Last Updated: November 10, 2020
Data Protection Highlights
Thank you for visiting KnowBe4.com, kb4compliance.com, hackbusters.com, and all of their subdomains and aliases (collectively, the “Website” or “Site”). These data protection highlights (”Highlights”) are intended to provide you with a few key highlights from our data protection notices and will tell you how KnowBe4, Inc. (“KnowBe4”, “we”, “our”, or “us”) uses Personal Data (as defined below) collected at this Site. Our data protection notices will provide you with more detail on KnowBe4’s global data protection practices. We encourage you to visit those notices for a more in-depth explanation of our data protection practices.
What is Personal Data?
“Personal Data” means any personally identifiable information that can be linked back to you such as your name, address, date of birth, phone number, and email address.
How Does KnowBe4 Collect Personal Data?
We collect Personal Data when you visit our Site, submit information through our submission forms, contact us, send information to us directly, or upload information to our technology platforms. We also receive Personal Data collected by our affiliates, channel partners, service providers, and other third party providers.
How KnowBe4 Uses Personal Data
KnowBe4 uses Personal Data to respond to your inquiries, to provide marketing materials to you, to run our technology platform(s), to improve our services, for hiring/employment purposes, to comply with legal obligations, and as otherwise described in our data protection notice(s) and applicable agreements for services.
If you are not a customer or an end user:
If you are not a customer or an end user, please email email@example.com to access, amend, delete, rectify, withdraw consent, or object to the processing of your Personal Data. Our data protection notices have more information about these options.
If you are a customer or an end user:
If you are an end user and your organization uses the KnowBe4 platform, we recommend you reach out to your Account Owner (as defined in the Product Privacy Notice) to exercise your rights to rectify, erase, object to processing, restrict processing, and/or withdraw consent. You may also email firstname.lastname@example.org and we will reach out to your Account Owner for you. Please see our Product Privacy Notice for more information about these options.
If you would like more information on our data protection practices, you can review our full data protection notices contained on this Site. Please direct any complaints, requests or inquiries to email@example.com. We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA or other applicable jurisdictions, you have the right to lodge a complaint with the competent supervisory authority.
Thank you for visiting KnowBe4.com, kb4compliance.com, hackbusters.com, and all of their subdomains and aliases (collectively, the “Website” or “Site”). KnowBe4 is committed to protecting your privacy. This Website Privacy Notice (the “Website Privacy Notice”) tells you how KnowBe4, Inc. (“KnowBe4”, “we”, “our”, or “us”) uses Personal Data (as defined below) collected at this Site.
The data protection practices set forth in this Website Privacy Notice are for websites owned by KnowBe4. The Site may contain links to other websites, applications, or services maintained by third parties. If you visit any of these third party websites, applications, or services, please review the data protection related notice(s) posted at those websites as the information practices of such other third parties are governed by those third parties’ data protection notice(s).
By using this Site, you are accepting the practices described in this Website Privacy Notice. If you do not agree with the data practices provided in this Website Privacy Notice, you should not use the Site or other websites owned by KnowBe4. We encourage you to periodically review this Website Privacy Notice to stay informed about our collection, processing and sharing of your Personal Data. Your continued use of this Site after we make changes to the Website Privacy Notice is deemed to be acceptance of those changes.
KnowBe4 is the controller of your Personal Data as described in this Website Privacy Notice, unless expressly specified otherwise.
For the avoidance of doubt, this Website Privacy Notice does not apply to the extent we process Personal Data in the role of a processor on behalf of our customers.
What This Notice Covers
This Website Privacy Notice applies to the processing of Personal Data collected by us when you:
Personal Data KnowBe4 Collects
“Personal Data”, as defined by the General Data Protection Regulation (“GDPR”) means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
The Personal Data that we collect directly from you includes the following:
The Personal Data that we collect indirectly about you includes the following
How We Use Your Personal Data
We collect and process your Personal Data for the purposes and on the legal bases identified in the following (where we act as a controller of your Personal Data):
Where we have obtained your consent:
Where we have entered into a contract:
Where we have not entered into a contract with you, or obtained your consent, or have stated that another legal basis shall apply then legitimate interest is the legal basis for the following processing activities:
KnowBe4 processes and discloses Personal Data when cooperating with the appropriate regulatory and government authorities. When KnowBe4 processes Personal Data for this purpose, the legal basis for processing shall be for compliance with a legal obligation to which KnowBe4 is subject.
