Privacy Policy

Blackpoint Holdings, LLC (“Blackpoint Cyber,” “Blackpoint,” “Our,” “We,” or “Us”) is committed to protecting the privacy and security of your personal information collected by us through: 

1. A Blackpoint website that links to this privacy policy, including blackpointcyber.com, or any subdomains (“Websites”),
2. The Blackpoint Partner Portal, SNAP-Defense, or other Blackpoint Products and Services (collectively referred to as the “Services”), and/or
3. As part of our sales and marketing activities, whether by email, phone, or other means 

This Privacy Policy does not apply to information collected by: 

• Us offline or through any other means, including on any other website operated by Blackpoint or any third party (including our affiliates and subsidiaries); or  
• Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Websites or Services

Visiting our Websites, or otherwise providing, your personal information to us is voluntary. If you do not agree with this privacy policy, do not access, or use our Websites or Services or otherwise provide us with your personal information. This policy may change from time to time. Your continued use of the Website or Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

This policy is intended to help you understand:

• What information we collect from you
• What information we collect automatically
• What information we collect from other sources
• How we use information we collect
• How we share information we collect
• How we store and secure information we collect
• How to access and control your information
• Other important privacy information
  • Cookies and Tracking
  • Children
  • External Links
  • Promotional & Marketing Communication
  • EU (European Union) Citizen and the GDPR
  • Changes to this Privacy Policy
  • How to Contact Us

We collect information directly from you when you input it into our Services or otherwise provide it directly to us.

• Account and Profile Information: We collect information from you to create an account with our Services. Such information includes your name, email address, and password.
• Content you provide through our Service:  The Services includes the Blackpoint products you use. Examples include additional contact phone numbers and email addresses to receive security threat alerts pertaining to the Services. We collect feedback you provide directly to us through the Services, and we collect clickstream data about how you interact with and use features in the Services.
• Otherwise Communicate with us: We may request, or you may otherwise voluntarily provide us with personal information such as your name, job title, business email, and phone number when you communicate with us by phone, email, completing a web form, interacting with us on social media or at events, requesting a demo, or participating in contests, promotions, sweepstakes, or activities. If you use the chatbot feature on our Website, we collect data that you choose to provide in your communications with the chatbot.
• Payment Information: We collect payment and billing information when you register for Services. For example, we ask you to designate a billing contact with a name, contact information, and address. Payment card information is collected securely by our payment processing vendor. Please see “How we share information we collect” for more information on personal information processed by our payment processor.

We automatically collect information about you when you use our Websites and Services, including browsing our websites and taking certain actions within the Services.

• Your use of the Websites or Services:  We keep track of certain information about you when you visit and interact with any of our Websites or Services. This information includes the features you use and the links you click on.
• Device and Connection Information:  We collect information about your computer, phone, tablet, or other devices you use to access the Websites or Services. This device information includes your connection type, your operating system, browser type, IP address, URLs of referring/exit pages, and other device identifiers. How much of this information we collect depends on the type and settings of the device you use to access the Websites or Services.
• Network and Device Information/Identifiers:  Some features of the Services require that you install our software on your electronic devices (e.g., SNAP-Defense agent) or create an API connection to your information system (e.g., Sophos, Cisco Meraki, Bitdefender, etc.). This software collects data from your IT environment to provide the Services you requested.
  • Device Information:  Including information on your operating system, MAC address, device or machine ID, and other device identifiers.
  • Applications, Programs, and Files: Including information on the existence, characteristics, and behavior of your files and applications. Depending on the Services you subscribe to, a determination on the security status of your files may be collected from other security applications (e.g., 3rd party Anti-Virus), such as whether activity could be categorized as bad, good, suspicious, or unknown. Additionally, if Blackpoint suspects that a file or application is potentially malicious, we may collect copies of it for purposes of malware research and analysis.
  • Network and Internet: Including IP addresses, URL requests, ports and protocols, applications, and files that attempt to access a network.
• Cookies and Similar Tracking Technologies: We use cookies, and similar technologies such as pixel tags, web beacons (referred to together as “cookies”) to provide functionality and recognize you across different Services and devices. For more information, please see Cookies and Tracking below.

We may receive Personal Information about you from other Service users, non-affiliated services, social media platforms, public databases, and business or channel partners. We may combine this information with information we collected by other means described above to improve our records, create more personalized advertising, and suggest services that may be of interest to you.

• Other Service Users: Other users of the Service may provide information about you while using the Service. For example, we receive your email address from another Service user when they invite you to use the Service. Additionally, a Service user may provide us your contact information when they designate you as the billing or security incident contact.
• Linking External Services. We collect information about you when you or your administrator of Blackpoint Services establishes an API connection to a non-Blackpoint service. For example, you may connect Microsoft 365 to our Service to monitor and protect your environment(s). In this example, we may receive your name, email address, username, IP Address, and other metadata authorized by you relating to your Microsoft 365 activity to identify malicious or suspicious behavior. The information we receive when you link or integrate our Services with another service depends on the settings, permissions, and privacy policy controlled by that connected service.
• Other Parties: We receive information from other parties, such as our business partners, social media platforms, joint marketing and advertising partners, event sponsors, referrals, and other data providers. This may include your name, contact details, and information about your company.

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you. 

• Provide the Services:  As a leading cybersecurity provider, we use information to stay ahead of threat actors. We use this information to:
  • create your account,
  • process billing and payment,
  • provide customer support,
  • distribute updates to Blackpoint Services,
  • analyze and conduct research on how you use the Services to improve them,
  • process your purchase of the Services,
  • develop new products and services,
  • protect you and others from security threats such as viruses, threat actors, and ransomware, and
  • predict and protect against future IT security threats and vulnerabilities.
• Personalize the Services to:
  • improve and manage our relationship with you,
  • improve our Service so that content is presented in an appropriate manner for you and your device(s),
  • measure the effectiveness of our advertising to you, and
  • make suggestions and recommendations to you about our other Services.
• For Research and Development: We are always looking for ways to make our Services faster, integrated, secure, and useful. We use the information collected, including feedback, to:
  • troubleshoot,
  • identify trends, user utilization, and activity patterns to improve the Service, and
  • develop new products, features, and technologies that better our users and the security of the public.

We also may use the information collected to create aggregated, anonymized, pseudonymized, or de-identified data sets for use of any purpose, including product improvement and development, trend analysis, research, marketing, and other purposes.

• Communicate With You in Order to:
  • respond to your requests for information,
  • provide any co-managed Service such as threat alerts or incidents on your network,
  • provide you with transactional updates and information about the Services, such as account or transaction information you conduct on the Service and subscription expiration,
  • provide you with marketing materials to enable you to market and resell our Services,
  • market or advertise to you by email or other means as permitted by applicable law,
  • allow you to report a problem with the Service,
  • provide information on changes to our Services, Terms, Conditions or Policies,
  • provide you with information about other products and services similar to those that you have already purchased or inquired about, and
  • communicate with you about our events, surveys, contests, sweepstakes and other promotions.
• Secure our Services and Users: This is done by monitoring for, preventing, and detecting fraud. We also do so by verifying your identity, enforcing our policies, and continually improving the security of our Services.
• Fraud Detection and Prevention, Defending our Legal Rights, and Compliance with Law:
  • To comply with any applicable procedure, law, or regulation where necessary, or to defend our legal rights where necessary for our legitimate interest or the legitimate interest of others
  • To protect the rights, property, and safety of Blackpoint and our employees, customers, affiliates or subsidiaries, their customers or other third parties. This includes exchange information with other companies and organizations for the purposes of fraud and network protection.
• Business Administration: For our general business operations and for other business administration purposes, including:
  • authenticating your identity,
  • maintaining our records,
  • monitoring your compliance with your agreements with us,
  • collecting debts owed to us,
  • financing our business and safeguarding our business interests, and
  • managing or transferring our assets or liabilities,
    • e.g., in the case of an acquisition, disposition or ‎‎merger, as described below.
• With Your Consent:  We use information we collect where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or feature customer stories to promote the Services with your permission.
• How We Share Your Information: When we transfer personal information to third parties such as our affiliates, business partners, or service providers, these third parties may process personal information outside of the U.S.
• For those in the European Economic Area (EEA) or United Kingdom (UK):  When you access our Site or Services from within the EEA or UK, the personal information we collect from you may be transferred, processed, and stored at a destination outside of the EEA or UK that may not be subject to equivalent Data Protection Law found in your country. When your personal information is transferred outside of the EEA or UK, we will take reasonable steps necessary to ensure that your personal information is subject to appropriate safeguards, such as implementing appropriate physical, technical, and organizational measures to ensure a level of security appropriate to the risk and in accordance with this privacy policy and utilizing approved transfer mechanisms where required.

Where required by law, you have the right to:

• Be provided with a copy of your Personal Information held by us;
• Request the rectification or erasure of your Personal Information held by us;
• Request that we restrict the processing of your Personal Information;
• Object to the further processing of your Personal Information;
• Request that your provided Personal Information be moved to a third party.

Your right to withdraw consent:  Where the processing of your Personal Information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us. Information on how you can change your marketing preference is detailed in Promotional & Marketing Communication below.

You can exercise the rights listed above at any time by contacting the data privacy team at [email protected]. Please note certain information may be exempt from such requests under applicable law.

We will take reasonable steps to verify your identity when exercising these rights. To exercise these rights, you or your agent may be required to authenticate to your account or provide information contained in your account profile that is unique to the individual requesting authentication. Please ensure that you keep your profile information up to date and accurate so that we may verify your requests.

