Privacy Policy

Last Updated: May 30, 2024

Xage Security, Inc., including its affiliates and subsidiaries (“Xage Security,” “we,” “our,” or “us”), values your privacy. Xage Security is a leader in zero trust access and protection and is primarily a business-to-business entity servicing various industries, including in critical infrastructure and other industrial operations.

This Privacy Policy (“Policy”) describes how Xage Security collects, uses, discloses, and otherwise processes personal information described in this Policy, as well as the rights and choices individuals have regarding such personal information. For additional information about the privacy choices you have regarding your personal information, please review the Your Privacy Choices section below. 

By using our Services (as defined below), you agree that your personal information will be handled as described in this Policy. Your use of our Services and any dispute over privacy, is subject to this Policy and the applicable End User License Agreement or Professional Services Terms (as amended from time-to-time), all of which are available at https://xage.com/business, as stated in the order form, proof of concept playbook, or purchase order through which you obtain Services. 

Table of Contents

  1. Scope
  2. Personal Information Collected
  3. Purposes for Collection and Processing
  4. Disclosures of Personal Information
  5. Cookies and Other Tracking Mechanisms
  6. Your Privacy Choices
  7. External Links and Features
  8. International Transfers
  9. Children’s Privacy
  10. Security
  11. Changes to this Policy
  12. Contact Us
  13. Governing Law and Venue

Scope 

Except as otherwise described below, this Policy applies to our online and offline personal information processing activities including, but not limited to: visitors of our website where this Policy is posted, including https://xage.com and/or our support portal, https://support.xage.com (the “Site”); any individuals who sign up for, or access and use certain features, products, solutions, applications, or services we offer, including Xage’s proprietary Fabric; individuals who register for or participate in our events, surveys, research, or promotions; individuals who download our content; individuals who subscribe to receive news, information, and marketing communications and other materials from us; current, former, and prospective business customers, and service providers; and individuals who communicate or otherwise interact or engage with us or the features, products, solutions, applications, or services available through our Site or other online services (collectively referred to as the “Services”).

Additional Notices. Depending on how you interact or engage with us, we may provide you with additional or supplemental privacy notices with additional details about our privacy practices. These additional notices will control to the extent there is a conflict with this Policy, with respect to your personal information that is subject to that additional notice.

Personal Information Collected

We collect personal information directly from you, from third-party sources and software tools, and automatically through your use of the Services. To the extent permitted by applicable law, we may combine the personal information we collect from publicly available or third-party sources.

Personal Information Collected Directly. While the personal information we collect varies depending upon your use of our Services and our interactions with you, in general, we may collect the following personal information directly from you:

  • Contact Information. When you contact us, including if you send us a message, downloading forms we present, sign up to learn more about our Services, or request a demo of certain products or solutions, we may collect your name, email address, phone number, or other similar identifiers, as well as your message, the nature of your inquiry, and any other information you so choose to provide.
  • Profile Information. Certain aspects of our Services may require that you create an account or profile with us. When you sign in or create an account in connection with our Services, we may collect your name, email address, phone number, username and password, as well as any other information used in connection with accessing your account or that you otherwise submit to us through your account. 
  • Communications and Interactions. When you email, call, chat, or otherwise communicate or interact with us, including if you sign up for our mailing lists, complete forms on our Site, interact with our social media pages, post a review or testimonial, submit content in any online discussion groups, or otherwise enter information into public-facing comment fields, blogs, or community forums sponsored by or affiliated with Xage Security, we may collect and maintain records of your contact details, communications and interactions, your posts or submissions, and our responses, if applicable. We may also collect any information you submit through our chat functions we make available through the Services, and we may also maintain communication records regarding information provided to us related to any customer support requests.
  • Promotional Information. If you agree to receive marketing communications from us, we may collect your contact details, preferences, and if relevant, information about your account and profile, including the Services and features you use. 
  • Offers and Rewards. In some circumstances, we may make available certain programs, offers, rewards, discounts, or promotions within our Services. As part of these offers and rewards, we may collect certain contact details, and any other information that may be required by applicable law. If you win a promotion, contest, or other similar reward (for example, by registering for and attending a webinar we host or sponsor), we may also collect certain tax information and/or waivers and releases, depending on the prize and as required by applicable law.
  • Responses and Feedback. If you participate in surveys, questionnaires, or research conducted by us, such as for market research, user satisfaction, or other similar purposes, we may collect your responses and feedback, and any other information you choose to provide.
  • Events and Registration Details. We also may collect personal information related to your participation in our events, as well as other requests that you submit to us related to our Services. For example, if you register for or attend an event, webinar, or demo that we host or sponsor, we may collect information related to your registration for and participation in such event. 
  • Professional Information. If you sign up or apply for our Xage Security Partner Program, we may collect certain personal and professional contact details such as name, email address, and phone number, account and profile information, company or professional-related information including company name, job title, and other similar information related to your registration for, or participation in, these programs. 
  • Preferences and Other Requests. We also may collect information about your preferences, including communications preferences, preferences related to your use of our Services, and any other preferences or requests you provide when interacting with us.
  • Business Development Information. To assess and pursue potential business opportunities, we may collect personal information about current, former, and prospective business partners, and vendors and service providers, including contact information and other similar identifiers, company and professional-related information, and communications records.

