Privacy Policy

PerimeterOne LLC ("PerimeterOne," "we," "us," or "our") is committed to protecting the privacy and security of every individual who interacts with our platform, website, and services. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at perimeterone.com (the "Site") or use any PerimeterOne product or service (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our Services immediately.

1. Information We Collect

1.1 Information You Provide Directly

• Contact Information — name, email address, phone number, and company name when you subscribe, request a demo, or contact us
• Account Credentials — username and encrypted password hash if you create an account
• Communications — any messages, feedback, or support requests you send to us
• Payment Information — billing details processed through our PCI-DSS-compliant payment processor; we do not store raw credit card numbers

1.2 Information Collected Automatically

• Device & Browser Data — IP address, browser type, operating system, device identifiers, and screen resolution
• Usage Analytics — pages visited, time on page, click paths, referral source, and session duration
• Cookies & Tracking Technologies — see Section 5 below for detailed cookie disclosures
• Log Data — server logs recording access timestamps, request URLs, and response codes

1.3 Information from Third Parties

We may receive information about you from third-party analytics providers, advertising networks, or publicly available sources to supplement the data we collect directly.

2. How We Use Your Information

We process your information exclusively for the following purposes:

• Service Delivery — to operate, maintain, and improve the PerimeterOne platform and deliver the security services you request
• Security & Threat Intelligence — to detect, prevent, and respond to fraud, abuse, and security incidents across our infrastructure
• Communications — to send transactional emails, security alerts, product updates, and (with your consent) marketing communications
• Analytics & Improvement — to analyze usage patterns, diagnose technical issues, and improve our Services
• Legal Compliance — to comply with applicable laws, regulations, and legal processes

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data under the following legal bases:

• Consent — where you have given explicit consent (e.g., marketing emails, non-essential cookies)
• Contract Performance — where processing is necessary to deliver Services you have requested
• Legitimate Interest — where processing is necessary for our legitimate business interests (e.g., security monitoring, fraud prevention), balanced against your rights
• Legal Obligation — where processing is required to comply with applicable law

4. Data Sharing & Disclosure

We do not sell your personal information. We may share your data only in the following circumstances:

• Service Providers — trusted third-party vendors who process data on our behalf under strict contractual obligations (e.g., hosting, analytics, payment processing)
• Legal Requirements — when required by law, subpoena, court order, or governmental request
• Business Transfers — in connection with a merger, acquisition, or sale of assets, with notice to affected users
• Security Purposes — to protect the rights, property, or safety of PerimeterOne, our users, or the public

5. Cookies & Tracking Technologies

We use the following categories of cookies:

• Strictly Necessary — required for the Site to function (session management, security tokens). These cannot be disabled.
• Analytics & Performance — help us understand how visitors interact with the Site (e.g., Google Analytics). Deployed only with your consent.
• Functional — remember your preferences and settings to enhance your experience

You can manage your cookie preferences at any time through our cookie consent banner or by adjusting your browser settings. Note that disabling certain cookies may affect Site functionality.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. When data is no longer needed, we securely delete or anonymize it using industry-standard methods.

7. Data Security

As a cybersecurity company, we hold ourselves to the highest standards of data protection:

• All data in transit is encrypted using TLS 1.3
• All data at rest is encrypted using AES-256
• Zero-plaintext architecture — sensitive data is never stored in cleartext
• Access controls enforce least-privilege principles across all systems
• Regular penetration testing and security audits by independent third parties
• Incident response procedures aligned with NIST Cybersecurity Framework

While no system is 100% impenetrable, we employ defense-in-depth strategies to minimize risk.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate or incomplete data
• Erasure — request deletion of your personal data ("right to be forgotten")
• Restriction — request that we limit processing of your data
• Portability — request your data in a structured, machine-readable format
• Objection — object to processing based on legitimate interests or direct marketing
• Withdraw Consent — withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at privacy@perimeterone.com. We will respond within 30 days (or the timeframe required by applicable law).

8.1 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete, and the right to opt out of the sale or sharing of personal information. We do not sell personal information.

9. International Data Transfers

Your data may be transferred to and processed in the United States or other jurisdictions where our service providers operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your data during cross-border transfers.

10. Children’s Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we learn that we have collected data from a child under 16, we will delete it promptly. Contact us if you believe we have inadvertently collected such data.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the Site at least 30 days before they take effect. Your continued use of the Services after the effective date constitutes acceptance of the revised policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

• Email: privacy@perimeterone.com
• Mail: PerimeterOne LLC, 8 The Green, Suite A, Dover, DE 19901