Visitors under the age of 16
Our Website is not intended for persons under the age of 16. Thus, we do not intentionally gather Personal Data from visitors who are under the age of 16. If you are under the age of 16, please do not submit your Personal Data via our submission forms.
Notices on behavioral advertising and opt-out for Website visitors
We use Microsoft to collect Personal Data from our Site to provide Bing Ads. Please review Microsoft’s Privacy Statement to learn more about Bing Ads.
If you would like more information on the technologies that we use on our Website, please contact firstname.lastname@example.org.
Who Do We Share Personal Data With?
We use third-party businesses to provide products and perform specialized services for data processing. When we provide Personal Data to these businesses, they are not permitted to use the Personal Data for any reason outside of the scope for which we contracted them.
The ways in which we may share your Personal Data include the following:
Sale of Personal Data
KnowBe4 will never sell your Personal Data.
International Transfers of Personal Data
Your Personal Data will be collected, transferred to, and stored by us in the United States or by our affiliates in other countries where we operate.In the event that your Personal Data is processed outside the European Economic Area (EEA), we will ensure that the recipient of your Personal Data offers an adequate level of protection by entering into an agreement to abide by Standard Contractual Clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or another mechanism approved by the EU.
Data Security and Retention
Your Personal Data is kept secure. Only authorized employees, agents, and contractors (who have agreed to keep information secure and confidential) have access to this information.
We (and our third-party service providers) use a variety of industry standard security measures to prevent unauthorized access, use, or disclosure of your Personal Data. These security measures consist of but are not limited to data encryption and physical security. No method of transmission or method of electronic storage over the internet is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
KnowBe4 will retain your Personal Data for the period necessary to fulfill the purposes outlined in this Website Privacy Notice or until you request its deletion, unless a longer retention period is required by applicable data privacy law.
We take reasonable steps to ensure that your Personal Data is accurate, complete, current, and otherwise reliable for its intended use.
If KnowBe4 obtains knowledge that one of our service providers or employees is in violation of this Website Privacy Notice, KnowBe4 will take commercially reasonable steps to prevent the unauthorized use or disclosure of your Personal Data. KnowBe4 takes data privacy seriously. Therefore, we agree to take commercially reasonable measures to ensure the proper handling of your Personal Data by our employees and service providers.
You have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws and, in particular, if you are located in the EEA, these rights may include:
How to exercise your rights
To exercise your rights, please contact us at email@example.com.
California Consumer Protection Act
This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act or “CCPA.”
We do not provide services, or other items of value, as consideration for your, or your end users’, personal information protected by the CCPA.
You are responsible for ensuring your compliance with the requirements of the CCPA in your use of the services we provide to you and your own processing of personal information.
Here are a few things that KnowBe4 will NOT do with personal information in the scope of acting as a service provider, as defined by CCPA:
Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use and disclose this personal information), to delete their personal information, to opt out of any “sales” that may be occurring, and to not be discriminated against for exercising these rights.
California consumers may make a request pursuant to their rights under the CCPA by contacting us at firstname.lastname@example.org. We will verify your request using the information associated with your account, including email address. Consumers can also designate an authorized agent to exercise these rights on their behalf.
KnowBe4 agrees to act in compliance with the United States CANSPAM Act. In order to comply, we have taken appropriate measures for our commercial electronic messages (including emails). You can learn more about the CANSPAM act by visiting the FTC official website by following this link https://www.ftc.gov/.
PIPEDA and Canadian Anti-Spam Legislation (CASL)
We protect and use your information by observing principles and guidelines in the Personal Data Protection and Electronic Documents Act and Canada's Anti-Spam Legislation. We obtain either express or implied consent, or use other lawful mechanisms, in order to send commercial electronic messages as is defined by CASL. If KnowBe4 seeks to use your Personal Data for a new purpose, we will contact you to obtain the appropriate consent. If you choose to opt-out of receiving our emails, you will be unsubscribed upon your request.
To exercise your rights regarding your Personal Data, or if you have questions regarding this Website Privacy Notice or our privacy practices please send an email to email@example.com. Alternatively, you may send notice by way of mail at the address listed below:
33 N Garden Avenue, Suite 1200
Clearwater, FL 33755, USA
Attn: KnowBe4 Privacy Team
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the EEA, you have the right to lodge a complaint with the competent supervisory authority.