Personal Information Collected from Third Parties. We may also collect and receive certain personal information about you from third party sources, such as from business partners, data analytics and marketing providers, Internet service providers, operating systems and social media platforms, public databases, customers and other Xage Security users, and service providers or others who provide services or perform functions on our behalf. For example, we may collect your name, contact details, and other similar information from business partners and service providers for purposes of providing our Services. In addition, we may collect the following information from third-party sources:

  • Social Media Information. While using our Services, you may choose to interact with certain social media platforms or social networking websites. If you interact with such platforms and websites through our Services, we may collect or receive personal information about you that you have provided to that platform and/or website. For example, we may collect information related to your account and profile, such as your name, username, email, profile picture, public postings, and other similar information available on your social media profile. You should check your privacy settings on each platform and/or website to better understand how your personal information may be used, disclosed, or otherwise processed by these third parties.
  • Prospective Buyer and Service User Information. We may receive prospective Buyer information from third parties regarding potential customers that may be interested in our Services. We may make available the ability for you to access, register for, or otherwise interact, engage, or connect with the Services through certain third-party features or integrated services. By accessing our Services via these third-party connections or integrated services, we may collect or obtain certain personal information about you related to your use of such third-party connections or integrated services.  We may also engage with third parties to enhance or update our customer information.
  • Referral Information. We may offer you the ability to refer other users to access or use our Services. In doing so, we may collect and receive certain personal information about you, such as contact details and other similar identifiers, including from other current or prospective Xage Security customers who similarly engage in these activities.

Personal Information Collected Automatically. We and our third-party providers may automatically collect or derive personal information about you related to your use of our Services, including through the use of cookies, pixel tags, and other similar technologies. The personal information we and our providers may automatically collect includes:

  • Device and Browsing Information. When you use our Services, we may collect browser type, domain name, page views, access times, date/time stamps, operating system, language, device type, unique ID, Internet service provider, referring and exiting URLs, clickstream data, and other similar device and browsing information.
  • Activities and Usage. We also may collect activity information related to your use of the Services, such as information about the links clicked, searches, features used, items viewed, time spent within the Services, your interactions with us within the Services, and other similar activity and usage information.
  • Location Information. We also may collect or derive general location information about you, such as through your IP address. Further, with your permission, we may collect geolocation information from your device. You may turn off location data sharing through your device settings.

For more information about our use of cookies and other similar technologies, please see the Cookies and Other Tracking Mechanisms section below.

 

Purposes for Collection and Processing

Generally, we may collect, use, disclose and otherwise process the personal information we collect for the following purposes:

  • Services and Support. To provide and operate our Services, manage your account, communicate with you about your use of the Services, provide troubleshooting and technical support, and for similar support purposes, respond to your inquiries, fulfill your requests, and to otherwise run our day-to-day operations.
  • Analytics and Improvement. To better understand how users access and use the Services, and for other research and analytical purposes, such as to evaluate and improve the Site, our Services, and business operations, including to develop our Services and its features, and for internal quality control and training purposes.
  • Communication. To respond to your questions, send you requested materials and newsletters, as well as information and materials regarding our Services and our offerings. We may also use this information to send administrative information to you, for example, information regarding the Services and changes to our terms, conditions, and policies.
  • Customization and Personalization. To tailor content we may send or display on the Services, including to offer location customization and to otherwise personalize your experiences and offerings.
  • Marketing and Advertising. For marketing, advertising, and promotional purposes. For example, to send you promotional information about our Services, including information about sales, discounts, and new offerings, as well any other information that you sign up to receive.
  • Research and Surveys. To administer surveys and questionnaires, such as for market research or user satisfaction purposes.
  • Insight Development and Data Enhancement. We may combine personal information collected through the Services with other information that we or third parties collect about you in other contexts for insight development and data enhancement purposes. In most cases, the information that we may combine with the personal information collected through the Services for market research, such as demographic information, does not directly identify users.
  • Planning and Managing Events. For event planning and other management-related purposes, such as event registration and attendance, connecting you with other event attendees and users, and contacting you about relevant events, webinars, and presentations. We may also use personal information for purposes of facilitating events, contests, and promotions, which have their own specifical rules to participate.
  • Security and Protection of Rights. To protect the Services and our business operations, our rights and those of our stakeholders and investors, to prevent and detect fraud, unauthorized activities and access, and other misuse of our Site and Services, including where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms and Conditions. 
  • Compliance and Legal Process. To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding, to respond to a subpoena, warrant, court order, or other legal process, or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.
  • Auditing, Reporting, and Other Internal Operations. To conduct financial, tax and accounting audits, audits and assessments of our operations, including our privacy, security and financial controls, as well as for risk and compliance purposes. We may also use personal information to maintain appropriate business records and enforce our policies and procedures.
  • General Business and Operational Support. To assess and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and to administer our business, accounting, auditing, compliance, recordkeeping, and legal functions.

