Privacy Policy

At SOFTwarfare®, LLC, our objective is to defend your assets from cyber attacks. The following
Privacy Statement outlines SOFTwarfare®’s methodology for how we collect, use, share, and otherwise process information relating to individuals (i.e. “Personal Data”), and your rights and choices regarding our processing of your Personal Data. A reference to “SOFTwarfare®,” “we,” “us,” “our,” or the “Company” is a reference to Softwarfare LLC.

1. Processing activities covered

This Privacy Statement applies to the following processing activities:

• Visiting our websites which display or link through to this Privacy Statement;
•  Websites included:
• softwarfare.com
• biothenticate.net
• pangaeapi.com
• Visiting our corporate offices;
• Receiving communications from us, including emails, texts or fax;
• Registering for our events;
• Participating in community and open source development.

When applications are provided by us and the application links to this Privacy Statement, this
Privacy Statement applies. When applications are provided by third parties, the privacy statement of the third party applies, and this Privacy Statement does not apply. Our websites may contain links to other websites, applications and services maintained by third parties. The information practices of such other services are governed by the third-party privacy statements, which we encourage you to review to better fully-understand those third parties’ privacy practices.

2. Responsible SOFTwarfare® entity

SOFTwarfare® is the controller of your Personal Data and responsible for the collection,
processing and disclosure of your Personal Data as described in this Privacy Statement, unless
expressly specified otherwise. This Privacy Statement does not apply to the extent we offer our customers the SOFTwarfare® Platform, through which our customers may collect and process Personal Data from individuals.

3. What Personal Data do we collect?

The Personal Data we collect directly from you may include the following:

• If you express an interest in obtaining additional information about our services, request customer support, use our 'Contact Us' or similar features, register to use our websites, sign up for an event or webinar, or download certain content, we generally require you provide us with your contact information, such as your full name, job title, company name, address, phone number, fax, email address, or username and password;
• If you attend an event (ex. trade shows, workshops, training, meetups, conferences), we may, upon your consent, scan your attendee badge, require online registration forms, one-off business card collection or hard copy sign-ups, which will provide us with your name, title and company name, address, country, phone number and email address;
• If you register for an online community that we host, we may ask you to provide a username, photo and/or biographical information, such as your occupation, social media profiles, company name, and areas of expertise;
• If you use and interact with our websites, we automatically collect log files and other information about your device and your usage of our websites through cookies, web beacons or similar technologies, such as IP-addresses or other identifiers, which may qualify as Personal Data (view the 'What device and usage data we process' section below);
• If you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival

We may collect information about you from other sources, including third parties from whom we
have purchased Personal Data, and combine this information with Personal Data provided by
you. This helps us to update, expand and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. In particular, we collect Personal Data from the following sources:

• Business contact information, including mailing address, job title, email address, phone number, ‘intent data’ which is web user behavior data, IP addresses, social handles, LinkedIn URL and custom profiles from third party data providers for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling;
• SOFTwarfare® uses platforms such as GitLab to manage code check-ins and pull requests. If you participate in an open source or community development project, we may associate your code repository username with your community account so we could inform you of program changes that are important to your participation or additional security requirements.

4. What device and usage data we process

We use common information-gathering tools, such as log files, cookies, web beacons and similar technologies to automatically collect information, which may contain Personal Data, from your computer or mobile device as you navigate our websites or interact with emails we have sent you.

4.1 Log Files

As is true of most websites, we gather certain information automatically via log files. This
collected information may include your Internet Protocol (IP) address (or proxy server), device
and application identification numbers, your location, your browser type, your Internet service
provider and/or mobile carrier, the pages and files you viewed, your searches, your operating
system and system configuration information, and date/time stamps associated with your usage.
This information is used to analyze overall trends to help us provide and improve our websites
and to guarantee their security and continued proper functioning. We also collect IP addresses
from users when they log into the services as part of SOFTwarfare®’s security features.

4.2 Cookies, web beacons and other tracking technologies

We use cookies and similar technologies such as web beacons, tags and Javascript alone or in
conjunction with cookies to compile information about usage of our websites and interaction
with emails from us.

When you visit our websites, our servers or an authorized third party may place a cookie on your
browser, which can collect information, including Personal Data, about your online activities
over time and across different sites. Cookies allow us to track overall usage, determine areas that
you prefer, make your usage easier by recognizing you and providing you with a customized
experience.

