• Information and Communications Technology
• Software
• Application Software

Purpose of Data Collection

HR data: Contrast processes personal data, e.g., date of birth, passport, national ID#, bank account information, information necessary for basic disclosure or background checks (where permissible by law), in furtherance of the employee/ employer relationship including recruiting, hiring and on-boarding, workforce administration, compensation, benefits (including pension administration with a third party), separations and post-employment administration (if necessary), and other services that support the management of benefits or improve the employee experience. Contrast also processes personal data with respect to regulatory compliance. Contrast Security may process employee data of residents of the European Economic Area (including the UK) for the purpose of administering and carrying out employment or personnel relationships. Contrast Security uses third parties to administer payroll and onboarding processes (these vary by country, i.e. France, Germany, Netherlands. Third parties are also involved in the administration of stock options, processing of expense reports, outsourced IT support, and outsourced equipment purchases, etc. Non-HR data: Potential Customer/ Customer Contrast Security processes the data of our customers in order to provide the services offered by our product and to support the customer in the use of those products. This includes business contact information (name, email, phone number, company address, etc.); Internet Protocol (IP) address; IP range; domain name(s); web application URL(s); vulnerability and attack data (HTTP request data and a series of method invocations); summary information about what libraries and classes are loaded by each application; sitemap information (including URLs, but not parameters); and software architecture information about back-end components and connections depending on the service or product provided. Marketing Contrast Security processes some personal data through marketing activities, e.g., business card information (name, company name, company email, company phone number), badge scanning at events, and through other various activities e.g., webinars and blog posts. Contrast Security processes this data to operate our business so that we can provide goods or services to our customers. Contrast collects this data in full compliance with the General Data Protection Regulation. Vendor Contrast engages with vendors and business partners to perform tasks on our behalf including customer support, Sales CRM, email service provider, to name a few. Contrast Security uses Vendor’s data, which may include names, signatures, addresses, telephone numbers, e-mail addresses (business and personal). Where the Vendor is providing Services to Contrast as a sub-processor of Personal Data derived from the use of Contrast’s Products or Services, such Personal Data may include: personal contact information for third-parties, including name, home or business address, home, business or mobile telephone number, fax number, email address(business or personal), username, and passwords; unique IDs collected from end user devices, such as MAC and IP addresses, signal strengths, network association and disassociation time events, bandwidth consumed, applications used, IPs associated with (location), URLs visited, etc., collected from end user devices in conjunction with their internet access by means of our products and services (or services Contrast or Vendor, or its Sub-processor, may provide).

Questions or Complaints?

If you have a question or complaint, please contact Contrast Security, Inc. at: