top of page

Privacy Policy

Privacy Policy
Last Updated: January 21, 2020

Privva, Inc. (“Privva”) respects your privacy.  We have prepared this Privacy Policy to describe to you our practices regarding the Personal Data (as defined below) we collect from users of our website located at (the “Site”) and our online services (“Services”). 

1.    Questions; Contacting Privva.  If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any suspected security violations to us, please contact us at the following:


Privva, Inc.
8 Market Place
Suite 805
Baltimore, MD 21202
Attn: Privacy Team

2.    User Consent.  By visiting our Site, using our Services, or providing us with your Personal Data through our Site or Services, you agree to the terms of this Privacy Policy and you expressly consent to the collection, use and disclosure of your Personal Data in accordance with this Privacy Policy.


3.    A Note About Children.  We do not intentionally gather Personal Data from visitors who are under the age of 13.  If we discover that a child under 13 has submitted Personal Data to Privva, we will attempt to delete the information as soon as possible.  If you believe that we might have any Personal Data from a child under 13, please contact us at  


4.    A Note to Users Outside of the United States.  Your Personal Data may be processed in the country in which it was collected and in other countries, including the United States, where laws regarding the processing of Personal Data may be less protective than the laws in your country.  By providing your data, you consent to such processing and transfer. 


5.    Types of Data We Collect.  “Personal Data” means data that, by itself, allows someone to identify or contact you as an individual, company, or your employer including, for example, name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data.  “Anonymous Data” means data that does not, by itself, permit the identification of individual persons and that is not associated with or linked to Personal Data.  We collect Personal Data and Anonymous Data, as described below.
(a)    Information You Provide to Us. 
·    We may collect your first name, last name, organization name, e-mail address, phone number, and password when you create an account to log in to our Services (“Account”).
·    If you are creating a security risk assessment questionnaire (“Assessment”), we collect any Personal Data you provide in your questions.
·    If you are a vendor responding to an Assessment, we collect any Personal Data you provide in your survey response.
·    If you subscribe to our e-mail newsletter, we will collect your e-mail address.
·    If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in your e-mail to us, in order to send you a reply.  
·    We may also collect Personal Data at other points in our Site or Services that state that Personal Data is being collected.

(b)    Information Collected via Technology.
·    Information Collected by Our Servers.  To make our Site and Services more useful to you, our servers (which may be hosted by a third-party service provider) may collect information from your computer or device, including but not limited to:
o    The date and time of your visit and the web pages and content you view and links you click on while navigating within our Services;
o    Information about the type of content accessed via our Services;
o    The site you visited before and after visiting our Site;
o    Your Internet Protocol (IP) address (a numerical address assigned to your computer by your Internet service provider so that other computers connected to the Internet can communicate with your browser online) that can sometimes be used to derive your general geographic area;
o    Search terms you enter using our Services or on a referral site;
o    Unique identifiers, including non-global mobile device identification numbers;
o    Information about your device such as your device type, screen size, browser type, language and other settings, memory capacity, plug-ins, Internet domain, TCP configuration parameters, operating system, carrier code, time zone and the names, versions and package IDs of software installed on your device; and
o    Information collected through cookies and other tracking technologies (see additional descriptions of these terms below).
·    Cookies.  Like many online services, we use cookies to collect information.  “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website.  We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site and Services.    
·    Do Not Track. We do not currently respond to “do not track” signals from web browsers.


The following two items apply only to Our software application does not use any third party analytics or tracking.

·    Analytics Services. We use third-party analytics services including Google Analytics (“Analytics Services”), to help analyze how users use our Site at  The information generated by the Cookies or other technologies about your use of our Site (the “Analytics Information”) is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on user activity. The Analytics Services may also transfer the Analytics Information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Service’s ability to use and share Analytics Information is restricted by such Analytics Service’s terms of use and privacy policy.  By using our Site, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above. For a full list of Analytics Services, please contact us at  To learn more about how Google uses data, visit
·    Google AdWords, Wix, and other similar retargeting services.  We use Google Adwords, Wix, and/or other similar retargeting services to send ads on websites across the Internet to users who previously visited our Site.  Third-party vendors, including Google, may use Cookies to serve ads based on a user’s past visits to our Site.


