Privacy Policy

Our Policy:

Welcome to the web site (the "Site") of Menlo Security, Inc. ("Menlo Security", "we", "us" and/or "our"). This Site is operated by Menlo Security and has been created to provide information about our company and our services (together with the Site, the "Services") to our Service visitors and users ("you", "your"). When we talk about an “Organization” or “Customer” in this Notice, we are generally referring to the entity of which you are an employee, contractor, member, or other participant, that has engaged us to provide the services under the terms of a contract.

 This Privacy Policy sets forth Menlo Security’s policy with respect to information including Personal Data and other information that is collected from visitors to the Site and Services. As used in this Policy, “Personal Data” means any information relating to an identified or identifiable natural person. We will not use or share your Personal Data with anyone except as described in this Policy.


 Notice to End Users
In general, our Services are intended for use by Organizations, administered to you by your Organization, and subject to your Organization’s policies, if any. This means that in most cases we are collecting and processing your personal information on behalf of your Organization. In these cases, we are generally acting as a processor of your personal information, processing the information according to your Organization’s instructions, because your Organization is the controller. It is primarily your Organization, as the controller, that controls what personal information about you we collect and how we use it. If you have privacy related questions or concerns about your Organization’s privacy practices or the choices your Organization has made to share your information with us or any other third party, you should reach out to your Organization’s administrator or see your Organization’s privacy policies. Menlo Security is not responsible for the privacy or security practices of our Customers, which may differ from those set forth in this Policy.


Information We Collect:

When you interact with us through the Services, we may collect Personal Data and other information from you, as further described below:

  • Inquiries  and Requests – We may provide you with the opportunity to contact us via e-mail or chat to ask questions, request information and materials, register or sign up for guides, seminars, or training classes, or provide comments and suggestions. You may also be offered the opportunity to have one of our representatives contact you personally to provide additional information about our Services. To facilitate this request, we may request additional Personal Data from you, such as your name, telephone number, and other contact information, to help us satisfy your request.

  • Service Enrollment – If you choose to enroll for one of our Services, we may require, without limitation, your name, address (including country, city and state), telephone number, email address, credit card number, bank account information, Internet Protocol (IP) address, IP range, domain name(s), or web application URL(s). The types of information required to fulfill a Service request depend on the types of Services being requested.

  • Statistical Information about Your Visit – We may collect certain information automatically through our Services or other methods of web analysis, such as your IP address, cookie identifiers, mobile advertising identifiers, and other device identifiers that are automatically assigned to your computer or device when you access the Internet, browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, the amount of time you spend on each page, information about the links you click and pages you view within the Services, and other actions taken through use of the Services such as preferences.

  • Human Resources Data Menlo Security collects Personal Data from current, prospective, and former Employees, their contact points in case of a medical emergency, and beneficiaries under any insurance policy (“Human Resources Data”). The Human Resources Data we collect may include title, name, address, phone number, email address, date of birth, passport number, driver’s license number, Social Security number or other government-issued identification number, financial information related to credit checks, bank details for payroll, information that may be recorded on a curriculum vitae (CV) or application form, language abilities, contact information of third parties in case of an emergency, and beneficiaries under any insurance policy.

We may also collect Human Resources Data such as the need for a leave of absence due to a disability, including mental health, medical leave, and maternity leave; information about national origin or immigration status; and optional demographic information such as race, which helps us achieve our diversity goals. We acquire, hold, use, and process Human Resources-related Personal Data for a variety of business purposes that may include, but are not limited to the following:

  • Workflow management, including assigning, managing and administering projects;

  • Human Resources administration and communication;

  • Payroll and the provision of benefits;

  • Compensation, including bonuses and long-term incentive administration, stock plan administration, compensation analysis, including monitoring overtime and compliance with labor laws, and company recognition programs;

  • Job grading activities;

  • Performance and employee development management;

  • Organizational development and succession planning;

  • Benefits and personnel administration;

  • Absence management;

  • Helpdesk and IT support services;

  • Regulatory compliance;

  • Internal and/or external or governmental compliance investigations;

  • Internal or external audits;

  • Litigation evaluation, prosecution, and defense;

  • Diversity and inclusion initiatives;

  • Restructuring and relocation;

  • Emergency contacts and services;

  • Employee safety;

  • Compliance with statutory requirements;

  • Processing of Employee expenses and travel charges; and

  • Acquisitions, divestitures, and integrations.


  • Surveys: From time to time we may request information from customers via surveys. Participation in these surveys is completely voluntary and the user therefore has a choice whether or not to disclose this information. Survey information will be used for improving our customer service and service offerings.

By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Services, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Menlo Security and the authorized third parties referred to herein located in the United States. 


Other Information:

Non-Identifiable Data: When you interact with Menlo Security through the Services, we receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. Menlo Security may store such information itself or such information may be shared with Menlo Security affiliates, agents, partners or service providers. We may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors' Internet service providers. It is important to note that no Personal Data is available or used in this process.


