Penteor Labs Limited ("Penteor") collects and processes personal data via the www.penteor.com website ("Website"). This privacy notice is designed to inform you about the data we collect, what we use it for and your rights regarding the use of this data.

Who is Penteor?

Penteor provides cyber security services to a wide range of organizations. We are committed to protecting the personal data we hold.

Personal data

Under the EU’s General Data Protection Regulation ("GDPR") personal data is defined as: "any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” From time to time, Penteor may update this privacy notice to reflect changes to the personal data we process or for other operational, legal, or regulatory reasons. The date at the bottom of this notice indicates when the notice was last updated.

Why does Penteor collect and process personal data?

We collect personal data to offer and administer our services and products.

The data you provide to us will be processed in accordance with the purposes specified in this notice, namely:

• To provide the products or perform the services requested by clients and individuals (where the processing is necessary for our legitimate business interests in conducting and managing our business)
• For complying with obligations provided by laws, current regulations and UK or European legislation (e.g. tax regulations) (where processing is based on a legal obligation)
• For legitimate business purposes to advise you through e-mail, phone call, or post, in the framework of our ordinary commercial relationship, about other products or services similar to the products or services we have provided to you and that we think will be of interest to you (where the processing is necessary for our legitimate business interests)
• For marketing purposes. For example, we may use your information to further discuss your interest in the Services and to send you information regarding Penteor such as information about promotions, events, products or services.
• If you are located in the UK or EU, we will only send you marketing communications and updates about our products, services and events with your prior consent, or based on our and your legitimate interests. In either case, you can withdraw your consent or opt-out or receiving such communications at any time.
• If you are not located in the UK or EU, you may opt-out of receiving marketing communications and updates at any time.
• You can manage your receipt of marketing and non-transactional communications by clicking on the «unsubscribe» link located on the bottom of Penteor’s marketing emails, or you may send a request to our contact form.
• For improving Penteor’s communications with you. Emails sent to you by Penteor may include standard tracking, including open and click activities. Penteor may collect information about your activity as you interact with our email messages and related content.
• For security purposes. For example, we may use your data to protect Penteor and its third parties against security breaches and to prevent fraud and violation of Penteor’s applicable agreements (where the processing is necessary for our legitimate business interests).
• To assist in the monitoring of the website, enrich your user experience, and display relevant digital advertising, this data also includes online identifiers including IP addresses and web cookies.

Penteor is committed to ensuring that the information we collect, and use is appropriate for these purposes and does not constitute an invasion of your privacy.

Whenever Penteor processes your personal data for its legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object to this processing if you wish.

What personal data do we process?

The personal data we may collect and process relating to you through your use of this website includes:

• Name and job title
• Company name
• Email address
• Telephone number
• Postal address
• IP address
• Browser ID
• Marketing communication preferences

Any additional personal data that you chose to share with us will also be processed.

Clients and other Third parties who provide personal information to Penteor must do so in compliance with applicable data privacy regulations.

How data is processed

Personal data is processed both manually and electronically in accordance with the above-mentioned purposes and in compliance with current regulations. We permit only authorized Penteor employees and Third-Party processors to have access to your information. Such employees and Third-Party processors are appropriately designated and trained to process data only according to the instructions we provide them.

Storage of Personal Data and Retention Period

Penteor will process and store your personal data only as long as necessary to fulfil the purpose that the data was collected for, taking into account legitimate business needs to capture and retain such information. Information will also be retained for a period necessary to comply with state, local, federal regulations, or country specific regulations and requirements, and in accordance with Penteor’s Document Retention Schedule.