WanAware Privacy Policy

This Privacy Policy (“Privacy Policy”) describes the manner in which WanAware, Inc., a Delaware corporation and its Affiliates (collectively “WanAware”) collect, use, maintain, and disclose information from users of our websites and platforms (collectively, “Software”), event participants, prospective customers, or other situations in which WanAware is a data controller, and from the use of our products and the performance of our services (our “Services”). Terms not defined here in have the meaning given to them in the Terms of Service (the “Agreement”, which can be found here https://wanaware.com/legal/terms, to which this Privacy Policy is incorporated by reference.

Please read and review this Privacy Policy carefully to understand how we handle your “Personal Data”, which is generally described as information that identifies, relates to, or could reasonably be linked with you. By engaging with us in the ways set out in this Privacy Policy or accessing or using the Services, you confirm that you have read and understood the entirety of this Privacy Policy, as it applies to you.

If you have any questions or concerns about our use of your Personal Data, then please contact us using the contact details provided at the bottom of this Privacy Policy. [At any time, you can manage your privacy preferences by visiting your dashboard.]

1. What Personal Data may WanAware collect?

To fulfill the purposes described in this Privacy Policy, WanAware may collect Personal Data such as business contact information, technical unique identifiers, authentication credentials, or other Personal Data you choose to provide to WanAware. For example, as described in specific sections of this Privacy Policy, Personal Data collected may include, among other things, the Internet Protocol (IP) address, browser information, device ID, the type of computer, and technical information about a user’s means of connection to our Software, such as the operating system and the Internet service providers utilized and other similar information. When users are required to login to gain access to a particular Software feature, we collect usernames, passwords, and other login credentials to authenticate access to the feature or Services.

WanAware’s Software and Services are not directed at individuals, children, and furthermore, WanAware does not knowingly collect, process or sell Personal Data from individuals under the age of 16.

2. How is your Personal Data collected by WanAware?

The WanAware Software provides internet-based access solutions for users to use the Services. When an Authorized User, Customer, partner, or reseller, uses our Software or Services, WanAware may gather and/or process information, some of which may be considered Personal Data in your jurisdiction and is used consistent with the below purposes.

a. Information Provided By You

i. Contact Information – If you create an account, sign up for or accept any Beta Services, or visit one of our offices, we will receive Personal Data about you. which may include:

A. Contact information such as name, email address, mailing address, phone number.

B. Billing information such as credit card number, and billing address.

C. Unique identifiers such as username, account number, password; note we may collect such information about you regarding your accounts with third-party services if you link those services to your account.

D. Preferences information you provide such as product or content interests, or communication or marketing preferences.

E. Demographic information such as household income, age, education, gender, interests, and zip code.

F. Usage activity about how you interact with us such as purchase history, what content you viewed on our Software, and which areas of our website you visited.

G. Information collected automatically about your device and your usage of the Services, such as IP address, browser type, referring/exit pages, and operating system.

b. Information That We Obtain From Third-Party Sources

i. From time to time, we may receive Personal Data about you, including your name, email address, or other information such as a profile picture, from third-party sources where those parties have indicated that they have your consent or are otherwise legally permitted or required to disclose your Personal Data to us. For example, we may be provided with information about individuals interested in using our Offerings, joining our company, or when using third-party authentication options to sign-up for or log-in to our offerings.

ii. Be aware that by using third-party sources that link you to WanAware’s website or Software, or clicking on links in our website that direct you to third-party links, your Personal Data may be subject to practices that differ from those of WanAware.

3. How We Use Your Personal Information

We may use the information, including Personal Data, that you provide to us or that is provided to us by third-party sources for a variety of purposes, including but not limited to the following purposes:

a. Business and Operational Purposes - We may use the Personal Data in order to run our business, including in the course of running and maintaining our Software, which includes our websites and infrastructure; improving customer and user experience; providing support; improving current and developing new features, products, and services; processing payments and agreements; managing contests and promotions; analyzing trends; to achieve other legitimate interests as well as where you have provided consent; and other business and operational-related purposes.

b. Marketing and Commercial Purposes - We may use your Personal Data to send marketing and other communications to you; to conduct joint marketing efforts with our partners; to conduct digital and direct marketing; to connect you with our partners and resellers; and other marketing and commercial related-purposes.

c. Security Purposes - We may use the Personal Data to help ensure the security and integrity of our Websites and Web Portals, our physical office locations, and of our Offerings, and that of our Customers and our Customers’ and other third-parties’ data; to help prevent fraud; to maintain endpoint and network security; and other security-related purposes.

d. Legal and Compliance Purposes - We may use your Personal Data to comply with our legal obligations; protect our intellectual property; enforce our legal rights; and other legal and compliance-related purposes.

4. Who does WanAware share my Personal Data with?

We may share your Personal Data, including business contact information or aggregated demographic information regarding visitors and users of our Websites with our Affiliates, partners, sponsors, and advertisers. We may also share your Personal Data with the following parties:

  • Service providers that assist us in email marketing, or advertising through social media platforms, such as [MailChimp or Facebook].
  • Cloud service providers, or web services hosting companies, which allows us to host or run our Software solutions through different technological methods, and which may access your Personal Data stored within our Software when providing support and maintenance services.
  • Other third-party vendors we may engage with in order to run other aspects of our operations that make the Offerings and Services available to you possible, such as payment processors, utility providers, suppliers of technical and support services, insurers, logistic providers, cloud service providers, analytics and search engine providers that assist us in the improvement and optimization of our website, and other service providers, without which communications with you or other Authorized Users, database maintenance and payment processing would not be possible.
  • As required by Applicable Law, in order to comply with a subpoena, government regulation, or similar legal process, when we believe in good faith that such disclosure is required in order to be in compliance, protect our rights, or protect your or a third-party’s safety, investigate fraud, malfeasance, criminal actions, violation of the AUP, or to respond to a government or law enforcement valid request.
  • As may be required in a due diligence process where WanAware is involved in a corporate transaction such as a merger, acquisition, dissolution, liquidation, reorganization or similar event, in which we sell all or substantially all of our assets, your Personal Data held by us may be transferred as one of those assets, provided that you will be notified in advance of such event, together with your legal options regarding your Personal Data held by us at that moment.
  • As we see fit, with your consent in advance, to share with third-parties who have relevant offers, promotions, ads, products or services related to you as a consumer of our Services. We will not share your Personal Data with such third-parties without your opt-in authorization to do so, and without having written agreements with such third-parties that offer appropriate data protection terms to safeguard your Personal Data, although we will not control your Personal Data at that point nor be liable for any loss or damages you may suffer as a result.

5. Cookies and Similar Technologies

WanAware and our service providers, including your browser provider, may use cookies, local storage (HTML5), scripts and similar technologies to all our Software, including our websites and platforms, to function properly, to help us continuously improve our websites and platforms, and to customize a user's experience on our websites and platforms.

6. Metadata and Customer Environment Data

Most of the information we collect through our Software is metadata. Metadata may include how and when a device or network is being used, login times and attempts, registry keys, types and versions of operating systems, browsers, and information about software applications. In some cases, we collect Personal Data as it may appear within the metadata, such as that associated with usernames, filenames, file paths, and machine names. This Personal Data is used to help our customers and improve our capabilities in the way described in our more specific product or service documentation and agreements. WanAware’s Software also includes features providing customers the ability to submit files (including the content of those files) and other information related to the files for purposes including security analysis and response, product improvement, enhanced capabilities, or customer support. At the direction of customers, we may also collect or retrieve files as part of our Services.

An important type of data we detect, collect, analyze, and use through our Services (or provide our customers the ability to provide to us) is Threat Actor Data, as defined in the MSA. We often discover this type of information from analyzing samples customers provide to us or from the data we collect from customers through our Services. We use the Threat Actor Data to help all of our customers and the public.

To the extent WanAware collects Personal Data through its Services, WanAware generally collects that information under the authority and direction of its customers, which often are corporate entities. WanAware typically has no direct relationship or contact with an individual whose Personal Data we may collect or receive from a corporate customer and subsequently analyze and use. Consequently, any inquiries about the specific processing of your Personal Data via WanAware Services should be directed to your organization. Regardless, the use of the information collected through our Services is limited to the purpose of providing the service for which our customers have engaged WanAware or as otherwise outlined in our agreements. We do not use any Personal Data collected through our Services to contact or market products or services to these individuals. We also do not provide any Personal Data obtained through the Services to third parties for the purpose of contacting or marketing products or services to these individuals. We don’t request, collect, or share Personal Data of individuals contained in a Customer’s Environment, and we generally do not have permission to access, or access to, such Personal Data.

If you are an Authorized User of one of our Services, we obtain the Personal Data you provide us during the sales and/or fulfillment process or when you enter and use our Software. We may use the Personal Data you provide to contact you and to provide and inform you of Offerings, send you an invoice, ask you to fill out a survey so we can determine how our offerings are used and enhance your customer and user experience, perform accounting, auditing and collection activities, answer questions, and provide support or other similar services.

