Introduction

At RipRap Security, we take the privacy and security of your information seriously. This privacy statement (“Privacy Statement”) will explain how RipRap Security, LLC ("RipRap Security", "we", "our", "us") handles your personal data. "Personal Data," as used in this Privacy Statement, is information that identifies or can reasonably be linked directly or indirectly to an identifiable person. The privacy practices and standards detailed in this Privacy Statement apply to all data subjects globally, unless specifically noted otherwise.

This Privacy Statement applies to the RipRap Security websites ("Websites") and additional software products and services; collectively "Services."

Here is a summary of what’s found in this page:

• We do not sell or share any customer information or other contact information we may collect as a part of our marketing or sales efforts.

• We are happy to provide a copy of what data we have collected on an individual, upon request to info@riprapsecurity. We are also happy to remove the data we’ve collected about you at your request.

• We leverage industry best practices around data encryption, data loss prevention, and data hygiene to protect information about our customers. We implement the same security technologies, policies, and protocols that we recommend to our customers

What Personal Data does RipRap Security collect about me?

The categories of Personal Data collected by RipRap Security change depending on the Services you use and whether those Services are free or paid. We have described below which Services correlate with the processing in each Personal Data category.

Information You Provide Directly

We collect the Personal Data you provide to us, for example:

Account Information: When you register for an account with RipRap Security, we collect information that identifies you such as your name, username, email address and password. 

Profile Information: We collect information that you voluntarily provide in your user profile; this may include your public avatar (which may be a photo), additional email addresses, company/organization name, job title, country, social media handles, and biography. Please note this information may be visible to other users of the Services and to the public depending on the privacy setting you apply. 

Payment Information: If you purchase a service or product from RipRap Security, we will collect payment information from you that may include your name, billing address and credit card or bank information. We may also use your credit card information to verify your identity and prevent abuse of our pipelines. Please note that RipRap Security does not directly process or store your entire credit card number, but we do direct that information to our third-party payment processors for processing. 

Marketing Contact Information: If you request RipRap Security to contact you, or sign up for marketing materials or events, RipRap Security may collect information such as name, address, email address, telephone number, company name, and size of company. 

Licensee Information: We collect licensee name, email address, and similar information associated with the individual that receives a license or subscription key.

Content you provide through the use of the Services: Examples of content we collect and store include information posted in our online training course program as well as other data collected via forms.

Customer Support and Professional Services: If you contact RipRap Security customer support or receive professional services, we will collect information about you related to your account and to the requests you are making or the services being provided. 

Call Recordings: We may record and transcribe sales calls hosted on various videoconferencing technologies to enable our sales and support teams to share conversational insights, create training and presentations, and improve their internal processes.

Other Content You Submit: We may also collect other content that you submit to our Services. For example: feedback, comments and blog posts, or when you participate in any interactive features, surveys, contests, promotions, prize draws, activities or events. When you participate in interactive channels, we may collect and process information for demographic analysis. Such collection is not tied to any specific products, but may be collected through the Websites.

Information About Your Use of the Services We Collect Automatically

We may collect certain Personal Data automatically through your use of the Services, for example:

Device Information and Identifiers: When you access and use our Services, we automatically collect information about your device, which may include: device type, your device operating system, browser type and version, language preference, IP address, hardware identifiers, and mobile IDs. This information may be collected through any use of the Services.

Subscription Data: We may automatically collect information about subscription usage activity including status, progress, IP address.

Events Data: RipRap Security also uses event analytics, such as browsing duration, page clicks and page views, in a pseudonymized form to gain insights into end-to-end user behavior. 

Website Usage Data: When you visit our Websites, we automatically log information about how you interact with the sites, such as the referring site, date and time of visit, and the pages you have viewed or links you have clicked.

Cookies and Similar Tracking Technologies: RipRap Security uses cookies and similar technologies to provide functionality, such as storing your settings, and to recognize you as you use our Services. In addition, we use cookies to gather information to provide interest-based advertising which is tailored to you based on your online activity. Please review our Cookie Policy to learn about our practices and the controls we provide you.