6.    Use of Your Personal Data
(a)    General Use.  In general, Personal Data you submit to us is used either to respond to requests that you make, aid us in serving you better, or improve our Site and Services.  We and our authorized service providers may use your Personal Data in various ways, including to:  
•    facilitate the creation of and secure your Account on our network; 
•    identify you as a user in our system; 
•    provide our Services;
•    provide improved administration of our Site and Services; 
•    measure and analyze audience traffic and improve the quality of your experience when you interact with our Site and Services; 
•    send you a welcome e-mail to verify ownership of the e-mail address provided when your Account was created; 
•    send you administrative e-mail notifications, such as security, or support and maintenance advisories;
•    respond to your inquiries related to employment opportunities or other requests;
•    display and/or send surveys, newsletters, and other promotional materials;
•    help recognize you as a previous visitor and save and remember your preferences and settings and deliver to you appropriate interest-based content;
•    prevent potentially prohibited or illegal activities, comply with applicable law and enforce our Terms of Service; and
•    for any other purposes disclosed to you at the time we collect your information or pursuant to your consent.

(b)    User Testimonials and Feedback.  We often receive testimonials and comments from users who have had positive experiences with our Services.  We occasionally publish such content.  We obtain the user’s consent prior to posting his or her Personal Data along with the testimonial.  
(c)    Creation of Anonymous Data.  We may create Anonymous Data records from Personal Data by excluding information (such as your name) that makes the data personally identifiable to you.  We reserve the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in our sole discretion. 


7.    Disclosure of Your Personal Data.  We disclose your Personal Data as described below and as described elsewhere in this Privacy Policy.
(a)    Users.  If you are creating or reviewing an Assessment, your Personal Data will be disclosed to the vendor responding to the Assessment. In addition, any Personal Data provided in your questions will also be disclosed to the vendor.  If you are vendor responding to an Assessment, your Personal Data will be disclosed to the organization which used the Services to send the Assessment to you.  In addition, any Personal Data you provided in your responses will also be disclosed to such organization.  
(b)    Third-Party Service Providers.  We may share your Personal Data with third-party service providers that conduct quality assurance testing, facilitate creation of accounts, provide technical support, and/or provide other services to Privva. 
(c)    Affiliates.  We may share some or all of your Personal Data with our parent company, subsidiaries, joint ventures, or other companies under common control with Privva (“Affiliates”), in which case we will require our Affiliates to honor this Privacy Policy.
(d)    Corporate Restructuring.  We may share some or all of your Personal Data in connection with or during negotiation of any merger, financing, acquisition or dissolution transaction or proceeding involving the sale, transfer, or divestiture of all or a portion of our business or assets.  In the event of an insolvency, bankruptcy, or receivership, Personal Data may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations regarding your Personal Data as described in this Privacy Policy. 
(e)    Other Disclosures.  Regardless of any choices you make regarding your Personal Data (as described below), Privva may disclose Personal Data if it believes in good faith that such disclosure is appropriate (a) in connection with any legal investigation or proceeding; (b) to comply with relevant laws or to respond to subpoenas or warrants served on Privva; (c) to protect or defend the rights or property of Privva, its affiliates or its users; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, our Terms of Use, or any other contractual arrangement.


8.    Third-Party Websites.  Our Site may contain links to third-party websites.  When you click on a link to any other website, you will leave our Site and go to another site, and another entity may collect Personal Data or Anonymous Data from you.  We have no control over, do not review, and cannot be responsible for, these outside websites or their content.  Please be aware that the terms of this Privacy Policy do not apply to these outside websites, or to any collection of your Personal Data after you click on links to such outside websites.  We encourage you to read the privacy policies of every website you visit.  The links to third-party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or services.


9.    Your Choices Regarding Information.  You have several choices regarding the use of information on our Service:
(a)    Email Communications.  We may periodically send you free newsletters and e-mails that directly promote the use of our Site or Services.  When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information above).  Despite your indicated preferences for commercial e-mail messages, we may continue to send you account or service-related communications, including notices of any updates to our Terms of Use or Privacy Policy.
(b)    Cookies.  If you decide at any time that you no longer wish to accept Cookies for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Service or all functionality of the Services. You can opt out of Google’s use of Cookies by visiting  You may also opt out of some third-party Cookies by visiting  If you have any questions about how to disable or modify Cookies, please let us know at the contact information provided above.
(c)    Google Analytics.  You may prevent your data from being collected and used by Google Analytics by opting out through the use of the Google Analytics Opt-out Browser Add-on available at
(d)    Changing or Deleting Your Personal Data.  You may change any of your Personal Data in your Account by editing your Personal Data within your Account or by sending an e-mail to us at  However, we request you do not share passwords via email.  You should make any changes related to your password directly in your Account. You may request deletion of your Personal Data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements).  When we delete any information, it will be deleted from the active database, but may remain in our archives.  We may also retain your information for fraud prevention or similar purposes.


10.    Changes to This Privacy Policy.  This Privacy Policy may be updated from time to time for any reason.  We will notify you of any changes to our Privacy Policy by posting the new Privacy Policy at and we will change the “Last Updated” date above.  You should consult this Privacy Policy regularly for any changes. 

bottom of page