7. How We Protect Your Information

The security of Customer data and your Personal Data is at the core of what we do. We adopt data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure and destruction of customer data and your Personal Data. We follow generally accepted practices to protect customer data and the Personal Data collected and submitted to us, both during transmission and once we receive it. If you have questions about the security of your Personal Data collected through our Services or Software, you can contact us at legal@wanaware.com.

8. International Data Transfers

Although we are located in the United States, we may offer our Services in different locations around the world, in our mission to help our Customers around the globe. Where applicable, WanAware implements different mechanisms to transfer Personal Data in compliance with Data Protection Laws. 

If you are located in the European Economic Area, the United Kingdom, or Switzerland (the “GDPR Area”), and we provide any Personal Data about you to any non-GDPR Area service providers or suppliers, where we are required to do so, we will take appropriate measures to ensure that the recipient protects your Personal Data adequately in accordance with this Privacy Policy and Data Protection Laws. These measures include:

  • Ensuring that there is an adequacy decision in respect of the country to which the personal information is being transferred, which means that the applicable authority of the GDPR Area has concluded that the laws and practices of the destination country provide adequate protection for Personal Data.
  • The use of standard model contractual arrangements with the recipient of Personal Data which have been approved by the European Commission and consolidated into the GDPR as the Standard Contractual Clauses (“SCC’s”).
  • The EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as described further in our DPA.

Further details on the steps we take to protect your personal information are available from us on request by contacting us by email at legal@wanaware.com at any time.

9. Retention of Personal Data

We will retain your Personal Data for as long as needed to fulfill the legitimate business purposes for which we collected it and for a reasonable period thereafter in order to comply with audit, contractual, or legal requirements, or where we have a legitimate interest in doing so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain aggregated or de-identified data indefinitely or to the extent allowed by Applicable Law. We may retain Personal Data preserved in automatically generated computer back-up or archival copies generated in the ordinary course of our information technology systems procedures.

10. European Economic Area, United Kingdom, and Switzerland Residents

a. Our Legal Basis for processing your Personal Data (EEA, UK, and Swiss Visitors Only)

If you are a visitor from the GDPR Area, WanAware’s legal basis for collecting and using the Personal Data collected will depend on the Personal Data concerned and the specific context in which we collect it.

In most circumstances, we collect Personal Data (i) where it is needed for the performance of a contract, (ii) where the processing of the Personal Data is in our legitimate interests and not overridden by your rights, or (iii) where you provide your consent. Other times, your Personal Data may be collected in order for us (iv) to comply with a legal obligation, (v) to perform a task for the public interest, or (vi) for the protection of your or another’s vital interests.

If we collect and use your Personal Data in reliance on our legitimate interests or those of any third-party, we will make clear to you at the relevant time through this notice or otherwise what those legitimate interests are. Oftentimes, legitimate interests involve our normal day-to-day operations, such as the ability to operate our platform and communicate with you as necessary to provide our services, responding to your inquiries, or marketing. We may transfer Personal Data to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our customers.

If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us using the contact details provided at the bottom of this Privacy Policy.

If you are a resident of the GDPR Area, and where WanAware is a data controller, your data protection rights are as follows:

  • You can request access, correction, or deletion of your Personal Data. You can do so at any time by submitting a request via legal@wanaware.com.
  • You can object to processing of your Personal Data, ask us to restrict processing of your personal data or request portability of your Personal Data. You can do so at any time by submitting a request via legal@wanaware.com.
  • You have the right to opt-out of marketing communications we send to you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you or by visiting your privacy preferences in your dashboard.
  • To opt-out of other forms of marketing, such as telemarketing, then please contact WanAware using the contact details provided below or by email at legal@wanaware.com.
  • If WanAware has collected and, currently processes, your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about WanAware’s collection and use of your Personal Data.

WanAware responds to verifiable requests received from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. When contacting us, please provide us with detailed information about the Personal Data you are requesting we correct, update, amend, or remove, and the timeframe and manner in which you believe we came to collect your Personal Data. If we obtained your Personal Data from a customer or third party acting on your behalf, you should contact the company or person you provided your information to. If you would no longer like to be contacted by one of our Customers or would like to have your Personal Data corrected, updated, amended, or removed, please contact the Customer/data controller that you interact with directly.