We use both session-based and persistent cookies. Session cookies exist only during one session
and disappear from your computer when you close your browser software or turn off your
computer. Persistent cookies remain on your computer or device after you close your browser or
turn off your computer. You can control the use of cookies at the individual browser level, but if
you choose to disable cookies, it may limit your use of certain features or functions on our
websites or services. To opt-out from tracking by Google Analytics, please use the specific opt-
out mechanism as indicated further below.

We also use web beacons on our websites. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to one of our websites. Such tracking technologies are used to operate and improve our websites and email
communications and track the clicking of links or opening of emails.

The following sets out how we use different categories of cookies and similar technologies, as
well as information on your options for managing the settings for the data collection by these
technologies:

Required Cookies:

Required cookies enable you to navigate our websites and use their features, such as accessing
secure areas of the websites.

If you have chosen to identify yourself to us, we may place on your browser a cookie that allows
us to uniquely identify you when you are logged into the websites and to process your online
transactions and requests.

​

Managing Required Cookies:

Required cookies are essential to operate the websites there is no option to opt out of these
cookies. Please refrain from using our site if you do not consent to these cookies.

Functional Cookies:
Functional cookies allow us to remember information you have entered or choices you make
(such as your username, language, or your region) and provide enhanced, more personal features. Functional cookies may also be used to improve how our websites function and to help us provide you with more relevant messages, including marketing communications. These cookies collect information about how our websites are used, including which pages are viewed most often.

We may use our own technology or third-party technology to track and analyze usage and
volume statistical information to provide enhanced interactions and more relevant
communications, and to track the performance of our advertisements.

In particular, we use Google Analytics ('Google Analytics'), a web analytics service provided by
Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses cookies to help us analyze how our websites are used, including the number of visitors, the websites visitors have come from, and the pages they visit. This information is used by us to improve our websites.

SOFTwarfare® may also utilize HTML5 local storage or Flash cookies for these purposes. Flash
cookies and HTML local storage are different from browser cookies because of the amount of,
type of, and how data is stored.

Managing Functional Cookies:

To manage the use of functional cookies on our websites, consult your individual browser
settings for cookies. Note that opting out may impact the functionality you receive when using
our websites.

4.5 Social Media Features

Our websites may use social media features, such as the Facebook “like” button, the “Tweet”
button and other sharing widgets (“Social Media Features”). You may be given the option by
such Social Media Features to post information about your activities on a website to a profile
page of yours that is provided by a third-party social media network in order to share with others
within your network. Social Media Features are either hosted by the respective social media
network or hosted directly on our website. To the extent the Social Media Features are hosted by
the respective social media networks, the latter may receive information that you have visited our
website from your IP address. If you are logged into your social media account, it is possible that

the respective social media network can link your visit of our websites with your social media
profile.

Our sites may allow you to log in using sign-in services such as Facebook Connect. These
services will authenticate your identity and provide you the option to share certain Personal Data
with us such as your name and email address to pre-populate our sign-up form.
Your interactions with Social Media Features are governed by the privacy policies of the
companies providing the relevant Social Media Features.

5. Purposes for which we process Personal Data and the legal basis on which we rely.

We collect and process your Personal Data for the purposes and on the legal bases identified in
the following:

•  Providing our websites: We will process your Personal Data to the extent this is necessary for the performance of our contract with you for the use of our websites and to fulfill our obligations under the applicable terms of use/service; where we have not entered into a contract with you, we base the processing of your Personal Data on our legitimate interest to operate and administer our websites and to provide you with content you access and request (e.g., download of certain content from our websites);
• Promoting security of our websites: We will process your Personal Data by tracking use of our websites, creating aggregated, non-personal data, verifying accounts and activity, investigating suspicious activity, as well as violations of and enforcement of our terms and policies, to the extent this is necessary for the purpose of our legitimate interests in promoting the safety and security of the systems and applications used for our websites, and protecting our rights and the rights of others;
• Managing user registrations: We will process your Personal Data by managing your user account for the purpose of performing the contract with you according to any applicable terms of service;
• Handling contact and user support requests: If you fill out a “Contact Me” web form, request user support, or if you contact us by other means, we will process your Personal Data for the performance of our contract with you and to the extent it is necessary for the purpose of our legitimate interests to fulfill your request and communicate with you;
• Managing event registrations and attendance: We will process your Personal Data to plan and host the event or webinar, including related communication with you, on the basis of the performance of our contract with you;
• Managing payments: If you have provided financial information, we will process your respective Personal Data to check the financial qualifications and collect payments to the extent this is necessary for completing transactions with you under the entered contract;
• Developing and improving our websites: We will process your Personal Data to analyze trends, track your usage of our websites and interactions with emails to the extent this is necessary for our legitimate interests to develop and improve our websites and to provide our users with more relevant and interesting content;
• Managing office visitors: We will process your Personal Data for security reasons, to register who visited our offices and who signed the non-disclosure agreement that visitors may be required to sign. 
• Displaying personalized advertisements and content: We will process your Personal Data to conduct marketing research, advertise to you, provide personalized information about us on and off our websites, and other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interests to advertise our websites or, where necessary, to the extent you have provided your prior separate consent (please also view 'Your rights relating to your Personal '; below to learn how you can control how your Personal Data is processed by SOFTwarfare® for marketing purposes);
• Sending marketing communications: We will process your Personal Data to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters) about us and our affiliates and partners, including information about our products, promotions or events as necessary for our legitimate interests to conduct direct marketing or to the extent you have provided your prior separate consent. Your rights relating to your Personal Data' section below to learn how you can control how your Personal Data is processed by Salesforce for marketing purposes);
• Complying with legal obligations: We will process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights, and is necessary for our legitimate interests to protect against misuse or abuse of our websites, to protect personal property or safety, to pursue remedies available to us and limit our damages, to comply with a judicial proceedings, court orders or legal process, and/or to respond to lawful requests. Where we need to collect and process Personal Data by law, or under a contract we have entered into with you and you fail to provide that required Personal Data when requested, we may not be able to perform the contract.
   

6. Who do we share Personal Data with?

We may share your Personal Data with the following recipients:

•  Our contracted service providers which provide services such as IT and system administration and hosting, credit card processing, research and analytics, marketing, customer support and data enrichment;
• If you use our websites to register for an event or webinar organized by a one of our affiliates, we may share your Personal Data with the affiliate to the extent this is required on the basis of the contract with you to process your registration and ensure your participation in the event; in such case, our affiliate will process the relevant Personal Data as a separate controller and will provide you with further information on the processing of your Personal Data, where required.
• If you attend an event or webinar organized by us, we may share your information with sponsors of the event if: (1) you consent to such sharing via an event registration form; or (2) you allow your attendee badge to be scanned at a sponsor booth. In that event, your information will be subject to the business partners’ respective privacy statements. If you do not wish for your information to be shared, you may choose not to opt-in via event registration or elect not to have your badge scanned at our events;
• With third–party social networks, advertising networks and websites, which usually act as separate controllers, so that SOFTwarfare® can market and advertise on third party platforms and websites;
• In individual cases we may also share Personal Data with professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services;
• We may also share your Personal Data with other affiliates within the SOFTwarfare® corporate group to the extent this is necessary to fulfill a request you have submitted via our websites, or for customer support, marketing, technical operations and account management purposes;
• If we are involved in a merger or reorganization, sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by another company, we may transfer some or all of your Personal Data to such third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any such transfer of Personal Data to unaffiliated third-parties as processing of your Personal Data will be required for the purposes set out in 'Purposes for which we process Personal Data and on which legal bases' section above.
• Any Personal Data or other information you choose to submit in communities, forums, blogs, or chat rooms on our websites may be read, collected, and/or used by others who visit these forums, depending on your account settings.
   

7. International transfer of information collected

Your Personal Data may be collected, transferred to and stored by us in the United States and by
our affiliates in other countries where we operate.

Therefore, your Personal Data may be processed outside the EEA, and in countries which are not
subject to an adequacy decision by the European Commission and which may not provide for the
same level of data protection in the EEA. In this event, we will ensure that such recipient offers
an adequate level of protection, for instance by entering into standard contractual clauses for the
transfer of data as approved by the European Commission (Art. 46 GDPR), or we will ask you
for your prior consent to such international data transfers.