Email marketing: When we send you emails, they may include technology such as a web beacon, that tells us your device type, email client, and whether you have received and opened an email, or clicked on any links contained in the email.

Buttons, tools, and content from other companies: The Services may include links or buttons to third-party services such as LinkedIn and Twitter. We may collect information about your use of these features. In addition, when you see or interact with these buttons, tools, or content, some information from your browser may automatically be sent to the other company. Please read that company’s privacy statement for more information.

Information from Third-Parties and Partners

We may collect Personal Data from other parties in the following ways:

Third-Party sign-in services: RipRap Security allows you to sign up for/in to our Services using third-party accounts, such as Facebook or Google. When you give permission for this to happen, RipRap Security will receive information about you from your third-party account, such as name, email address, location and demographic information.

When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain products or features, those products or features may not be available or function correctly.

What Personal Data is Not Collected by RipRap Security?

RipRap Security does not intentionally collect sensitive Personal Data, such as social security numbers, genetic data, health information, or religious information. Although RipRap Security does not request or intentionally collect any sensitive Personal Data, we realize that users might store this kind of information in a RipRap Security service or Website.

If you are a child under the age of 13, you may not have an account. With the exception of Educational Licenses, RipRap Security does not knowingly collect information from, or direct any of our Services to, children under 13. If we learn or have reason to suspect that a user is under the age of 13, we will close the child's account.

How Does RipRap Security Use My Personal Data?

RipRap Security uses your Personal Data for the following purposes:

• To create your account, identify and authenticate your access to the Services and provide you with the Services you have requested;

• To process your payment for the Services you have purchased;

• To understand how our Services are used and to improve our Services;

• To provide personalized experiences;

• To conduct user research and development;

• To send you important information about the Services;

• To send you information you have requested;

• To send you advertising, marketing content, offers, promotions, newsletters, surveys or other information;

• To provide you a forum to comment on or discuss the Services;

• To create digital productions and manage events;

• To provide trainings and learning opportunities;

• To enable partners to register and track deals;

• To provide workload and code review recommendations through machine-learning;

• To respond to your requests for customer support;

• To improve the security of and troubleshoot our Services, as necessary to perform the contract governing your use of our applications or to communicate with you;

• To detect, prevent, or otherwise address fraud and abuse to protect you, RipRap Security, and third-parties;

• To enforce the legal terms that govern our Services;

• To comply with our legal obligations;

• To protect the rights, safety and property of RipRap Security, you, or any third-party; and

• For other purposes, for which we obtain your consent.

Legal Basis for the Processing of your Personal Data

When our processing is subject to international laws, including but not limited to the General Data Protection Regulation ("GDPR") that governs individuals located in the European Economic Area ("EEA"), we collect and process your Personal Data using one or more of the following legal bases set out by applicable law:

Performance of a contract: We use your Personal Data to provide the Services you have subscribed to, and to complete and administer the contract you have entered into with RipRap Security.

Legitimate Interests: We use your Personal Data for our legitimate interests, such as to provide you with relevant content, communicate with business leads, improve our products and services, and for administrative, security, fraud prevention and legal purposes. You may object to the processing of your Personal Data for these purposes at any time.

Consent: We may use your Personal Data, with your consent, for specific purposes such as marketing, surveys, call recordings, and research. You may withdraw your consent for the specific purpose or object to the processing of your Personal Data at any time.

Compliance with a Legal Obligation: We may use your Personal Data in connection with legal claims, regulatory compliance, and audits.

With Whom does RipRap Security share my Personal Data?

We may share each of the categories of Personal Data we collect with the types of third-parties described below, for the following business purposes:

Sharing with Service Providers: We share your Personal Data with our service providers. These are companies who provide services on our behalf, such as hosting our Services, marketing, advertising, social, analytics, support ticketing, credit card processing, security and other such similar services. These companies are subject to contractual requirements that govern the security and confidentiality of your information.

For example, we use analytics providers, such as Google Analytics, to help us understand the operation and performance of our Services. To learn about how Google uses and shares data it collects through its services, please visit https://www.google.com/policies/privacy/partners/. 

