The Red Report 2024: The Top 10 Most Prevalent MITRE ATT&CK Techniques
Privacy & Compliance
Picus is committed to protecting and respecting your personal information and privacy. This Policy sets out and is only limited with the personal data processing practices carried out through the use of our Websites (www.picussecurity.com and app.picussecurity.com), our Services (as described below) and any other electronic communications networks by Picus.
Please read this Policy carefully to understand how and why we collect, process and use your information.
Personal Data is any information that directly or indirectly identifies a natural person. We will ask for your consent when we need information that personally identifies you (personal information) or allows us to contact you to provide a service or carry out a transaction that you have requested such as receiving information about Picus Security products and services, ordering email newsletters, joining a limited-access site or service, or when purchasing, downloading and/or registering Picus Security products.
The channels and types of personal information we may collect including, without limitation, are listed below:
Information you directly provide to us:
Free-trial: Under your free-trial requests, we may collect your first name, last name, company email, company name and country information.
Account: We may collect our customer’s company email address when logging into our online platform.
Demo request: Under your demo requests, we may collect your first name, last name, company email address, company name, phone number and country information.
Contacting us: Under your inquiries such as scheduling a demo, learn about pricing and upgrading product, we may collect your first name, last name, company email, company name, job title, country, phone number (optional) information and the descriptive message you submitted to facilitate your inquiry.
Job application: We receive your job applications through a third-party platform. If you wish to apply for a job at Picus, we may collect your full name, email, resume/CV, phone (optional), current company (optional), LinkedIn Profile (optional) and any other optional information you submitted us within your application.
Partner account & User application: Under our partner program, we may collect your corporate email address.
Picus Technology Alliances Partner Program application: Under our Technology Alliances Partner Program (TAP), we may collect your first name, last name, work email and role.
Picus Technology Alliances Team meeting request: For your meeting requests with Picus Technology Alliances Team, we may collect your first name, last name and email address.
Blog: If you wish to subscribe to our blog, we may collect your company email address.
Purple Academy by Picus: If you wish to obtain a service from Purple Academy, we may collect your full name, company email address, company, country and job title information.
Webinars, Case Studies & Reports: For your webinar, case studies& reports requests, we may collect your company email address.
Exclusive Reports: Under your exclusive report requests, we may collect your full name, company email address, title, company name, country information.
We may also collect your personal data such as your first name, last name and email address when you follow us on social media, attend our events or correspond with us by phone, email, social media or otherwise.
Information from your visits to our website:
Our website enables us to communicate with you about us, our products and services. Even if you do not login with an account, we may still automatically collect information each time you visit our website. We may collect certain information about your visit, such as the name of the Internet service provider and the Internet Protocol (IP) address through which you access the Internet; the date and time you access the site; browser type and version; time zone setting; operating system and platform; the pages that you access while at the website and the Internet address of the website from which you linked directly to our website. This information is mainly used to provide you access to our website, improve the webpage view on your device and browser, and adapt to your settings and language. We also use this information to analyze trends, and to improve our website and online services.
We process such personal data pursuant to Article 6(b) of the GDPR, as these data are necessary to answer your inquiry.
Information from other resources:
We may also collect your personal information indirectly from third party sources such as business partners, advertising networks, payment and delivery services as well as from public records such as social media platforms and industry associations. Please note that, in such cases, we do not have any liability or responsibility over the use, storage and disclosure of your personal information as it is governed by those sources own privacy policies.
The purposes and processes of processing personal data processed by Picus vary according to the category of the person (i.e. customer, potential customer, visitor, employee candidate etc.) concerned and the type of personal data.
Consistent with applicable law and choices that may be available to you, we may use your personal information, without limitation, for the following purposes:
To perform our contractual obligations and provide you the requested information, products and services;
To personalize your experience on our website and services and customize content;
To carry out our marketing activities;
To deal with your inquiries and requests, and Data Capture Information;
To administer, operate, optimize and improve the quality of our website, products, services and operations;
To communicate with you about products or services that you requested;
To maintain a secure environment by detecting, investigating and preventing fraudulent or illegal activities;
To comply with legal requirements and standards.
We will send you information according to the preferences you submitted via our online forms, and in accordance with the consent you will have actively given us, where applicable. You may change these preferences and/or withdraw your consent at anytime. Based on your consent, we may send out emails informing you of issues related to a product or service you requested or confirming you requested a product or service, such as invoices and confirmations. We may also occasionally communicate with you regarding our products, services, news and events. You have the option to not receive this information. In case you want to unsubscribe information, instructions to remove an email address are located at the bottom of every promotional email.
Except as otherwise described in this statement, the personal information you provide on the Website will not be shared outside of Picus Security and its controlled subsidiaries and affiliates without your permission.
Cookies are text files placed on users' computers by websites visited by internet users. They can be used by web servers to identify and track users as they navigate different pages on a website and to identify users returning to a website.
We collect personal data for different purposes via cookies through our Website www.picussecurity.com and app.picussecurity.com. It should also be noted that cookies are widely used not only on our website but also on almost all websites in order to effectively operate the websites for the preferences of the visitors and also to provide detailed information to the administrators of the relevant website.
In Picus, we implement technical and administrative measures to protect your personal data and prevent any unauthorized access, disclosure, use, and modification. We use industry standard technologies, operational security methods and cyber security products for the protection of collected personal data. In this context, we also regularly review and validate the adequacy and effectiveness of our security controls, tools and procedures for building a stronger security posture. Please note, however, that no security measures are fully-secure or impenetrable. For more information, please see our Corporate Practices.
All systems related to Picus products are cloud based. As a globally operated company, the destination where we store or transfer your personal information may be different than the country in which the data was collected. Regardless of the country that we transfer, store or process your data, we will take reasonable steps to ensure that your data is treated securely and in accordance with this Policy.
We retain personal information only for the period necessary to fulfill the purpose for which they were collected. In this context, the retention periods for each type of personal data are determined and if there is no reason to keep the relevant personal data, personal data is destroyed in accordance with the current legislation.
Adequate technical and administrative measures regarding the storage and destruction of personal information have been taken within the framework of the Information Security Management System.
We respect your privacy. If you wish to exercise your privacy and data subject rights subject to applicable law such as GDPR, CCPA or KVKK, please fill out the initial request form here so that we can provide you the appropriate data subject request form depending on the legal source of your request.
Children: Our Website, application and services are intended for business use and we do not expect them to be of any interest to minors. We do not, knowingly or intentionally, collect personal data from anyone under 16 years of age.
Sensitive data: We do not collect or receive any sensitive categories of personal data. Also, we ask you to not send or disclose, any sensitive personal information to us directly or through our products and services.
If you have questions or concerns about this Policy or its implementation, please contact us by email at firstname.lastname@example.org.
Picus Security, Inc.; Picus Bilişim Güvenlik Ticaret A.Ş.; Picus Security US, LLC.
We encourage you to frequently check this page to see any updates or changes, as we always show the latest modification date at the bottom of this Policy. When required under applicable law and/or the change is significant, we will also notify you by using other means, e.g., via email.
This policy was last updated on 23.01.2023