11. California Residents

The California Consumer Protection Act ("CCPA") as amended and applied by the California Privacy Rights Act (“CPRA”) provides consumers (California residents) with specific rights regarding the processing of their Personal Data. If you are a California resident, you may be subject to the following provisions.

a. Categories of Personal Information Collected

In the preceding 12 months, WanAware may have collected the following categories of Personal Data about California consumers. We may collect this Personal Data directly from you, from third parties, and from your interactions with our Software. For additional details regarding the Personal Data WanAware collects and where it is collected, please review Sections 1 and 2 above. As defined by CCPA, the Personal Data categories are:

  • Business contact information, including identifiers such a name, email address, address, and phone number.
  • Commercial information, such as records of products or services purchased and other transactional data.
  • Internet or other network or device activity details, such as technical data about your use of our Websites or Web Portals.
  • Geolocation data, such as your approximate location based on IP address.
  • Audio, electronic, or visual data, such as part of a photo or recording for a WanAware in-person or virtual event.

In regard to Personal Data provided by you, from third parties, or from your interactions with our Software, we may retain Personal Data for as long as is needed for the purpose(s) for which it was collected and no longer than is relevant and reasonably necessary. Our retention periods vary based on business, legal and regulatory needs.

b. Purposes for Collection

WanAware may collect the categories of Personal Data described above for business and operational purposes, marketing and commercial purposes, security purposes, and legal and compliance purposes, as further described above in Section 2. In the preceding 12 months, and where applicable, we have disclosed each of these categories to our service providers, Affiliates, partners, resellers, and event sponsors, in line with the applicable purpose(s) as described above in Section 2.

c. Categories of Personal Information Sold/Shared for Cross-Context Behavioral Advertising

In the preceding 12 months, we have disclosed the above categories of Personal Data to third-party advertising partners, such as in connection with our use of tracking technologies for cross-context behavioral advertising or by providing lists of email addresses for potential customers, so that we can reach you across the web with advertisements for our products and services. This may be considered “sharing” or a “sale” under the CCPA.

d. Sensitive Personal Information

In the preceding 12 months, WanAware has not collected, shared, or sold any sensitive Personal Data as described in the CCPA.

e. Your Rights under the CCPA

  • You have the right to know what Personal Data we collect, use, disclose, share and sell about you.
  • You have the right to request we correct Personal Data we collect and maintain about you if such Personal Data is inaccurate.
  • You have the right to request we delete Personal Data we collect and maintain about you.
  • You have the right to opt-out of the sale or sharing of your personal data. WanAware shares personal data as described above, which may be considered a “sale” of personal data under the CPRA.
  • You have the right to limit the use or disclosure of your sensitive personal data. WanAware does not collect, share, or sell sensitive personal data.
  • You have the right not to receive discriminatory treatment from WanAware for exercising your privacy rights under the CCPA.
  • You have the right to designate an authorized agent to make a request on your behalf when exercising your privacy rights under the CCPA.

12. How to Contact WanAware about Your Rights

WanAware responds to verifiable requests received from individuals who wish to exercise their data protection rights in accordance with applicable Data Protection Laws. If you would like to exercise your privacy rights under CCPA or are an authorized agent making a request on behalf of a California consumer, please submit a request via legal@wanaware.com. After submitting your request, please monitor your email for any follow-up communications from us. The information you provide will be used only to help verify and process your request. If you are an authorized agent, we reserve the right to request you demonstrate evidence of your authorization, either by providing us with a signed permission form or a copy of your power-of-attorney granting you such authority.

To opt-out of the sale/share of your Personal Data, please submit a request opt-out@wanaware.com, or by setting your privacy preferences by visiting your dashboard and following the directions provided on that page. 

If you are an authorized agent making a request on behalf of a California consumer, please email your request to legal@wanaware.com and provide us the first name, last name, and email address of the California consumer you are making the request for. If you do not provide the requested information, we may not be able to identify the California consumer and process the request. The information you provide will be used only to help verify and process the request. We reserve the right to request you demonstrate evidence of your authorization, either by providing us with a signed permission form or a copy of your power-of-attorney document granting you such authority.

If we obtained your Personal Data from a customer or third party acting on your behalf, you should contact the company or person you provided your information to. If you would no longer like to be contacted by one of our customers or would like to have your Personal Data corrected, updated, amended, or removed, please contact the customer/business that you interact with directly.

13. Changes to this Privacy Policy

WanAware may update this Privacy Policy and its last modified date at any time to reflect changes to our information practices. If we make significant changes in how we use your Personal Data, we will notify you by email if feasible or by means of a notice on this website or through the notice features of the Software. We encourage you to periodically review this page for the latest information on our privacy practices.

14. Contacting Us

If you have any questions, inquiries, or complaints about this Privacy Policy or our privacy practices, please contact us at:

WanAware

Attn: Legal

1434 Spruce St

Suite 100

Boulder, CO 80302

Intelligent Observability. Simplified

Copyright© 2025. All Right Reserved.

Terms of Service

Privacy Policy