Disclosures of Personal Information

We may disclose the personal information we collect for the purposes described above and as otherwise directed or consented to by you, with the following recipients and in the following circumstances:

  • Affiliates and Subsidiaries. We may disclose the personal information we collect to our corporate affiliates and subsidiaries.
  • Business Partners. In some circumstances, Xage Security may partner with other businesses to offer its Services, and we may disclose personal information to those business partners.
  • Vendors and Services Providers. We may disclose the personal information we collect to vendors and service providers who perform functions on our behalf, such as IT and website hosting, payment processors, product and order fulfillment facilitators, marketing and marketing research providers, customer support, data storage, data analytics providers, auditors, consultants, and legal counsel.
  • Other Xage Security Users. With other users of the Services in the context of specific features that are social in nature. For example, if you attend a webinar or event we host or sponsor, if you refer others to use our Services, or if you submit or make available information through public-facing features, community forums, or discussion blogs sponsored by or affiliated with Xage Security, certain personal information may be available to, and searchable by, other users of the Services. 
  • Third Party Marketing and Analytics Providers. We may also disclose your personal information, such as device and browsing, and activities and usage information, and other similar information, to third party marketing and data analytics providers, and other companies who provide marketing, advertising, campaign management, or analytics services on our behalf.
  • In Support of Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may disclose or transfer the personal information we have collected from you with or to the other company in accordance with applicable laws. We may also disclose certain personal information as necessary prior to the completion of such a transaction or other corporate transaction such as a financing or restructuring, to lenders, auditors, and third-party advisors, including attorneys and consultants.
  • Compliance and Legal Obligations. We may also disclose personal information to third parties to the extent required by applicable law and legal obligations. For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators, government entities, and law enforcement, including responding to national security or law enforcement disclosure requirements, or as otherwise required by law or legal process. In addition, we may disclose the names of sweepstakes and contest winners in accordance with applicable law. 
  • Security and Protection of Rights. Where we believe doing so is necessary to protect the Services, our rights and property, or the rights, property, and safety of others. For example, we may disclose personal information to (i) prevent, detect, investigate, and respond to fraud, unauthorized activities and access, illegal activities, and misuse of the Services, (ii) situations involving potential threats to the health, safety, or legal rights of any person or third party, or (iii) enforce, detect, investigate, and take action in response to violations of our Terms and Conditions. We may also disclose personal information related to litigation and other legal claims or proceedings in which we are involved, as well as for our internal accounting, auditing, compliance, recordkeeping, and legal functions.
  • Other Disclosures. We may disclose personal information in other ways not described above that we notify you of or that we obtain your consent for, or that are otherwise authorized or required by law.

Aggregate and/or Deidentified Data. Notwithstanding anything else described in this Policy, we may use and disclose aggregate, deidentified, and other non-identifiable data related to our business and the Services for quality control, analytics, research, development, and other purposes. Where we use, disclose or process deidentified data (data that is no longer reasonably linked or linkable to an identified or identifiable natural person, household, or personal or household device) we will maintain and use the information in deidentified form and not to attempt to reidentify the information, except in order to determine whether our deidentification processes are reasonable and adequate pursuant to applicable privacy laws.

Cookies and Other Tracking Mechanisms

We and our third-party providers use cookies, pixels, local storage objects, log files, and other mechanisms to automatically collect browsing, activity, device, and similar information within our Services. We use this information to, for example, analyze and understand how users access, use, and interact with our Services, to identify and resolve bugs and errors in our Services, to assess secure, protect, optimize and improve the performance of our Services, as well as for marketing and analytics purposes, and to personalize content in our Services. To manage your preferences regarding cookies, targeted advertising, and other similar tracking mechanisms within our Services, please see Your Privacy Choices below.

Cookies. “Cookies” are alphanumeric identifiers we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process, support the security and performance of the Services, or allow us to track aggregate and statistical information about user activity within the Services. 

Pixel Tags. Pixel tags (sometimes called web beacons or clear GIFs) are tiny graphics with a unique identifier, similar in function to cookies. While cookies are stored locally on your device, pixel tags are embedded invisibly within web pages and online content. We may use these, in connection with our Services to, among other things, track the activities of users, and help us manage content and compile usage statistics. We may also use these in our emails to let us know when they have been opened or forwarded, so we can track response rates and gauge the effectiveness of our communications.

