Version 2.0 — Updated September 4, 2019
Findings (LKA IDRRA cyber security Ltd) is a supply chain security company, which automates and orchestrates vendor security processes and data provide better, faster vendor risk management.
- What We May Collect About You
When you visit the Findings website, or use our services, we may collect the following types of information:
Information You Provide to Us
When you sign up as a customer, vendor, or partner, you will be asked to provide certain information about yourself, including personally identifiable information, (name, address, email address) billing and other related information. We will also use the information you provide to us to enable you to enter into events where we have your consent, to send you marketing materials about those events and our other services including follow-up demos. We will use this information strictly to provide services to you, and will not share this information with third parties without your consent, except to the extent necessary to process your requests (for example, processing a credit card for payment).
Information About How You Use Our Services
When you interact with Findings, by using our services, sending assessments, performing analysis, or annotating results, a record of these activities will be collected automatically as a result of your use of the website. When you create this information by engaging in actions such as (but not limited to) posing queries, doing analysis, annotating results, etc. the information will be collected, stored or archived by Findings. Information about your interaction with Findings (assessments, queries, visualizations, analysis, etc.) is saved for on our servers unless you delete that information or delete your account. While our servers automatically collect information as a consequence of your using the service, we do not examine or inspect individual data, and we encrypt the data and logs related to you. If you have chosen to share assessments, analysis or similar searches with others, copies of that information will remain viewable by those with whom you have shared the query or similar even after you remove information from your profile or delete your account. We log queries you make when you use our system, and we anonymize them; but we do not manually or individually inspect them. We will not share your data with anyone, unless you ask us to do so through the user interface, although you are free to share information yourself.
Findings is not a data broker. Findings does not maintain files on individuals’ purchases, nor sell lists of consumers. Findings does not collect consumer information for targeting of ads. Findings does not provide consumer scoring. In addition, Findings:
- Does not maintain transaction-specific data about consumer purchases.
- Does not obtain payment data from retailers and/or catalog companies.
- Does not track consumer product purchases, the dollar amount of the purchase, the date of the purchase, or payment types.
- Does not obtain information from magazine publishers about the types of subscriptions sold.
Put simply, Findings does not provide consumer marketing databases, or even the means to produce consumer marketing databases, in any shape or form.
When you visit the Findings website, we may send one or more cookies – a small file containing a string of characters – to your computer, mobile phone, or other device that uniquely identifies your browser. When you return to our site, we may detect the presence of that cookie, and the information contained in it. We will not share this cookie information with anyone, and will use it solely to provide services to you.
Internet Log Information
When you access any Findings website, network, server, or other electronic asset, our servers automatically record information that your browser sends whenever you visit any website. These logs may include information such as the nature and content of your web request, your Internet Protocol address (and approximate geographic location), browser type and version, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser. In the event of an actual or attempted unauthorized or malicious access to our website or servers, we may use this information to conduct investigations and to protect the integrity of your information. We may preserve your information if we believe it is reasonably necessary to protect our systems, enforce our Terms of Service, or address any security or technical issues.
Your Communications With Us
When you send or receive email or other communications with us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services, to inform you about changes in our policies or pricing or service offerings or to fulfill or respond to requests you may initiate. Additionally, we use a service that lets us know when you have received or opened email we have sent to you. We use this information solely for the purposes of tracking whether or not you have received an email from us for quality control and response purposes. We also offer an email alerting capability called “Alerts” which automatically sends information you have requested to an email account you have registered with us. You have ultimate control over the information sent to you through this service, including the nature and scope of the information, and the frequency of such alerts. To access this service and put in your personal controls, visit the Alerts management page and update your settings.
Links In and Out
Findings may collect information about sites that have linked to our sites, or sites that we link to. Therefore, Findings may collect information about the website you came from when you were directed to us, or the website you visit as a result of a link on our site.
We do not knowingly collect or maintain personally identifiable information from persons under 13 years of age, and no part of Findings’s sites are directed at persons under the age of 13. If you are under 13 years of age, then please do not use the Website. If we learn that personally identifiable information of persons under 13 years of age has been collected without verifiable parental consent, then we will take the appropriate steps to delete this information. To request the deletion of any such information, please contact us at privacy [at] findings [dot] co.
- How We Use the Information
When We Share
Findings does not share your personal information with any other companies or individuals except for the following:
Consent. We will not share your nonpublic information except to deliver services to you unless you affirmatively opt-in to such sharing. If you share this data with third parties, this is, of course consent to such sharing.
While non-anonymized data is never shared, metadata and anonymized information may be transmitted to our data provider partners when their databases are queried. This allows us to provide you with enriched context about that data from a wider variety of sources.
Sharing in the Event of a Merger or Acquisition
Using Aggregated Information to Improve Our Service
We may use information about how you have used our service in order to improve our service offering to you or to others. By knowing, for example what kinds of information you are seeking on our site, and the results delivered to you, we may be able to analyze this information to deliver more targeted results, and a better user experience. While we will not share the individual search results or what we call “identified” information about your searches or results, we may share with third parties certain pieces of aggregated, non-personal information, such as the number of users who searched for a particular term, for example, or the nature of the results returned to aggregated users. Such information does not identify you or your searches or results individually.
How We Protect Your Information
While no measures can ever guarantee absolute security, Findings takes commercially reasonable and appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data, including data that relates to your personally identifiable information, which we update to stay consistent with industry standards. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to monitor and guard against unauthorized access to systems where we store personal data. We restrict access to information to Findings employees, contractors and agents (including third party hosting platforms) who need to know that information in order to operate, develop or improve our services and separate the data in ways that non-relevant employees will not have any access to it. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Data Integrity and Quality
Quality of Internet Information
The information we deliver to our clients and customers, is only as accurate as the original source material itself.
Accessing and Updating Personal Information
When you use Findings services, we make good faith efforts to provide you with access to your personal information and either to correct this data if it is inaccurate or to delete such data at your request if it is not otherwise required to be retained by law or for legitimate business purposes. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. All requests, accompanied by proof of identification, should be sent to privacy [at] findings [dot] co
III. Mobile App Users
- System logging. As with the website, you might be asked to provide information about yourself. We use this information strictly to provide services to you, and will not share information to third parties without your consent, except as necessary to process your requests.
- Usage tracking. Like with the website, when you interact with the mobile app, we collected information about your use of the app. As with the website, we do not examine or inspect individual search queries without your consent, and we encrypt the logs related to your searches or inquiries.