Cookie  Policy: In operating the Services, we may use a technology called "cookies." A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services. Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For instance, our Site may set a cookie on your browser that allows you to access portions of the Site or Services without needing to remember and then enter a password more than once during a visit to the Site. In all cases in which we use cookies, we will not collect Personal Data except with your permission. On most web browsers, you will find a "help" section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of some of the Service features.


Aggregated Personal Data: In an ongoing effort to better understand and serve the users of the Services, Menlo Security often conducts analysis and research on its customer demographics, interests and behavior based on the Personal Data and other information we collect or receive in connection with the Services or otherwise. This research may be compiled and analyzed on an aggregate basis, and Menlo Security may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. Menlo Security may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes. 


Our Use of Personal Data and Other Information: 

Menlo Security uses the Personal Data you provide in a manner that is consistent with this Privacy Policy.


Business Information

Generally, we use the Personal Data we receive to:

  • Provide the Services, respond to inquiries or send you administrative messages regarding the operation and use of the Services;

  • Personalize and improve the Services;

  • Monitor and analyze usage and trends of the Services;

  • Send communications related to the Services;

  • Provide you with relevant advertisements;

  • Process any transactions initiated by you;

  • For any other purpose for which the information was collected;

  • To meet our legal obligations, for example:

      • For audit and reporting purposes;

      • To perform accounting and administrative tasks;

      • To respond to requests for information by competent public bodies and judicial authorities;

      • To respond to inquiries we receive from you or your company or organization;

      • To enforce or manage legal claims;

  • To deliver advertising and promotional and other communications, including periodically contacting you with offers and information about our products, services, features, and events and sending you newsletters or other information about topics that we believe may be of interest; conducting online surveys; and otherwise promoting our products, services, features, and events; and

  • To deliver targeted advertisements to you, both on and off the Services, including by using cookies, web beacons, and other Internet technologies, as explained in this Policy.


    Human Resources Information


With regard to Personal Data we receive in connection with the employment relationship:

  • we will use such Personal Data only for employment-related purposes as more fully described in this Policy; and

  • if we intend to use this Personal Data for any other purpose, we will provide the individual with an opportunity to opt out of such uses.

When you apply for a role with Menlo Security through our website or otherwise, please see our Candidate Privacy Notice (forthcoming as of May 25, 2018).


Additional uses aligned with our legitimate interests

In addition, we may use your Personal Data for the following purposes for which we have a legitimate interest:

  • Direct marketing

  • Processing for research purposes (including marketing research)

  • Disclosure to affiliated organizations

  • Network and information security (e.g., server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.)

  • Physical security

  • Exercise of the right to freedom of expression or information, including in the media and the arts

  • Enforcement of legal claims including debt collection via out-of-court procedures

  • Prevention of fraud, misuse of services or money laundering

  • Employee monitoring for safety or management purposes

  • Whistle-blowing schemes

  • Processing for historical, scientific or statistical purposes


If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. Menlo Security and its subsidiaries and affiliates (the "Related Companies") may also use your Personal Data and other personally non-identifiable information collected through the Services to help us improve the features and functionality of the Services, to better understand our users and to enhance the Services.


Menlo Security and its affiliates may use this information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to "opt-out" of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing lists, please contact us as indicated below.


If Menlo Security intends on using any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected. 


Our Disclosure of Your Personal Data and Other Information:

Menlo Security is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:


  • Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, asset sale, dissolution or similar event, Personal Data may be part of the transferred assets. 

  • Related Companies: We may also share your Personal Data with our Related Companies for purposes consistent with this Privacy Policy.

  • Agents, Consultants and Related Third Parties: Menlo Security, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function.    

  • Legal Requirements: Menlo Security may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Menlo Security or its customers or business partners, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

  • Menlo Security Supported Blogs and Forums: If you use a blog or forum, or other chat tool on this website, you should be aware that any Personal Data you submit there can be read, collected, or used by other users of those forums, and could be used to send you unsolicited messages. Menlo Security is not responsible for the Personal Data you choose to submit in these forums. You are also responsible for using these forums in a manner consistent with the applicable Terms of Use or other terms and conditions set forth on the relevant forum site. To request removal of your Personal Data from our blog or community forum, please contact us as described below. In some cases, we may not be able to remove your Personal Data, in which case we will let you know that we are unable to do so and why.

  • Testimonials: We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact the Menlo Security Privacy Contact as described below.

  • Social Media Widgets: Our website includes social media features, such as the Facebook “Like” button and widgets, and the ShareThis button or interactive mini-programs that may run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing the feature.

  • Public Profiles: The profile you create on our website will be publicly accessible unless otherwise indicated. You may change the privacy settings of your profile through your account portal.

  • Data Transfers: All Personal Data collected via or by Menlo Security may be stored anywhere in the world, including but not limited to, in the United States, in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers. Your Personal Data may be accessible to law enforcement or other authorities pursuant to a lawful request. By providing information to Menlo Security, you consent to the storage of your Personal Data in these locations.

Specifically, our Website servers are located in the United States, and our third party service providers, including Amazon Web Services (“AWS”), Google Cloud Platform (“GCP”) and partners, operate in the United States and in other countries around the world. This means that when we collect your personal information we may process it in any number of places around the world. Therefore, your personal information may be processed outside the European Economic Area, and in countries which are not subject to an adequacy decision by the European Commission and which may not provide for the same level of data protection in the European Economic Area. In this event, we will ensure that such recipient offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or we will ask you for your prior consent to such international data transfers.

If you would like a copy of our standard contractual clauses or more information on the appropriate safeguards we have implemented with our third party service providers and partners, please reach out to us using the details provided under the “Contact Us” section of this Policy.

Your Choices: 

You can visit the Site without providing any Personal Data. If you choose not to provide any Personal Data, you may not be able to use certain Services. Even if you opt out, we may still collect and use non-Personal Data regarding your activities on our websites and/or information from the advertisements on Third-Party websites for non-interest based advertising purposes, such as to determine the effectiveness of the advertisements. 


  • Email and Telephone Communications


    If you would like to discontinue receiving promotional communications from us, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you.

    Note that even if you opt out, you will continue to receive transaction-related emails regarding products or services you have requested. We may also send you certain communications regarding Menlo Security and our Services and you will not be able to opt out of those communications (e.g., communications regarding updates to our Terms of Service or this Policy, information regarding the security, initial use, expiration, product enhancement or migration of our products or services from this site).


    We maintain telephone “do-not-call” and “do-not-mail” lists as mandated by law. We process requests to be placed on do-not-mail, do-not-phone and do-not-contact lists within sixty (60) days after receipt, or such shorter time as may be required by law. 


  • "Do Not Track” 


    Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Menlo Security does not recognize or respond to browser-initiated DNT signals. For information about “do-not-track”, please visit .


  • Cookies and Interest-Based Advertising 


    You may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser preferences. Please note that cookie-based opt-outs are not effective on mobile applications. However, on many mobile devices, application users may opt out of certain mobile ads via their device settings.


    The online advertising industry also provides websites from which you may opt-out of receiving targeted ads from our data partners and our other advertising partners that participate in self-regulatory programs.


    To be clear, whether you are using our opt-out or an online industry opt-out, these cookie-based opt-outs must be performed on each device and browser that you wish to have opted out. For example, if you have opted out on your computer browser, that opt-out will not be effective on your mobile device. You must separately opt out on each device.





Our website may contain links to other websites for news and other information. Our Policy only applies to the Menlo Security website and we are not responsible for the privacy practices or the content of other websites. You should check the privacy policies of those sites before providing your Personal Data to them. 




You may inquire as to whether Menlo Security is processing Personal Data about you, request access to your Personal Data, and ask that we correct, amend, or delete your Personal Data where it is inaccurate. Where otherwise permitted by applicable law, you may send an email to or use any of the methods set out in this Policy to request access to, receive (port), restrict processing, seek rectification, or request erasure of Personal Data held about you by Menlo Security. Such requests will be processed in line with local laws.


Although Menlo Security makes good faith efforts to provide Individuals with access to their Personal Data, there may be circumstances in which Menlo Security is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary.


If Menlo Security determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, Menlo Security will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Data.



This Privacy Policy does not apply to any Personal Data collected by Menlo Security other than Personal Data collected through the Services. This Privacy Policy shall not apply to any unsolicited information you provide to Menlo Security through the Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Services, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, "Unsolicited Information"). All Unsolicited Information shall be deemed to be non-confidential and Menlo Security shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution. 



Menlo Security does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Menlo Security through the Services, please contact us, and we will endeavor to delete that information from our databases. 


Links to Other Web Sites:

This Privacy Policy applies only to the Services. The Services may contain links to other web sites not operated or controlled by Menlo Security (the "Third Party Sites"). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that Menlo Security endorses or has reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies. 



Menlo Security takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission or digital storage mechanism is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to Menlo Security via the Internet.


Other Terms and Conditions: 

Your access to and use of the Services is subject to the Terms of Service at


Changes to Menlo Security's Privacy Policy:

The Services and our business may change from time to time. As a result, at times it may be necessary for Menlo Security to make changes to this Privacy Policy. Menlo Security reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy. 


Access to Informaton; Contact Us:

To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the Services.


You may update your Menlo Security email subscriptions on the Menlo Security Subscription Center.


Please also feel free to contact us if you have any questions about Menlo Security's Privacy Policy or the information practices of the Services. 


You may contact us as follows:


For more details, please refer to the Menlo Security Cookie Policy.

Image result for official iso 27001 badge