Other Covered Entities
Industries
- Information and Communications Technology
- Cybersecurity
Participation
UK Extension to the EU-U.S. Data Privacy Framework Framework: Active
Swiss-U.S. Data Privacy Framework Framework: Active
EU-U.S. Data Privacy Framework Framework: Active
Purpose of Data Collection
Each type of data collected and purpose: Prospect and customer data: name and corporate email address from our prospects and customers are used to create user names for the purposes of accessing the BitSight services (i.e. login data including IP location of the login). For our vendor risk management services we may also collect contact information of customers' vendor contacts that a customer enters directly into the service. This information is used as described in our privacy policy (https://www.bitsight.com/privacy-policy). We also collect customer and prospect data (business contact information including business phone number) directly in connection with events we host (either in-person or online via web form) and from our marketing partners and lead generation sources. Employee data: not within scope for this certification.
Privacy Policy
Non-HR Data
BitSight's privacy policy as currently posted.
Verification Method
Self-Assessment
Dispute Resolution
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact BitSight Technologies, Inc. at:
Boston, Massachusetts 02199
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from BitSight Technologies, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
Appropriate statutory body with jurisdiction to investigate any claims against BitSight Technologies, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission