Privacy

Privacy Policy

Last Updated over a week ago

1 - Introduction

Welcome to Interlynk Inc. ("we", "us" and "our"). Interlynk provides software and services to help strengthen your software risk assessment and expression. The “Websites” means Interlynk’s websites (including, without limitation, interlynk.io, app.interlynk.io, sbombenchmark.io) and any successor URLs, mobile or localized versions and related domains and subdomains), and the “Services” means Interlynk’s products, applications and services, in each case in whatever format they may be offered now or in the future. As you use the Services, we collect and process information from and about you in order to provide you with access to the Services, enhance your experience while using the Service, and communicate with you.

2 - Applicability of this Privacy Policy

This policy (the “Privacy Policy”) applies to your use of the Services and other interactions (e.g., customer service inquiries) you may have with Interlynk. If you do not agree with this Privacy Policy, do not access or use our Services.

A separate agreement (the “Customer Agreement”) may be in place between your organization and Interlynk that governs delivery, access and use of the Service by users who are authorized by your organization to use its instance of the Service (such Customer-specific instance of the Service is referred to herein as the “Customer Instance”). The entity who enters into the Customer Agreement with Interlynk controls the Customer Instance used by its authorized users and may set certain rules related to your utilization of the Service, including limitations regarding which third party applications you can connect to via the Service. If you have questions about your organization’s specific Service settings and practices you should contact them directly.

3 - Personal Data We Collect

Account Registration Data That You Provide To Us

When you register for an Interlynk account, you are required to provide certain personal information (the “Personal Data”), such as your name, and email address, and telephone number, as well as other information that you voluntarily choose to add to your account profile, like a profile photo. If you choose to register for an account utilizing your credentials from a third party service (such as Google or Microsoft), then your name and email address will be provided to us as permitted by your profile settings within that third party services. If you are registering for a paid account you will also be required to provide payment information, such as payment card details (collected by our payment service provider), and Single Sign On (SSO) SAML 2.0 credentials. We will inform you, when requesting your Personal Data, if certain data must be provided or if it is optional. We will also inform you of the consequences should you not wish to provide this data. We also collect the information that you may choose to submit to our customer support team, for example regarding a question you have or a problem you are experiencing with our Services. This may include your contact information, a summary of the problem you are experiencing and any other documentation or information that would be helpful in resolving the issue (which, at your option, may include Personal Data).

If you are registering a company, you hereby warrant that you have the authority to bind your company to these Terms of Service. Furthermore, you hereby warrant that you are at least 18 years of age and, if you are not, that you have the permission of your parent or guardian to register and/or use the Services in accordance with these Terms of Service.

Automatically Collected Data

When you interact with Interlynk through the Services, we automatically collect information about you through cookies (small text files placed on your device), mobile device identifier and other technologies. Please read the “Cookies” section below to learn more about how we use cookies and other technologies. When you visit our Websites, our servers record information (“log data”), including information that your browser automatically sends whenever you visit the Website. This log data includes your Internet Protocol (“IP”) address (from which we understand the country you are connecting from at the time you visit the Site), browser type and settings, and the date and time of your request.

Data From Other Services You Link To Your Account

In order to perform tasks that are part of the Services we require you to integrate your third party email service with your Service account. Doing so provides us with access to your email account(s) and the content included therein. You authorize this access by agreeing to this Privacy Policy and providing any consent required by your email provider.

We receive information about you when you or your administrator integrate or link a third-party service with our Services (a “Third Party Service”). For example, if you create an account or log into our Services using your Google or Microsoft credentials, we receive your name and email address as permitted by your Google or Microsoft profile settings in order to authenticate you.

You or your administrator may also integrate other Third Party Services you use with and into our Services. For example, you may authorize our Services to access and display messages from within an instant messaging application, or to access and display files from a third-party document sharing service. The information we receive when you integrate our Services with a Third Party Service depends on the settings, permissions and privacy policy associated with that Third Party service. Please check the privacy settings and privacy policy of these Third Party Services to understand what data may be disclosed to and shared with us.

4. How We Use Your Personal Data.

We collect Personal Data for the following purposes:

To Provide The Services And Manage Your Access To And Use Of The Services

We use information about you to provide the Services to you, including registering you for the Services, processing transactions with you, authenticating you when you log in, providing customer support, and operating and maintaining the Services.

To Communicate With You About The Services And Provide You With Customer Support

We use your contact information to communicate with you about the Services, respond to your customer support questions and requests, and provide you notices regarding the Services (including notices about your account, product update announcements, security alerts, administrative notifications, and the like).

In connection with providing you with customer support, we may also use the information we automatically collect and information that you provide to us and consent for us to view and utilize as part of a support request so that we can respond to your request, analyze information related to your support request, and to repair or improve the Services.

We may also provide tailored communications based on your interactions with the Services. For example, specific actions you take may trigger a third-party app suggestion, or we may communicate with you as you begin using the Services to assist you as you learn to be proficient in using the Services.

These communications are fundamental to the Services, and in most cases, you cannot opt out of them. If an opt-out is available, you will find information about how to opt-out in the communication or your account settings.

For Research And Development to Improve our Service

So that we can continually improve the functionality of our Services, we utilize our collective learnings about the way users interact with and use the Services, as well as feedback provided directly to us, to troubleshoot issues, fix bugs, enhance functionality, and identify areas for integration and improvement of the Services.

To Market And Promote Our Services

We use your contact information and information about how you use the Services to communicate directly with you, including by sending you newsletters, promotions, or information about current and future products and services. You may opt out of receiving such communications at any time by (i) clicking the unsubscribe link included in all the emails you receive or (ii) contacting us as indicated in Section 11 below (“Contact”).

For Safety And Security

We use information about you and how you use the Services to verify and authenticate accounts and activity, monitor for suspicious or fraudulent activity, and identify violations of our Services policies.

To Protect Our Legitimate Business Interests And Legal Rights

Where required by law, or where we think it is necessary to protect our legal rights and interests or the legal rights and interests of others, we use information about you in connection with legal claims, compliance, and regulatory functions. If you ask us to delete your data or to be removed from our marketing lists and we are required to fulfill your request, we will keep primary data to identify you and prevent further unwanted processing. As used above, “legitimate interests” means our interests in conducting our business and managing and delivering the best Services to you. We will not use your Personal Data for activities where the impact on you overrides our interests unless we have your consent or those activities are otherwise required or permitted by law.

With Your Consent

We use Personal Data about you where you have given us consent to do so for a specific purpose not listed above. For example, with your permission, we may publish testimonials or featured customer stories on our Websites to promote the Services, including names and profile photos of representatives of our customers alongside the testimonial. While providing our Services, we may collect on behalf of our customers information related to our customers’ employees, business partners, and other individuals. Our use of such information on behalf of our customers is governed by our Customer Agreement with that customer and the customer’s own privacy policies. We are not responsible for the privacy policies or privacy practices of customers or other third parties.

5 - How We Share Your Personal Data

In order to provide you with the Service and operate our business effectively, we may need to share your Personal Data with certain third parties and service providers. This section explains when and why we share your information.

Sharing With Third Party Service Providers for Business Purposes

We may share your Personal Data with third party service providers for business purposes (as we have done for the preceding 12 months). This Personal Data may include personal identifiers (such as your name and email address), and internet or other electronic network activity information (such as your IP address, type of browser, version of operating system, carrier and/or manufacturer, device identifiers, and mobile advertising identifiers), and location data. We disclose these categories of Personal Data to service providers who assist us in fulfilling the following business purposes:

  • Maintaining and delivering the Service (including hosting, back-up and other IT service providers, billing and payment processing services),
  • Providing you with customer service,
  • Detecting and preventing fraud,
  • Analyzing and improving the Service (including via website analytics and data science service providers)

These third party service providers are provided only with that Personal Data that is necessary to perform the services we have hired them to provide.

For Legal Purposes to Protect Interlynk and the Service

We may disclose your Personal Data if required to do so by law or if we have a good faith belief that such action is necessary to (i) comply with a legal obligation or lawful requests by public authorities, including to meet national security or law enforcement requirements, (ii) protect and defend the rights or property of Interlynk, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

In Connection With a Sale or Merger

As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.

With Your Consent

We may share Personal Data about you with third parties when you give us consent to do so. For example, with your permission we may publish and display testimonials or featured customer stories on our Websites, including names and profile photo of representatives of our customers alongside the testimonial.

6 – Data Retention

Interlynk generally retains your Personal Data for a period of time consistent with the original purpose of collection. For instance, we may retain your Personal Data during the time you have an account to use our Websites or Services, or as agreed in our subscription agreements, and for a reasonable period of time thereafter. We also may retain your Personal Data as necessary to comply with our legal obligations, to establish proof of a right or a contract, resolve disputes, enforce our agreements, in accordance with the law.

Your credit card information is stored no longer than the time necessary to allow the fulfillment of the transaction, except in the case of a subscription, to facilitate the payment of regular customers. In that case, credit card information is stored for the whole duration of your subscription and at least until the date at which you carry out your last transaction. Such storage is implemented by our secured payment service provider Stripe. By subscribing to our Services, you agree to this storage. Data relating to the visual cryptogram or CVV2 on the back of your credit card is not stored.

7- California Residents

Scope

This section applies only if you are a resident of California and describes the rights granted to you pursuant to the California Consumer Privacy Act of 2018 (“CCPA”). For purposes of this section, “Personal Information” has the meaning given in the CCPA, but does not include information exempted from the scope of the CCPA.

Your California Rights. These rights are not absolute, are subject to exceptions, and we may be required or permitted by law to decline your request.

  • Right to Know: You can request the following information about how we have collected and used your Personal Information during the past 12 months, including:
    - The categories of personal information we have collected about you;
    - The categories of sources from which we collected the personal information;
    - The business and commercial purpose for collecting and/or selling the personal information;
    - The categories of third parties with whom we have shared your personal information;
    - Whether we have disclosed your personal information for a business purpose and, if so, the categories of personal information received by each category of third party recipient.
  • Right of Access: You can request a copy of the personal information that we have collected about you during the past 12 months.
  • Right to Delete: You can ask us to delete the personal information we have collected from you. We may be required or permitted by law to deny your request.
  • Nondiscrimination: You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.

How to Exercise Your California Privacy Rights

You may exercise your California privacy rights described above as follows:

  • Right to information, access, and deletion: You can request to exercise your information, access, and deletion rights by contacting us using the information shown in Section 12 below.
  • Right to opt-out of the “sale” of your Personal Information. We do not sell your Personal Information directly or indirectly.

California Required Information Regarding Personal Information We Collect and Share

The chart below summarizes how we collect, use and share Personal Information by reference to the categories specified in the CCPA, and describes our practices during the 12 months preceding the effective date of this Privacy Policy.

Identifiers

  • Personal Information We Collect: Contact information such as your real name, email address, Internet Protocol address, online identifier, or unique personal identifier.
  • Source: You (either directly or through a Third Party Service), collected automatically by the Service, Business Partners, and service providers.

Commercial Information

  • Personal Information We Collect: Records of products or services purchased
  • Source: You (either directly or through a Third Party Service), collected automatically by the Service, business partners, and service providers.

Financial Information

  • Personal Information We Collect: Payment information
  • Source: You (either directly or through a Third Party Service), Business Partners and service providers.

Online Identifiers

  • Personal Information We Collect: Device data, identity data
  • Source: You, (either directly or through a Third Party Service) Collected automatically by the Service, and service providers.

Internet or Network Information

  • Personal Information We Collect: Browsing history, search history, information on your interactions with our website, application, or advertisement.
  • Source: You, (either directly or through a Third Party Service), collected automatically by the Service, and service providers.

Geolocation Data

  • Personal Information We Collect: Physical location data from your mobile device or computer.
  • Source: You, (either directly or through a Third Party Service), collected automatically by the Service, and service providers.

Inferences drawn from other personal information

Professional or Employment Information

We describe the sources from which we collect this information in the section above titled “Personal Data We Collect.” We describe the business and commercial purposes for which we collect this information in the sections above titled “How We Use Your Personal Data” And “How We Share Your Personal Data.”

Geolocation Data

8 – Cookies and Similar Technologies

Cookies are small text files that are placed on your computer or mobile device when you visit a website, mobile app or use an online platform. Cookies and similar technologies are widely used by online service providers to facilitate and help to make the interaction between users and websites, mobile apps and online platforms faster and easier, as well as to provide reporting information. For more information about cookies and their impact on you and your browsing visit www.aboutcookies.org

Cookies set by the website and/or mobile app and/or platform owner (in this case, Interlynk) are called "first party cookies". Cookies set by parties other than the website and/or mobile app and/or platform owner are called "third party cookies". Third party cookies enable third party features or functionality to be provided on or through the website and/or mobile app and/or platform (e.g. like advertising, interactive content and analytics). The parties that set these third party cookies can recognize your computer or device both when it visits the website and/or mobile app and/or platform in question and also when it visits certain other websites and/or mobile apps and/or platforms. By choosing to use our the Websites after having been notified of our use of cookies in the ways described in this Privacy Policy and, in applicable jurisdictions, through notice and unambiguous acknowledgment of your consent, you agree to such use.

Why Do We Use Cookies?

We use first-party and third-party cookies for several reasons. Some cookies are required for technical reasons in order for our Websites and/or App and/or platform to operate, and we refer to these as "essential" or "strictly necessary" cookies. Other cookies also enable us to track and target the interests of our users to enhance the experience on our Websites and/or App and/or platform. Third parties serve cookies through our Websites and/or App and/or platform for analytics and to help us deliver ads, measure the performance of those ads, and make them more relevant to you. This is described in more detail below.

Our Websites Cookies

Essential website cookies:

Analytics and customization cookies:

Managing Cookies

Most internet browsers allow you to erase cookies from your computer hard drive, block all cookies (or just third-party cookies), or warn you before a cookie is stored on your device. Please note, if you choose to block all cookies, our Services will not function as intended and you will not be able to use or access many of the features of the Services we provide. If you have blocked all cookies and wish to make full use of the features and Services we offer, you will need to enable your cookies. You can do this in your browser. Rather than blocking all cookies, you can choose to only block third-party cookies which will still allow our website to function as intended.

9 - Modifications

We reserve the right, at our sole discretion, to modify this Privacy Policy or any portion thereof. Any changes will be effective from the time of publication of the new privacy policy. If we believe that the changes are material, we will let you know by doing one (or more) of the following: (i) posting the changes on or through the Services, (ii) sending you an email or message about the changes. Your continued use of the Services after the changes have been implemented shall indicate your agreement with the terms of such revised privacy policy. Otherwise, and if the new privacy policy does not suit you, you must no longer use the Services.

10 - Contact

Have questions or concerns about Interlynk and privacy? Contact us by email at privacy@Interlynk.io