Home > Trust Center > Privacy at Imperva 

Privacy at Imperva

Our Commitment to Our Customers

When you purchase our products and services, you’re trusting us with your data. And it’s important for us to ensure that trust is not misplaced. That’s why we’ve embarked on a mission to implement a privacy framework based on the following principles:

PCTC Privacy Overview

newsletter   Transparency
Imperva believes in being transparent about what personal data we collect, for what purposes we use personal data, and to whom we disclose it. See our Privacy Statement for more information.

app data sec   Data Security
At Imperva, we continuously invest in securing our customers’ data. From GRC, to security architects, to independent auditors, we believe this is one investment that is unquestionably worth making. For more information regarding our information security program, click here.

api security   Privacy by Design
Our product teams work closely with our Privacy Office to embed privacy principles in our products and services and ensure privacy compliance with the various phases of product development – starting at concept and ending at deprecation.

demand gen   Data Minimization
Our goal is to minimize the personal data we collect. We leverage data masking to minimize the personal data we process. Our Cloud WAF solution also permits customers to implement their own masking and hashing rules to further minimize which data Imperva processes.

database   Data Retention
There’s the ubiquitous tagline – only store customer data for as long as is needed and relevant. Well, we do that. We only store our customer event logs for as long as is needed and relevant for the purposes that we described above.

community   Accountability
We are committed to earning and maintaining our customers’ trust. And if we do make a mistake, we’ll admit it and work with our customers to correct it.

 

Data Processing Terms

We make it easy for our customers to sign our Data Processing Addendum (DPA). Our DPA addresses topics that are often the subject of data protection laws, such as use limitations, security, the use of subprocessors, and cross-border transfers. The DPA is pre-signed by Imperva. And to sign the DPA, all you have to do is click here. And should you have any questions about the DPA or e-signature process, please feel free to contact privacy@imperva.com.

 

Training and Awareness

Protecting one’s privacy cannot be achieved through security and product design alone. You have to understand privacy to truly protect it. That’s why all Impervians go through an annual mandatory privacy and security training. The completion of training is actively tracked and reviewed to not only help ensure compliance, but also to make the training relevant to our business activities. We also circulate periodic privacy and security updates to our teams to supplement our annual training, further developing Impervians’ understanding of data privacy.

 

Contact Us

The key to fostering and maintaining trust is not just being transparent, but making ourselves available to our customers and listening to their concerns. That’s why we’re committed to doing just that. If you ever have any questions or concerns, please contact us at privacy@imperva.com.