Sharing with Partners and Resellers: RipRap Security works with third-parties who provide sales, consulting, support and technical services for our Services. Where permitted and with your consent (if required), we may share your data with these partners and resellers.

Sharing for Fraud and Prevention Abuse: We may share your information when we have a good faith belief that the disclosure is necessary to prevent fraud, abuse of our services, defend against attacks, and to protect the safety of RipRap Security and our users.

Law Enforcement: RipRap Security may disclose Personal Data or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third-parties or the public at large.

Merger or Acquisition: We may share your Personal Data if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of your Personal Data, and we will notify you on our website or by email before any transfer of your Personal Data.

Sharing Personal Data across national borders

Our Services are hosted in the United States and information we collect will be stored and processed on our servers in the United States. Our employees, contractors, affiliated organizations, service providers, and sub-processors that process Personal Data may be located in the United States or other countries outside of your home country. If you reside in the EEA, United Kingdom, or Switzerland, and we transfer information about you to a jurisdiction that has not been found by the European Commission to have adequate data protections, we will use available safeguards and legal mechanisms to help ensure your rights and protections, including using Standard Contractual Clauses or obtaining your consent.

How does RipRap Security Secure my Personal Data?

We work hard to protect your Personal Data. We employ administrative, technical, and physical security controls where appropriate, to protect your information. 

Data Retention

In order to protect your Personal Data, RipRap Security will only retain your Personal Data for as long as your account is active or as needed to perform our contractual obligations, provide you the Services, comply with legal obligations, resolve disputes, preserve legal rights, or enforce our agreements.

RipRap Security reserves the right to delete data. If we plan to delete your account or projects, we will provide advance notice by sending a message to the email address registered to your account. RipRap Security encourages you to utilize your account on occasion to avoid the risk of being deemed inactive.

What are my rights and choices regarding Personal Data?

You have the right to access, correct, restrict or delete your Personal Data, and to port your Personal Data to another company. While these rights may vary by jurisdiction, RipRap Security provides you with the same rights and choices, no matter where you live. We provide these rights free of charge unless your requests are manifestly unfounded and excessive.

You may exercise your choices and rights as follows:

To opt out of email marketing: You may opt-out of email marketing by clicking the “unsubscribe” link located at the bottom of any marketing email you receive. You may continue to receive transactional email messages about your account and the Service after you have unsubscribed.

To opt-out of Interest-based advertising: If you wish to opt-out of interest-based advertising, please visit the Cookie Policy to see your options.

Request a copy of your information: You may request a copy of the Personal Data that RipRap Security has about you by contacting Info@RipRapSecurity.com.

Update your Information: If you already have an account, you may access, update, or alter your user profile information by logging into your account and updating profile settings.

To delete your Account: If you only want to delete your account, please contact us at Info@RipRapSecurity.com.

To inform your Supervisory Authority: In the unlikely event you disagree with our handling of your request, you have the right to file a complaint with the competent supervisory authority in your jurisdiction.

California Privacy Rights

What is Provided under the California Consumer Privacy Act ("CCPA")?

Pursuant to the California Consumer Privacy Act ("CCPA"), RipRap Security or our service providers may have collected, in the preceding twelve months, the following categories of Personal Information for business or commercial purposes: Identifiers (such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers); financial information (such as credit card number, debit card number or any other financial information); commercial information (such as records of products or services purchased, obtained, or considered); internet or other electronic network activity information, including browsing history and search history; geolocation data; professional or employment-related information; and inferences about preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.

RipRap Security collects personal data for the following business or commercial purposes: auditing interactions with consumers, detecting security incidents, debugging, contextual customization of ads shown during consumer interactions, internal research, maintaining quality and safety, providing customer service, maintaining or servicing customer accounts, verifying customer information, communicating with customers, and processing payments.

California Privacy Rights

You are entitled to certain rights as a California resident, such as disclosure of the categories and specific pieces of Personal Information that we have collected from you in the preceding 12 months, details about our processing of your Personal Information, as previously described in this Privacy Statement, and the right to delete your Personal Information. You also have the right to non-discrimination of service or price if you exercise your privacy rights, and RipRap Security will not deny providing you with the Services or charge you different prices if you exercise your rights.

