Other Covered Entities

CrowdStrike Holdings, Inc.
CrowdStrike Services, Inc.
CrowdStrike, Inc.

Industries

  • Information and Communications Technology
  • Cybersecurity

Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 10/28/2016
Next Certification Due Date: 10/17/2020
Data Collected: HR, NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 10/24/2017
Next Certification Due Date: 10/17/2020
Data Collected: HR, NON-HR

Purpose of Data Collection

CrowdStrike processes data to provide website content, market and develop its products, as an employer, for network security purposes, maintain IT infrastructure and provide its offerings. CrowdStrike has numerous Offerings, including but not limited to platform and cloud based security and intelligence subscription services, professional services, free community security tools, and more. All of our Offerings are centered on our mission to provide cutting-edge security solutions to our customers. In order to accomplish our mission, CrowdStrike is leading the industry in Big Data Security, taking advantage of high volume, high velocity, and high variety information to reveal relationships, dependencies, and perform predictions of outcomes and behaviors in order to detect, contain, and mitigate network intrusions and identify the attackers. Most of the information CrowdStrike collects through its Offerings is metadata, for example, data about how and when a device or network is being used, login times and attempts, registry keys, types and versions of operating systems, browsers, and information about software applications. Some of the data we collect may be considered personal information depending on the laws of the location where it is collected, such as IP addresses. In some cases, we collect personal information as it may appear within usernames, filenames, file paths, and machine names. However, we only use the data that we collect through our Offerings to help our customers and improve our capabilities in the way described in our more specific product or service documentation and agreements. CrowdStrike also offers customers the ability to directly provide to CrowdStrike, or for customers to have CrowdStrike Offerings configured to collect files (including the content of those files) and other information related to the files for security analysis and response, or when submitting crash reports, to make the product more reliable. At your direction, we may also collect or retrieve files as part of our Offerings. The files and related information may contain personal information. CrowdStrike may process information, including personal information, that we collect from users of our Websites and Web Portals for a number of reasons, including but not limited to the following purposes: ? Operate, secure, support, personalize, and improve our Websites ? Provide you requested information and Offerings ? Provide blogs and discussion groups ? Run promotions, contests, surveys, or other website features ? Send periodic emails ? Recruit new employees when you respond to career postings ? Analyze trends ? Digital marketing, which may include online advertisements appearing on cookie-based advertising networks ? Direct marketing, which may include postal mail or telemarketing from CrowdStrike or a service vendor ? Provide you our Offerings, including product updates, documentation, and related information ? Operate, secure, support, and improve our Web Portals and Offerings ? Develop new features, products, and services ? Send periodic emails ? Analyze trends CrowdStrike may also process human resources data, which may include personal data, on behalf of its employees to fulfill its obligations as an employer, provide services to its employees, and manage the company. CrowdStrike's Privacy Notice is available at: https://www.crowdstrike.com/privacy-notice/

Privacy Policy

HR Data

CrowdStrike EU-US Privacy Shield: European Union Employee Data Privacy Policy
Description:

This Policy describes how CrowdStrike effects the Privacy Shield Principles for Employee Personal Data.

Effective Date: 9/29/2016

Non-HR Data

Document: Privacy Notice
Description:

CrowdStrike's non-HR data privacy notice

Effective Date: 10/18/2017

Verification Method

TRUSTe

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact CrowdStrike Holdings, Inc. at:

Drew Bagley
VP & Counsel, Privacy & Cyber Policy
CrowdStrike Holdings, Inc.
2450 Crystal Dr Suite 1015, Arlington, VA 22227
150 Mathilda Pl Sunnyvale, Suite 300
Sunnyvale, California 94086

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from CrowdStrike Holdings, Inc. to your question or complaint, please contact the independent recourse mechanism listed below


NON-HR RECOURSE MECHANISM



Appropriate statutory body with jurisdiction to investigate any claims against CrowdStrike Holdings, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission