Privacy Policy
Privacy Policy
Effective as of April 21, 2025.
This Privacy Policy describes how Phin Security, Inc. (“Phin,” “we,” “us”) handles personal information that we collect through our website and any other website or services that we own or control and which posts to this Privacy Policy (collectively, the “Website”).
Our Website is designed for businesses and are not intended for personal or household use. Accordingly, we treat all personal information covered by this Privacy Policy, including information about any visitors to our website, as pertaining to individuals acting as business representatives, rather than in their personal capacity.
Phin’s customers may have their own policies regarding the collection, use and disclosure of their employees’ personal information, and Phin is not responsible for our customers’ handling of such information. Phin’s handling of our customers’ employee data is governed by service agreements with our employer-customers. To learn about how a particular customer handles personal information, we encourage you to read the customer’s privacy statement or contact the customer directly.
Personal information we collect
Information you provide to us. Personal information you may provide to us through our Website or otherwise may include:
- Contact details, such as your first and last name, business email, employer, and phone number.
- Communications that we exchange with you, including when you contact us with questions (via the Website, social media, chat features, or otherwise), feedback, to request a demo, or otherwise.
- Profile data, such as the username and password that you may set to establish an online account on the Website, and any other information that you add to your account profile.
- Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
- Other data not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
Third-party sources. We may combine personal information we receive from you with personal information falling within one of the categories identified above that we obtain from other sources, such as:
- Public sources, such as government agencies, public records, social media platforms, and other publicly available sources.
- Data providers, such as data brokers, information services and data licensors.
- Third-party services that you use to log into, or otherwise link to, your account (such as Microsoft). This data may include your username, profile picture and other information associated with your account on that third-party service that is made available to us based on your account settings on that service.
- Customers.
- Service providers that provide services on our behalf or help us operate the Website, related services, or our business.
.Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with our website, our communications and other online services, such as:
- Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers, language settings, mobile device carrier, radio/network information (e.g., WiFi, LTE, 3G), and general location information such as city, state or geographic area.
- Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to our Website, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access.
Cookies and similar technologies. Like many online services, we use the following technologies:
- Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns.
- Local storage technologies, like HTML5 and Flash, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
- Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.
- Chat technologies, such as those provided by HubSpot that employ cookies to operate the chat features that you can use to communicate with us through the Website. HubSpot and other third parties may access and use information about webpages visited on our website, your IP address, your general geographic information (e.g., city, state), and other personal information you share through online chats for the purposes described in this Privacy Policy.
- Session-replay technologies, such as those provided by Mixpanel and Hotjar that employ cookies to record users’ interactions with the Services in a manner that allows us to watch video replays of those user sessions. The replays include users’ clicks, mobile app touches, mouse movements, scrolls and keystrokes during those sessions. These replays help us diagnose usability problems and identify areas for improvement. You can learn more about our session replay providers and their privacy practices at: https://www.hotjar.com/legal/policies/privacy/ and https://mixpanel.com/legal/privacy-policy/.
Our use, retention, deletion, and disclosure of any information received from Google’s APIs will be consistent with the Google API Services User Data Policy, including the Limited Use requirements. We do not sell information associated with your Google account for value, and we only share information associated with your Google account as disclosed in this privacy policy.
How we use your personal information
We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:
Website function and delivery. We use your personal information to:
- Provide information about our Website and related services;
- Operate and improve our Website, provide support, and communicate with you about our Website, including by sending announcements, updates, security alerts, and support and administrative messages;
- Understand your needs and interests, and personalize your experience with our Website and related services, and our communications; and
- Provide support for our Website, respond to your requests, questions and feedback.
- Send you direct marketing communications. You may opt-out of our marketing communications as described in the Opt-out of marketing section below.
Website improvement and analytics. We may use your personal information to analyze your usage of the Website, improve the Website and our business, help us understand user activity on the Website, including which pages are most and least visited and how visitors move around the Website, as well as user interactions with our emails, and to develop new products and services. For example, we may use HubSpot Analytics for this purpose. We may also create aggregated, de-identified or other anonymous data from personal information we collect for service improvement and development purposes. We make personal information into anonymous data by removing information that makes the data personally identifiable to you.
Marketing and advertising. We, our service providers and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:
- Direct marketing. We may send you direct marketing communications and may personalize these messages based on your needs and interests. You may opt-out of our marketing communications as described in the Opt-out of communications section below.
