WP Privacy Statement | Imperva

Home > Trust Center > Privacy Statement 

Privacy Statement

Last Updated: March 10, 2021

Introduction

Are you looking for details about how Imperva processes your personal information?

Well, you’ve come to the right place.

In this Privacy Statement (this “Statement”), we’ll provide you with details about what information Imperva, Inc. and the other Imperva Group Companies (collectively, “Imperva”) collect: (i) when you interact with Imperva via its websites and mobile applications, and (ii) other instances when you interact with Imperva and we provide you with a reference to this Statement.


person at monitor What Information We Collect and Why

 

Users of Our Websites

How we may collect your information

When You Use Our Website in General: When you visit and use our websites, such as browsing our web pages, interacting with features such as media players, web forms, message boards, and chat windows, and registering or logging into an account, we may collect certain information from you, including through the use of cookies and similar technologies.

What information we may collect

Contact Information: name, email address, address, phone number, job title, and employer.

Login Information: username, password

Device and Usage Data: information regarding your device (e.g., IP address, browser type and settings, and operating system), information regarding how you interact with our websites (e.g., which pages on our websites and mobile apps you view and when; which content, buttons and features you interact with; and control inputs such as mouse click and other related browser information), network and traffic data relating to your Internet connection, and other information regarding your devices and interactions with our websites and mobile applications.

Location Data: information obtained from our service providers to identify which region (e.g., state, province, or country) you may be located in based on the IP address of your device.

Other: We can’t always control what information you provide us with. There may be instances when you provide us with information other than what we discuss in this Statement, such as when you post a message in one of our message boards or chat with one of our sales representatives using our online chat feature.

How we may use your information

Operate and Improve Our Websites: We may use your information to operate and improve our websites. For instance, we may use your information to enable you to visit our websites, view information and content on our websites, download information and content from our website, enable you to use other features and functionality of our website (e.g. live chat windows, media players, etc.), and provide you with a customized experience. We may also use your information for analyzing usage trends and measuring the effectiveness of the content, programs, features and functionality on our websites and in our mobile apps.

Lawful Basis: Legitimate Interests, Contracts

Provide and Improve Our Solutions: We may use your information to provide you and your employer with our products and services, including to validate your credentials and provide you with access to your account, assist you in administering your account, and provide you with account and technical support. We may also use your information to communicate with you regarding your account and your use of our Solutions, including communications regarding product updates, account notifications (e.g., expiration and renewal of subscriptions, maintenance windows, etc.), billing matters, and customer surveys.

Lawful Basis: Legitimate Interests, Contracts

Marketing Activities: Please see the section below titled Marketing Candidates.

Information Security: We may use your information to prevent fraud and unauthorized use of our websites, and to otherwise protect the security of our websites.

Lawful Basis: Legitimate Interests

 

Users of Our Mobile Apps

How we may collect your information

When You Use Our Mobile Apps: When you use our mobile apps, we may collect certain information from you.

What information we collect

Login Information: username (e.g., email address), password

Device and Usage Information: information regarding your device (e.g., IP address, browser type and settings, and operating system), information regarding how you interact with our mobile apps (e.g., which pages on our mobile apps you view and which content, buttons and features you interact with), network and traffic data relating to your Internet connection, and other information regarding your devices and interactions with our mobile applications.

Location Data: information obtained from our service providers to identify which region (e.g., state, province, or country) you may be located in based on the IP address of your device.

How we use your information

Provide and Improve Our Solutions: We may use your information to provide our Solutions. Such use may include using your username and password to verify your identity and manage access to your account. We may also use Device and Usage Information to improve our mobile apps, such as improving user experience and detecting and fixing bugs. To illustrate, by collecting information regarding which buttons you click on, which pages in the apps you visit and when you visit them, we can detect bugs (such as a button that is supposed to lead you to a new page, but doesn’t) and fix them. Glimpses into page visits can also help us to improve the apps. For instance, if all our users leave a page almost immediately after they enter it, then we can infer that the page may not be as useful or interesting as we were hoping.