Local Storage Objects. Local storage is a web storage mechanism that allows us to store data on a browser that persists even after the browser window is closed. Local storage may be used by our web servers to cache certain information in order to enable faster loading of pages and content when you return to our websites. You can clear data stored in local storage through your browser. Please consult your browser help menu for more information.

Third-Party Analytics and Tools. We use third party tools, such as Google Analytics, which are operated by third party companies. These third-party analytics companies may use cookies, pixels, and other similar tools to collect usage data about our Services in order to provide us with reports and metrics that help us evaluate usage of our Services and improve performance and user experiences. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/partners/. You can also download the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Cross-Device Tracking. We and our third-party providers may use the information we collect about you within our Services and on other third-party sites and services to help us and these third parties to identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.).

Third-Party Advertising. We work with third parties, such as ad networks, analytics, marketing partners, and others (“third-party ad companies”) to personalize content and display advertising within our Services, as well as to manage our advertising on third-party sites. We and these third-party ad companies may use cookies, pixel tags, and other tools to collect browsing and activity information within our Services (as well as on third-party sites and services), as well as IP address, unique ID, cookie and advertising IDs, and other online identifiers. We and these third-party ad companies may use this information to provide you with more relevant ads and content within our Services and on third-party sites, and to evaluate the success of such ads and content.

Custom Lists and Matching. We may share or make available certain customer list information (such as your name, email address and other contact information) with third parties (i) so that we can better target ads and content to you across third party sites, platforms and services, and (ii) in some cases, these third parties may help us to enhance our customer lists with additional demographic or other information, so we can better target our advertising and marketing campaigns. 

 

Your Privacy Choices

Privacy Choices. We make available several ways for you to manage your preferences and privacy choices, as described below:

  • Account and Profile Information. You can review and update some of the personal information we maintain about you by logging into your account and updating your profile information directly within our Services.
  • Marketing Communications. We may send periodic promotional emails or other similar communications to you, in accordance with applicable law. You may opt-out of these communications by following the instructions provided to you in the communication. If you opt-out of receiving promotional content from us, we may still send you communications about your account or any services you have requested or received from us. Additionally, you can manage your communication preferences in your account settings.

Cookie and Advertising Preferences. We also make available ways for you to manage your preferences regarding cookies, targeted advertising, and other similar technologies within our Services. Many of these choices are browser and device specific, which means that you need to set the preference for each browser and device you use to access our Services. In addition, if you delete or block cookies, you may need to reapply these preferences to each browser and/or device used to access our Services.  To prevent cookies from tracking your activity, modify browser settings, opt out of receiving advertisements, and obtain other information, see aboutads.info/choices (Digital Advertising Alliance).

 

External Links and Features

Our Services may contain links to third-party websites or features or provide certain third-party connections or integrated services. Any access to and use of such linked websites, features, or third-party services is not governed by this Policy, but instead is governed by the privacy policies of those third parties. We are not responsible for the information practices of such third parties, including their collection, use, and disclosure of your personal information. You should review the privacy policies and terms for any third parties before proceeding to those websites or using those third-party features or services.

 

International Transfers

Xage Security is headquartered in the United States, and we may work with other organizations, entities, business partners, and service providers in various jurisdictions, including the United States and throughout the world. As such, we may collect personal information, and we may transfer such personal information to and process such information from the United States and other jurisdictions where our business partners and service providers have operations. Some of these jurisdictions (including the United States) may not provide equivalent levels of data protection as compared to your home jurisdiction. 

 

Children’s Privacy

Our Services are not designed for children, and we do not knowingly collect personal information from children under the age of 13. If you are a parent or legal guardian and you believe we have collected your child’s information in violation of applicable law, please contact us using the contact information in the Contact Us section below.

 

Security

We have implemented safeguards aimed to protect the personal information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee security. 

 

Changes to this Policy

This Policy is current as of the date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any updates to this Policy on this page. If we make material changes to how we collect, use, or disclose the personal information we have previously collected about you, we will endeavor to provide you prior notice, such as by emailing you or posting prominent notice on our Site or within the Services.

Contact Us

If you have any questions or concerns regarding this Policy or our privacy practices, you may email us at privacy-request@xage.com or contact us at:

445 Sherman Avenue, Suite 200
Palo Alto, CA 94306
Attn: Victor Chang, Privacy Requests

Governing Law and Venue

This policy and any conflict regarding it shall be governed by and construed under the law of the State of California without regard to conflict of laws provisions. The federal and state courts of Santa Clara County, California shall have exclusive jurisdiction and venue to adjudicate any dispute arising out of this policy.