannot be collected via cookies and other tracking technology. However, if you previously provided Personal Information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.

Pages of our Website may contain small electronic files known as web beacons (also referred to as clear gif, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or for other related website statistics (for example, recording the popularity of certain Website content and verifying system and server integrity).

Advertising
One of the third-party vendors we use for the tracking and collection of the Site's visitor information is AdRoll. AdRoll uses cookies, tracking pixels and related technologies to identify your device when you move between different websites and applications to provide targeted advertising on other sites or applications based on your online activity. To opt-out of AdRoll from receiving targeted advertisements, you may visit the NAI website opt-out page here: http://www.networkadvertising.org/choices/ or the DAA opt-out page here: http://www.aboutads.info/ or, for EU users, the EDAA opt-out page here: http://youronlinechoices.eu/

We also use Google Analytics, which is a web analytics service provided by Google, Inc. (“Google”) to collect information relating to your use of the Site. Google Analytics uses cookies to help us analyze how users are interacting with the Website and provide you the most relevant content. For more information on Google Analytics, please visit Google’s website and their various pages describing Google Analytics, such as www.google.com/analytics/learn/privacy.html.

If you would like more information on the technologies that we use on our Website, please contact privacymanager@knowbe4.com.

Legitimate Interests
KnowBe4 may process your Personal Information for our legitimate business purposes. We make efforts to consider and balance any potential impact on you (both positive and negative), and your rights under applicable data protection laws.

Legitimate business purpose may include all or some of the following reasons or circumstances: (1) to improve our services; (2) to better understand how you interact with our Website; (2) to provide digital marketing communications (like our newsletters); or (4) to investigate fraud or for other legal purposes.

Distribution of Information
KnowBe4 reserves the right to disclose your Personal Information under the following conditions: (1) when permitted or required by law; (2) when trying to protect against or prevent actual or potential fraud or unauthorized transactions; or (3) when investigating fraud which has already taken place. The information is not provided to these companies for marketing purposes.

We ask that you do not use our Website or services for any means that are deceptive, malicious, or with the intention to abuse or misuse any computer system, organization, or natural person. Use of our Website or services for any of the purposes outlined in this paragraph are strictly prohibited.

Selling of Personal Information
KnowBe4 will never sell your Personal Information.

Third Parties
To provide our products and services, we may occasionally use third-party businesses to provide and perform specialized products and services for data processing. When we provide Personal Information to these businesses, they are not permitted to use the Personal Information for any reason outside of the scope for which we contracted them.

 

Security 

Commitment to Data Security
Your Personal Information is kept secure. Only authorized employees, agents, and contractors (who have agreed to keep information secure and confidential) have access to this information.

We (and our third-party service providers) use a variety of industry standard security measures to prevent unauthorized access, use, or disclosure of your Personal Information. These security measures consist of but are not limited to data encryption and physical security. No method of transmission or method of electronic storage over the internet is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

 

Access

Opt Out
You may opt-out from any future communications from us by clicking the unsubscribe link in an email or by emailing us at privacymanager@knowbe4.com.

Changes to Personal Information
Upon request, we will provide you with information about whether we hold any of your Personal Information. Upon verification, if you choose, you may exercise your right to request KnowBe4 to delete your Personal Information stored in our databases. Note that there may be specific circumstances in which we cannot delete your Personal Information. When we delete your Personal Information, it will be erased from our records. However, the Personal Information may still be archived in our backups in accordance with our retention policies.

If you would like to access your Personal Information and/or correct, amend, or delete the information where it is inaccurate, please contact us at privacymanager@knowbe4.com.

 

Data Retention

Retention of Personal Data
KnowBe4 will retain your Personal Information for the period necessary to fulfill the purpose outlined in this Privacy Policy unless a longer retention period is required by applicable data privacy law.

Accuracy
We take reasonable steps to ensure that your Personal Information is accurate, complete, current and otherwise reliable for its intended use.

Enforcement
If KnowBe4 obtains knowledge that one of our service providers or employees is in violation of this Privacy Policy, KnowBe4 will take commercially reasonable steps to prevent the unauthorized use or disclosure of your Personal Information. KnowBe4 takes data privacy seriously. Therefore, we agree to take commercially reasonable measures to ensure the proper handling of your Personal Information by our employees and service providers.

 

More Important Information

EU-U.S. and Swiss Privacy Shield Framework
KnowBe4, Inc. complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom and Switzerland to the United States, respectively.  KnowBe4, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

KnowBe4, Inc. is responsible for processing of the personal data that it receives, under the Privacy Shield framework, and subsequently transfers to a third party acting as an agent on its behalf. KnowBe4, Inc. complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, KnowBe4, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, KnowBe4, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the Privacy Shield Principles, KnowBe4 commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact KnowBe4 at: privacymanager@KnowBe4.com

Under certain conditions, more fully described on the Privacy Shield website (https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint), you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request

California Privacy Rights
California Civil Code Section 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. Requests can be made once a year and are free of charge.

In the body of your request we ask you to include a valid California address and the website or business to which your request pertains. To make such a request, please send an email to privacymanager@knowbe4.com

CANSPAM
KnowBe4 agrees to act in compliance with the United States CANSPAM Act. In order to comply, we have taken appropriate measures for our commercial electronic messages (including emails). You can learn more about the CANSPAM act by visiting the FTC official website by following this link https://www.ftc.gov/

PIPEDA and Canadian Anti-Spam Legislation (CASL)
We protect and use your information by observing principles and guidelines in the Personal Information Protection and Electronic Documents Act and Canada's Anti-Spam Legislation. We obtain either express or implied consent, or use other lawful mechanisms, in order to send commercial electronic messages as is defined by CASL. If KnowBe4 seeks to use your Personal Information for a new purpose, we will contact you to obtain the appropriate consent. If you choose to "opt-out" of receiving our emails, you will be unsubscribed upon your request.

 

Contact Us
If you or a member of your organization have any questions in regard to this Privacy Policy, you may contact KnowBe4 in the following ways:

  1. By sending us an email at privacymanager@knowbe4.com; or
  2. By mailing us at KnowBe4, Inc. Suite 1200 33 N. Garden Ave, Clearwater, FL 33755 Attn: Legal.

 

Cookie Notice - December 20, 2018

Anytime you see the word "cookie" you may think something along the chocolate chip variety and we don't blame you! However, the cookies we are talking about are computer cookies, more formally known as HTTP cookies, web cookies and internet cookies. Anytime that you visit a website, the website sends the cookie to your computer and it stores a small text file inside of your web browser. We are able to use these cookies to identify your device as you browse through our website or when you return as a visitor to our site. This helps navigating and interacting with our Site and KB4 account portal more efficient, easy and meaningful.

KnowBe4 uses cookies and other tracking technologies such as pixels, gifs and web beacons. These help us identify you and your interests, remember your preferences, and track your use of our Sites. We also use Cookies and Tracking Technologies to control access to certain content on our Sites, protect our Sites, and to process any requests that you make. 

You can turn off your web browsers ability to accept cookies. However, if you do that, certain parts of the KB4 Site or console portal may not work for you.

First and Third Party Cookies.

"First Party Cookies" are cookies that belong to KnowBe4 and that we place on your device. "Third Party Cookies" are cookies that another party places on your device through our site. KnowBe4 may contract with a third-party service to help us send e-mails or other information to users who have provided their contact information. To measure the effectiveness of these services, our service providers may place Cookies on the devices of those users.

Below are some cookie classifications:

Cookies

Description

Strictly Necessary

means the cookies are essential for the provision of the site and any requested services, but do not perform any additional or secondary function.

Performance Cookies

are those that provide statistical information on site usage, i.e. web analytics.

Functionality Cookies

These cookies allow the provision of enhanced functionality and personalization, such as videos and live chat. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these functions may not work properly.

Targeting/Advertising Cookies

are used to create profiles or personalize content. Third parties often set them and these cookies present the highest privacy risks to visitors.

 

Web beacons

Web beacons and embedded scripts are other technologies that we use in our websites, as well as in some of our emails and ads.

Web beacons (or “tags”) are bits of programming code included in web pages, emails, and ads that notify Adobe (or the companies that help us run our business) when those web pages, emails, or ads have been viewed or clicked on.

Opting Out of 

If you would not like to have cookies read or dropped on your devices, you can adjust the setting on your web browser to reject the setting of some or all of the Cookies and to alert you when a cookie has been dropped into your web browser. For further information on how to do so, please refer to your browsers help tool or see www.allaboutcookies.org. Please note that if you use your browser settings to block all Cookies (including strictly necessary Cookies) you may not be able to access or use all or parts or functionalities of our sites. You may also learn more at www.youronlinechoices.eu.

Contact Us

If you have any questions please contact us at privacymanager@knowbe4.com

Other helpful resources

To learn more about the use of cookies please follow these links:

To learn more about how to manage cookies, please see the websites listed below:

 

KnowBe4 Applicant Data Protection Notice - January 17, 2019

This data protection notice describes the handling of personal data obtained about internal and external job applicants, including referral and applicants who have applied directly through the KnowBe4’s careers page as well as through third party agencies and recruiters on behalf of candidates. It also describes the handling of personal data of any prospective candidates, such as those individuals who expressed an interest in receiving news and details about future KnowBe4 opportunities. Personal data is any information relating to an identifiable individual (i.e. you).

 This data protection notice describes how KnowBe4, Inc., and its affiliates relevant to the job in question, ('we', 'us', ‘our’  'KnowBe4') collects and processes personal data about you, how we use and protect this information, and your rights in relation to this information.

 This data protection notice applies to all applicants based in the European Economic Area. We may modify or update this data protection notice from time to time. If we make a material change this data protection notice, we will notify you of the change.

  1. Personal data we use:

We will collect your personal data from you directly and potentially from other sources.

1.1          Information we hold about you:

The categories of data that we collect directly from you include:

  • Recruitment information: any information shared in the application process, including information from a cover letter, resume, application form or similar documentation—this includes information such as employment history, education, skills or any other details typical to the application and interview process 
  • Contact information: contact information, home address, phone number, and personal email addresses
  • Career and job performance information: job level/position, details of skills and experience, and referrals
  • Aptitude and leadership skills related information:Q., personality and work style assessment, leadership skills, and critical thinking skills
  • Background check information: authorized by applicant if and to the extent allowed by applicable law (e.g., information about judicial disputes and criminal records)
  • Automatically collected information: information collected via cookies and Web beacons, including IP address, browser name, operating system details, domain name, date, time of visit and pages viewed

We also collect information about you using cookies and similar technologies when you browse the KnowBe4 website. See our Website Privacy Policy for further information about how this works.

Generally, prior to collecting special categories of data about you (e.g. political beliefs, data relating to gender, race or ethnic origin, political opinions etc.), KnowBe4 will obtain your explicit consent. The collection of such information may be mandatory, in which case another legal basis for processing will be used for the collection of data (e.g. a legal basis may be that the data collected is required by law for employment purposes).

1.2          Data we collect from other sources:

We collect the following data about you from other sources: 

  • background check data, potentially including your criminal records history, employment history, educational history and/or compensation history, from employment screening agencies, publicly available registers or databases, former employers and/or educational institutions (as allowed by local laws)
  • publicly available information from websites or social media, including information that you choose to voluntarily submit to us in connection with your application (e.g. when applying through Linkedin, Indeed, Monster or other similar sites)
  • information about you from KnowBe4 employees who interview you and who provide feedback about you
  • information about your performance or conduct from references, other KnowBe4 employees, clients or service providers, or former employers you work with and/or or with whom you have worked in the past who provide feedback about you 
  1. How we use your personal data:

We limit our use of your personal data. We aim to only collect and use your personal data for specific, necessary reasons and aim to explain our use of your personal data. For example, we use your personal for:

  • Recruitment: (e.g., to contact, interview, screen, evaluate, select or hire you)
  • Comply with legal obligations: (e.g., in connection with litigation or an internal investigation or audit, if and to the extent allowed by applicable law)
  • To the extent appropriate and in accordance with applicable law, KnowBe4 may seek additional data and/or verify your personal data by contacting your references, referrer and other third parties, as applicable. We will maintain your personal data for legitimate business reasons and only as long as required to complete your application procedure, as requested by you (e.g., to inform you about job positions in the future and to facilitate your applications in the future), for keeping track of rejected applications as required by law, in accordance with section 4 of this data protection notice, or as otherwise required by law or regulation. KnowBe4 will not sell, trade or lease your personal data ato any third party.
  • To meet our legitimate interests, for example to conduct our recruitment processes efficiently and fairly or to manage applicants effectively. When we process personal data to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy or other fundamentals rights and freedoms are not overridden by our legitimate interest to comply with our legal obligations, for example obtaining proof of your right to work status to enable us to meet relevant obligations.

2.1          Your rights as an applicant allow you to do the following, provided it would not involve disproportionate efforts: 

  • Request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask use to delete or remove your personal data where you have exercised your right to object to processing. 
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party). 
  • Request the restriction of processing of your personal data. This allows you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it. 
  • Request the transfer of your personal data to another party.

If you would like to review, verify, correct, or perform any of the aforementioned requests, please contact privacymanager@knowbe4.com.

We encourage you to contact us to update or correct your information if it changes or if the personal data we hold about you is inaccurate.

  1. How your personal data is shared:

While we do not sell or market your personal data, we share your personal data with third parties in limited situations, including with:

  • KnowBe4 Affiliates. We share your personal data with other companies that fall within the KnowBe4 group, for example for recruitment purposes, human resource management and internal reporting.
  • Service providers and business partners. We share your personal data with our service providers and business partners that perform business operations for us. For example, we partner with other companies to host the recruitment system and analyze data to improve performance or engage third parties to audit our systems, products or practices.
  • Law enforcement agency, court, regulator, tax authority, government authority or other third party. We share your personal data with these parties if necessary, to comply with a legal or regulatory obligation, or otherwise to protect our rights, your rights or the rights of any third party.
  • Ownership transferees. KnowBe4 reserves the right to share your personal data in the event it sells, licenses or transfers all or a portion of its business or assets. Should such a sale, lease (licensing) or transfer occur, KnowBe4 will direct the transferee to use your personal data in a manner that is consistent with our policies and procedures.
  1. Data security and retention:

KnowBe4 uses technical, administrative and physical safeguards to protect your personal data against accidental or intentional destruction, loss, alteration, unauthorized disclosure or access, and against other unlawful forms of collecting and processing. KnowBe4 follows industry standard practices to help protect the confidentiality and integrity of your personal data that is collected and processed. When your personal data is shared, KnowBe4 will take a proactive approach to prevent the unauthorized use of personal data.

Generally, KnowBe4 will retain your information for a period for no more than six (6) months (or if applicable, in accordance with local laws) after we have informed you that you have not been selected to work for our company. We retain your data for this period in order to be able to prove, in the event of a complaint, that we performed the application process in a fair and transparent way and no candidate was unlawfully discriminated. If no complaint has been filed by you, we will destroy your personal data after the expiration of the aforementioned period in a safe way and in accordance with our internal policies and applicable legal provisions; and/or a period of one (1) year after we have informed you that you have been not selected to work for KnowBe4 and you have agreed to extend the period of time that KnowBe4 can hold your personal data for evaluation with potential future career opportunities.

KnowBe4 retains your personal data:

  • For as long as necessary to comply with its legal requirement;
  • If data is in aggregated or anonymised form;
  • To defend, establish, exercise or bring any existing or potential legal claims;
  • To ensure fraud detection and prevention; 
  • To respond to any queries or complaints you may have; or
  • To further suggest potential career opportunities that may be of interest to you, with your consent.

We will delete your personal data when it is no longer required for these purposes, provided it would not involve disproportionate efforts. If there is any personal data that we are unable, to delete entirely from our systems, we will ensure that appropriate measures are taken to prevent any further processing or use of your personal data.

  1. International Data Transfer

Because we operate as part of a global business, we transfer, store, or process your personal data in a country different from where you reside. If you reside in the European Economic Area, while we transfer, store, or process your personal data in a country that is not regarded as ensuring an “adequate” level of protection for personal data, we have put in place appropriate safeguards (such as the Standard Contractual Clauses) to ensure that your personal data is adequately protected.

  1. How to Submit Privacy Related Requests

If you have questions or concerns regarding the way in which your personal data has been used or about this data protection notice, please contact the Privacy Team at privacy@KnowBe4.com.

You have the right to make a complaint at any time to the supervisory authority for data protection issues in your home country. A current list of the supervisory authorities in the EU can be accessed here.

 


Get the latest about social engineering

Subscribe to CyberheistNews