- Interest-based advertising. We and our third-party advertising partners may use cookies and similar technologies to collect information about your interaction (including the data described in the tracking technologies section above) with the Website, our communications and other online services over time, and use that information to serve online ads that they think will interest you. This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms.
Cookies and similar technologies. In addition to the other uses included in this section, we may use the Cookies and similar technologies described above for the following purposes:
- Technical operation. To allow the technical operation of the Website, such as by remembering your selections and preferences as you navigate the site, and whether you are logged in when you visit password protected areas of the Website.
- Functionality. To enhance the performance and functionality of our Website and related services.
- Advertising. To help our third-party advertising partners collect information about how you use the Website and other online services over time, which they use to show you ads on other online services they believe will interest you and measure how the ads perform.
- Analytics. To help us understand user activity on the Website, including which pages are most and least visited and how visitors move around the Website, as well as user interactions with our emails.
Events, promotions and contests. We may use your personal information to:
- administer promotions and contests;
- communicate with you about promotions or contests in which you participate; and
- contact or market to you after collecting your personal information at an event.
Compliance and protection. We may use your personal information to:
- Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- Audit our internal processes for compliance with legal and contractual requirements and internal policies;
- Enforce the terms and conditions that govern our Website; and
- Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
Further uses. In some cases, we may use your personal information for further uses, in which case we will ask for your consent to use of your personal information for those further purposes if they are not compatible with the initial purpose for which information was collected.
How we share your personal information
We may share your personal information with:
Service providers. Companies and individuals that provide services on our behalf or help us operate our Website, related services, or our business (such as hosting, professional services, chat providers, information technology, payment processors, customer support, email delivery, and website analytics services).
Advertising partners. Third-party advertising companies for the interest-based advertising purposes described above.
Third parties designated by you. We may share your personal information with third parties where you have instructed us or provided your consent to do so.
Linked third-party services. If you log into the Service with or otherwise link your Service account to a third-party service, we may share your personal information with that third-party service. The third party’s use of the shared information will be governed by its privacy policy and the settings associated with your account with the third-party service.
Partners. Third parties with whom we partner, including parties with whom we co-sponsor events or promotions, with whom we jointly offer products or services, or whose products or services may be of interest to you.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Phin or our affiliates (including, in connection with a bankruptcy or similar proceedings).
Your choices
You have the following choices with respect to your personal information.
Access or update your information. If you have registered for an account with us through the Website, you may review and update certain account information by logging into the account.
Cookies. Most browser settings let you delete and reject cookies placed by websites. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, you may not be able to use all functionality of our Website and it may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Local storage. You may be able to limit use of HTML5 cookies in your browser settings. Unlike other cookies, Flash-based local storage cannot be removed or rejected via your browser settings, but you can adjust the settings of your Flash player to block it. Blocking Flash storage may impede the functionality of Flash applications, including those employed by our services. For more information on Flash local storage visit https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
Opt-out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at support@phinsecurity.com.
Advertising choices. You can limit use of your information for interest-based advertising by:
- Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
- Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
- Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, DuckDuckGo, Ghostery or uBlock Origin, and configuring them to block third party cookies/trackers.
- Advertising industry opt-out tools. You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies:
- Digital advertising Alliance: http://optout.aboutads.info
- Network Advertising Initiative: http://optout.networkadvertising.org/?c=1
Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt-out on every browser and device that you use.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Delete or close your account. If you wish to request to close your account, please contact us.
Declining to provide information. We need to collect personal information to provide certain services. If you do not provide the information we identify as required or mandatory or later request that we delete it, we may not be able to provide those services.
Other sites and services
We may offer links to websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or online services operated by third parties, and we are not responsible for their actions.
Security
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, no security measures are failsafe and we cannot guarantee the security of your personal information.
International data transfer
We are headquartered in the United States and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country. By continuing to use the Website and related services, you agree with and consent to such transfer.
Children
Our services are not intended for use by children under 18 years of age. If we learn that we have collected personal information through our services from a child under 18 without the consent of the child’s parent or guardian as required by law, we will delete it.
Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on our website. Any modifications to this Privacy Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of our Website and related services after the effective date of any modified Privacy Policy indicates your acceptance of the modified Privacy Policy.
How to contact us
You can reach us at privacy@phinsecurity.com.