Lawful Basis: Legitimate Interests, Contracts

Information Security: We may use your information for information security purposes, such as preventing fraud and unauthorized use of our mobile apps, and to otherwise protect the security of our mobile apps and the information that can be accessed through them.

Lawful Basis: Legitimate Interests

 

Marketing Targets

How we may collect your information

From You or Your Employer: There may be instances where you or one of your coworkers provides us with your information. For example, you may call our sales line and provide your information to one of our sales representatives. Also, either you or one of your colleagues may email us and provide us with your information.

When You Visit Our Website: There may be instances when you provide us with your information while using our website. This could occur when you register for a free trial, to participate in a webinar, or to receive some of our online resources (e.g., whitepaper, case studies, info sheets, etc.). We may also collect information through the use of cookies and similar technologies while you interact with our websites.

When You Visit Our Social Media Pages: When you interact with our social media pages, such as our LinkedIn or Facebook pages, we may collect your information through social media service providers and other service providers.

Event Participation: Hopefully, we’ll see and hear from you during one of many events that we host or attend, such as a webinar, trade show, or social event. When registering or while attending those events, you may provide us or one of our business partners (e.g., event hosts or organizers) with your information.

From Our Service Providers and Business Partners: Imperva leverages its service providers (e.g., advertising, marketing, and lead generation service providers) and business partners (e.g., resellers, distributors, and referral partners) to identify and connect us with those that may be interested in our Solutions.

What information we collect

Contact Information: name, email address, address, phone number, job title, employer

Device and Usage Information: information regarding your device (e.g., IP address, browser type and settings, and operating system), information regarding how you interact with our websites (e.g., which pages you view and which content, buttons and features you interact with), network and traffic data relating to your Internet connection, and other information regarding your devices and interactions with our websites; and information regarding how you interact with our social media pages and online advertisements posted on non-Imperva websites, such as which posts you “liked” or commented on, which content you viewed, what ads you clicked on, and which pages you were on when you clicked on an Imperva ad.

How we use your information

Marketing Activities: We may use your information to provide you with marketing materials and other content, to contact you regarding events, offers and promotions, and to otherwise contact you regarding our products and services. We may also use your information to measure the effectiveness of our marketing and advertising campaigns, provide you with ads, content, and messages that better align with your interests, and create internal models to better identify and engage with interested industry segments, companies, and customers.

Lawful Basis: Legitimate Interests, Consent

 

Job Candidates

How we may collect your information

Direct Applications: When you apply for employment directly with Imperva, whether you submit an application on Imperva’s website or submit a cover letter and curriculum vitae to us via email;

Referrals: When someone refers you to us, such as mutual acquaintances or referral agencies; and

Service Providers: When we collect your information from our service providers (e.g., recruiters, LinkedIn or GlassDoor).

What information we collect

Contact Information: name, email address, address, phone number

Candidate Information: employment history, academic history, skills, talents, accolades, achievements, and any other information you may choose to provide us with, whether in the form of a CV, job application, or otherwise.

How we use your information

Recruiting Talent: We may use your information to process your application, evaluate you as a candidate for employment, and assuming everything works out for you (we’re wishing everyone luck!), negotiate, prepare and process an offer of employment.

Lawful Basis: Legitimate Interests, Consent, Contracts

 

Office Visitors

How we may collect your information

Office Visits: When you visit one of our offices, you may have to register as a visitor and provide us with certain information from you. Such information may include your name, contact information, job title, your employer name and a photograph for an ID badge. We may also capture audio and video images of you using our surveillance systems.

What information we collect

Contact Information: name, email address, address, phone number

Photos & Recordings: photographs, audio and video recordings

How we use your information

Facilitate Your Visit: We may use your information to facilitate your visit, which may include using your information to notify personnel of your arrival and provide you an identification badge.

Lawful Basis: Legitimate Interests, Contracts

Security: We may use your information to ensure the security of Imperva’s facilities, personnel, and property, including any systems, networks, devices, documents, or information or data that you may have access to while visiting our offices. Such purposes may include the use of your information to create an ID badge so our staff can easily identify you as an authorized visitor. We may also use your registration information to maintain visitor logs and monitor our premises for any unauthorized activity.

Lawful Basis: Legitimate Interests

 

Photo & Recording Participants

How we may collect your information

Photos & Recordings: There may be instances where you choose to share an image of you or video and voice recordings of you or allow us to record your voice and image. This may occur when you upload a profile photo or opt to participate in a recorded virtual meeting. It may also occur if you decide to participate as a guest speaker in an interview, testimonial or webinar.

What information we collect

Photos & Recordings: audio and video recordings, photographs

Other: your information that you may share in a photo or audio or video recording

How we use your information

Marketing Activities: We may use recordings, such as recordings of virtual meetings, to sell our Solutions to you. For instance, we may review a recorded virtual sales call to better understand our customers’ interests and needs, and how we can address those needs.

Lawful Basis: Legitimate Interests, Contracts

Provide and Improve Our Solutions: We may use recordings, such as recordings of virtual meetings, for the purpose of providing and improving our Solutions. For instance, we may use a recorded meeting between a customer and one of our technical support representatives to review the details of what was discussed during the meeting and better understand what challenges that customer is facing, how we can overcome those challenges, and how we can improve our Solutions and customer experience.

Lawful Basis: Legitimate Interests, Contracts

Procurement Activities, Business Partnerships, and Other Purposes: We may use recordings, such as recordings of virtual meetings, to purposes associated with the reason for the meeting. Those purposes may include evaluating and purchasing products and services from existing and prospective service providers, or establishing or furthering relationships with business partners. We will not, however, use the recording for a purpose that is incompatible with the purpose for the meeting.

Lawful Basis: Legitimate Interests, Contracts

 

api security Other Reasons for Using Your Information

Investigatory, Compliance, and Other Legal Matters. We may use your information to:

(1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist or respond to government enforcement or regulatory agencies;

(2) enforce our agreements with you;

(3) investigate and defend ourselves against third-party claims or allegations;

(4) exercise or protect the rights and safety of Imperva, our customers or others; or

(5) comply with our legal obligations, including our obligations to comply with subpoenas, court orders, or any regulatory or other legal process.

Lawful Basis: Legitimate Interests, Consent, Compliance

Other Purposes. We may use your information for purposes for which you give us your consent or we otherwise provide you with details of how we use the information, which may include purposes other than what we described in this Statement.

Anonymous Information. We may also use anonymized information derived from your information and other anonymous information for legitimate business purposes, including purposes other than those specified in this Statement.

 

community With Whom We Share Your Information

Group Members. There are many Imperva Group Members, and we all work together and support each other. As such, Imperva Group Members may share your information with each other, and each Imperva Group Member may process your information for the purposes we described in this Statement. For instance, when you apply for a job with one of our Group Members, that Group Member may share your information with other Group Members so your prospective teammates, mentors, and other colleagues will have an opportunity to help ensure you’re the right fit for the job.

Service Providers. We may share your information with our service providers. For example, we may share your Device and Usage Information with our analytics service providers, so we can get a better understanding of how we can improve user experience on our websites and mobile apps. We may share your Login Information with our service providers to help validate your credentials and manage access to your account. Or we may share your name, contact information, and employment history with recruiters to assist us in finding and evaluating candidates for available employment opportunities.

Business Partners. We may share your information with our business partners, such as our resellers and distributors, in connection with the purposes for which we use such information as described in this Statement. This may include sharing your contact information with our resellers and distributors to help facilitate the sale of our Solutions through those business partners.

In Connection with Security, Investigatory, and Legal Matters. It is possible that we will need to share your information to: (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce our agreements with you; (3) investigate and defend ourselves against third-party claims or allegations; (4) protect the security or integrity of our website, products, or services; (5) exercise or protect the rights and safety of us, our customers, or others; or (6) comply with our legal obligations.

In Connection with a Change in Ownership. We may share your information with other businesses if an Imperva Group Member is sold or merged into another business or sells just a portion of its business (e.g., a specific product, service, or business unit), including in preparation for any such event. Any business which buys us or any part of our business may have the right to continue to use your information, but only in the manner consistent with this Statement.

 

ebook Lawful Basis for Processing

(Applicable to EEA & UK Individuals Only)

We hate to use legalese, but sometimes we just cannot avoid it. Under the GDPR (both the EU and UK versions) there’s the concept of “lawful basis”. It’s a legal term that is meant to describe how a controller (an organization that not only collects your personal information, but why and how it is processed) is legally permitted to process personal information. Is it in furtherance of the controller’s legitimate interests, did the controller obtain your consent, or is there another aspect of the GDPR that permits the controller to process your personal information?

When we process your information as a controller, we primarily rely on legitimate interests as the lawful basis for processing your personal Information. However, there may be instances where we rely on another lawful basis. For example, there may also be instances where we ask for your consent to process your personal information. How will you know when we rely on consent as a lawful basis? It’s simple, we’ll ask you for it. For instance, you may check a box indicating that you consent to us sending you emails promoting our Solutions. We may also process your information in order to fulfill our obligations under a contract.

Lastly, there may be instances where, in addition to the lawful bases discussed above, we need to process your information in order to comply with our legal obligations.

 

time Data Retention

We retain your personal information for a period that we believe to be reasonably necessary for the purposes for which we process such information, unless otherwise required by law. When determining such retention periods, we take into consideration the:

(i) the nature of the information, the purposes for which we process such information, and how long we believe such information may be relevant for such purposes;

(ii) what retention period is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations); and

(iii) our obligations under the various agreements we enter into and under applicable law.

 

apps api Security of Your Information

In furtherance of our commitment to respecting your privacy rights, we maintain technical and organizational safeguards that are designed to help protect the security of your personal information. Such safeguards include both technical safeguards (e.g., web-application firewalls, access controls, and network monitoring) and organizational safeguards (e.g., conducting employee training and awareness programs, entering into data protection agreements with relevant service providers, and controlling access to our facilities ). For other examples of such measures, click here.

 

dns International Transfers

Imperva is a global organization. Although we maintain our headquarters in the United States, we have a vast, global presence, which includes the use of service providers and business partners from all over the world. That means your personal data may be transferred to the United States and other countries which may not have a similar standard of for data protection as your local data protection laws. Whenever we transfer personal information to other jurisdictions, we will endeavor to mitigate the risks associated with the transfer through the use of technical and organizational safeguards. Such measures may include the use of the European Commission’s Standard Contractual Clauses when transferring personal information from the European Union among Imperva’s Group Members or to our service providers. To see other examples of such measures, click here.

TRUSTe

 

protect respond Your Privacy Rights

You may have certain legal rights regarding your personal information. To learn more about those rights, including how you can exercise them, click here.

 

apps api Communication Preferences

As we mentioned above, Imperva may send you commercial communications based on the communication preferences in your account settings. You may manage your receipt of our marketing emails by clicking on the “unsubscribe” link located on the bottom of the emails. Imperva may also send you communications related to our Solutions, job applications and opportunities, and other matters. If there is a particular type of communication that you’re not too keen on receiving, you may send an unsubscribe request to privacy@imperva.com.

 

user Dk Children

Our websites and mobile apps are not directed toward children. Children under the age of eighteen years old are not eligible to use our websites or mobile apps, and we therefore ask that children do not submit any personal information to us or use our websites or mobile apps. If you are a parent or guardian of a child and believe that your child provided us with their personal information, please contact us at privacy@imperva.com.

 

brief Changes to this Statement

We may update this Statement from time to time to reflect changes in our practices. If we do, we will post the updated Statement as well as the effective date of such updates. Because this Statement can change at any time, we encourage you to periodically review them to stay informed about our collection, processing, and sharing of your information.

 

ddos protection Translations

We may provide you with non-English versions of this Statement and other privacy notices. If we do, it’s merely for convenience. If there is a difference in meaning or interpretation between the English version and any non-English version of this Statement or any other privacy notices, the English version is the authoritative version.

 

announcement faqs Questions?

We want to hear from you, and we want you to feel confident in us. So if you have any questions regarding this Statement or our privacy practices in general, please contact our Privacy Office at:

Mail: Imperva, Inc.
Attn: Privacy Office
One Curiosity Way, Suite 203
San Mateo, CA 94403

Email: privacy@imperva.com