You have the right to know whether your Personal Information is sold and to opt-out of the sale of your Personal Information. While we do not believe we sell your Personal Information, the CCPA and the forthcoming CPRA could interpret a sale of Personal Information to be the transmission of cookie identifiers and browsing behaviors to third-parties for interest-based advertising. Subject to certain uses of the Services, we may share such Personal Information with third-parties, which may be considered a sale. You may opt-out of interest-based advertising based on your browser by using our Cookie control mechanisms on our website. You may exercise all other CCPA rights as described in the "Rights and Choices" section of this Privacy Statement.

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us. To provide or delete specific pieces of Personal Information we will need to verify your identity to the degree of certainty required by law. 

Other important privacy information

Statement Changes

RipRap Security may change its Privacy Statement from time to time. When we do, we will update the date at the top of this Statement. If we decide to make a significant change to our Privacy Statement, we will post a notice of the update on the homepage of our Website. We may also provide notification via email of any material changes to our Privacy Statement.

Contact Us

Your information is controlled by RipRap Security, LLC. If you have questions or concerns about the way we are handling your Personal Data, please email us with the subject line "Privacy Concern" at Info@RipRapSecurity.com.

Cookie Policy

This Cookie Policy supplements the information contained in our Privacy Policy and explains how we use cookies and related technologies to manage and provide our RipRap Security websites, products and services; collectively referred to as the "Services."

Cookies are small text files placed on your computer. Pixels are small amounts of code on a web page or in an email that provide a method to deliver content, such as a graphic image on a webpage.

Why do we use Cookies?

RipRap Security uses cookies to:

• Help you to access and use the Services;

• Understand how visitors use and engage with our Services;

• Set your preferences;

• Deliver relevant interest-based advertising;

• Understand if you have opened an email and acted upon it; and

• Analyze and improve our Services.

Who sets Cookies on RipRap Security?

Cookies are sometimes placed by RipRap Security, known as first-party cookies, and sometimes third-party cookies are set by our service providers, such as Google Analytics who provides analytics and interest-based advertising. When third-party cookies are set by service providers, they are providing a service or function to RipRap Security, as well as achieving the service provider's own purposes. RipRap Security cannot control how third-party cookies are used. You can review Google Analytics' available opt-outs, including the Google Analytics Browser Ad-On by visiting: https://tools.google.com/dlpage/gaoptout/.

How do I manage my Cookies?

With the exception of "strictly necessary" cookies that are essential for the Services to operate, you will be able to opt-in, opt-out, or adjust your cookie preferences for all other cookie categories. Please note that disabling some cookies may cause certain features of the Services to not function properly. 

Most web browsers also allow you to delete cookies already placed, which may delete the settings and preferences controlled by those cookies, including advertising preferences. You can find instructions to remove any cookies that have been created in the cookie folder of your browser at https://allaboutcookies.org/manage-cookies/.

Do Not Track Signals

"Do Not Track" (DNT) is a privacy preference you can set in your web browser to indicate that you do not want to be tracked. RipRap Security responds to DNT signals and respects a user's track preference expression for client-side events.

Self-Regulatory programs

Service providers may participate in self-regulatory programs that provide ways to opt out of analytics and interest-based advertising, which you can access at:

• United States: NAI (http://optout.networkadvertising.org) and DAA (http://optout.aboutads.info/)

• Canada: Digital Advertising Alliance of Canada (https://youradchoices.ca/)

• Europe: European Digital Advertising Alliance (http://www.youronlinechoices.com)

Web beacons

Most email clients have settings which allow you to prevent the automatic downloading of images, which will disable web beacons in the email messages you read.

Mobile Advertising IDs

On mobile devices, advertising IDs provided by the platform may be collected and used similar to cookie IDs. You may use the controls on iOS and Android operating systems that allow you to limit tracking and/or reset the advertising IDs.

What types of Cookies do we use?

RipRap Security utilizes four categories of cookies: strictly necessary cookies, functional cookies, performance and analytics cookies, as well as targeting and advertising cookies.