8. Children

Our websites are not directed at children. We do not knowingly collect Personal Data from
children under the age of 18. If you are a parent or guardian and believe your child has provided
us with Personal Data without your consent, please contact us as described in the “Contacting
Us” section below and we will take steps to delete such Personal Data from our systems.
9. How long do we keep your Personal Data?

​

We may retain your Personal Data for a period of time consistent with the original purpose of
collection (see 'Purposes for which we process Personal Data and on what legal basis. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of your Personal Data, the potential risk of harm from unauthorized use or disclosure, and whether we can achieve the purposes of the processing through other means, as well as the applicable legal requirements (such as applicable statutes of limitation).

After expiry of the retention periods, your Personal Data will be deleted. If there is any
information that we are unable, for technical reasons, to delete entirely from our systems, we will
put in place appropriate measures to prevent any further use of the data.

10. Your rights relating to your Personal Data

10.1 Your rights

You have certain rights regarding your Personal Data, subject to local data protection laws.
These may include the following rights:

• To access your Personal Data held by us (right to access);
• To rectify inaccurate Personal Data and ensure it is complete (right to rectification);
• To erase/delete your Personal Data to the extent permitted by other legal obligations (right to erasure; right to be forgotten);
• To restrict our processing of your Personal Data (right to restriction of processing);
• To transfer your Personal Data to another controller to the extent possible (right to data portability);
• To object to any processing of your Personal Data carried out on the basis of our legitimate interests (right to object). Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;
• Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects ('Automated Decision-Making'); Automated Decision- Making currently does not take place on our websites;
• To the extent we base the collection, processing and sharing of your Personal Data on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal.

10.2 How to exercise your rights

To exercise your rights, please contact us in accordance with the “Contacting Us” section below.
We try to respond to legitimate requests within one month and will contact you if we need
additional information from you in order to honor your request. Occasionally it may take us
longer than a month, considering the complexity and number of requests we receive. If you are
an employee of a SOFTwarfare® customer, we recommend you contact your company’s system
administrator for assistance in correcting or updating your information.

​

In addition, if you have registered for an account with us, you may generally update your user
settings, profile, organization’s settings or event registration by logging into the applicable
website with your username and password and editing your settings or profile. To update your
billing information, discontinue your account, and/or request return or deletion of your Personal
Data and other information associated with your account, please contact us.

10.3 Your rights relating to Customer Data

As described above, we may also process Personal Data in the role of a processor (see
'Responsible SOFTwarfare® entity' section above). If your data has been submitted to us by a
SOFTwarfare® customer and you wish to exercise any rights you may have under applicable
data protection laws, please inquire with our customer directly. Because we may only access our
customer’s data upon instruction from the respective customer, if you wish to make your request
directly to us, please provide the name of the SOFTwarfare ® customer who submitted your data
when you contact us. We will refer your request to that customer and will support them as
needed in responding to your request within a reasonable timeframe.

​

10.4 Your preferences for marketing communications

If we process your Personal Data for the purpose of sending you marketing communications, you
may manage your receipt of marketing and non-transactional communications from us by
clicking on the “unsubscribe” link located on the bottom of our marketing emails. Additionally,
you may unsubscribe by contacting us using the information in the “Contacting Us" section
below. Please note that opting-out of marketing communications does not opt you out of
receiving important business communications related to your current relationship with us, such
as information about your subscriptions or event registrations, service announcements or security
information.

11. Security

We take precautions including organizational, technical, and physical measures, to help
safeguard against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of,
or access to, the Personal Data we process or use.

While we follow generally accepted standards to protect Personal Data, no method of storage or
transmission is 100% secure. You are solely responsible for protecting your password, limiting
access to your devices, and signing out of websites after your sessions. If you have any questions
about the security of our websites, please contact us via the “Contacting Us” section below.

12. Changes to this Privacy Statement

We will update this Privacy Statement from time to time to reflect changes in our practices,
technology, legal requirements and other factors. If we do, we will update the “effective date” at
the top of this Privacy Statement. If we make an update, we may provide you with notice prior to
the update taking effect, such as by posting a conspicuous notice on our website or by contacting
you using the email address you provided.

​

We encourage you to periodically review this Privacy Statement to stay informed about our
collection, processing and sharing of your Personal Data.