Your request and choices may be limited in certain cases. For example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. If your request of concern is not satisfactorily resolved by us, you may contact your local data protection authority.

We do not meet the conditions as outlined in Section 1798.140 of the California Consumer Privacy Act of 2018 (the “CCPA”) and therefore are not subject to CCPA requirements. We also do not meet the eligibility conditions outlined in the Virginia Consumer Data Protection Act, Colorado Privacy Act, Connecticut Data Privacy Act, Utah Consumer Privacy Act, Oregon Consumer Privacy Act, Florida Digital Bill of Rights, or Texas Data Privacy and Security Act and are therefore are not subject to the requirements of these laws.

We use cookies and similar technologies such as pixel tags and web beacons (referred to together as “cookies”) to provide functionality and recognize you across different Websites, Services, and devices. Cookies, by themselves, do not tell us your e-mail address unless you choose to provide this information to us, for example, when you create an account. Once you choose to provide us with an e-mail address, this information may be linked to the data stored in the cookie.

• When strictly necessary:  These cookies are essential to operate the Services and features you have requested, such as remembering your logged in state.
• For functionality:  These cookies remember choices you make such as search parameters and filters. We use these cookies to provide you with an experience more appropriate with your selections and to make the Service more tailored.
• For performance and analytics:  These cookies collect information on how users interact with the Services and enable us to improve how the Services operate. For example, we use Google Analytics cookies to help us understand how visitors arrive at and use our Websites. This helps us identify areas for improvement such as navigation, user experience, and marketing campaigns. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.
• Targeting cookies or Advertising cookies:  These cookies collect information about your browsing habits to make advertising relevant to you and your interests. They remember the websites you have visited and share that information with other parties such as advertising technology service providers and advertisers.
• Social media cookies:  These cookies are used when you share information using a social media sharing button or engage with our content on or through a social media site. The social network will record that you have done this. This information may be linked to targeting/advertising activities.

• Cookie Control:  Most browsers automatically accept cookies. You can set your browser option so that you will not receive cookies and you can also delete existing cookies from your browser. Each browser is different in how this is performed and making these changes is your responsibility. However, you may find that some parts of the Services will not function properly if you have refused cookies or similar tracking technologies. Disabling cookies or similar tracking technologies may prevent you from accessing some of our content. You will not be able to opt-out of any cookies or other technologies that are strictly necessary for the Services.
• Advertising Cookies:  Users may use advertising industry opt-out tools to opt out of certain advertising networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest-based advertising and their choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative (“NAI”) Consumer Opt-Out Page for information about opting out of interest-based advertising and their choices regarding having information used by NAI members.
• Other Tracking:  We and our service providers also use clear GIFs in HTML emails to our customers to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
• Send “Do Not Track” Signals: Blackpoint Websites and Services do not recognize the “do not track signals” that some browsers may employ.

Blackpoint does not knowingly collect any Personal Data from children under 13 years old. If a child under 13 has provided Blackpoint with Personal Information, the parent or guardian of that child should contact Blackpoint immediately at [email protected] to delete this Personal Information.

Our Services may contain links to non-affiliated websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those non-affiliated websites. We are not responsible for the information practices of such websites.

Where permitted in our legitimate interest or with your prior consent where required by law, we will use your personal information collected in the context of our Website or in offering our Services for marketing analysis and to provide you with promotional update communications by email about our Services.

You can object to further email marketing at any time by updating your communication preferences by clicking the “Manage Subscription” link at the end of all our marketing and promotional email communications to you, or by sending us an email to [email protected].

The GDPR makes a distinction between organizations that determine the purpose and means of processing personal information (known as Data Controllers) and organizations that process personal information on the behalf of others (known as Data Processors).

When processing personal information in connection with the Services, we act as a Data Processor. As a Data Subject, you may contact the Data Controller to learn about their processing of your personal information and to exercise your rights.

We maintain a robust information security program, which includes numerous technical and organizational measures to ensure your data is appropriately protected. Our security policies, standards, and procedures ensure the continued confidentiality of your data. We encrypt data in transit and at rest to make sure your information remains protected. For additional information regarding our internal information security program, please see our Trust Profile.

We store your personal information for a period of time that is consistent with our business purposes to deliver our MDR Services. We will retain your personal information for the length of time needed to fulfill the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. When the data retention period expires for a given type of data, we will delete or destroy it in accordance with our established Data Retention and Disposal Policy.

This Privacy Policy may be changed by Blackpoint at any time in its discretion. The revised Privacy Policy will be posted to this page so that you are aware of the information we collect, how we use it, and under what circumstances we may disclose it.

This Privacy Policy may be changed by Blackpoint at any time in its discretion. The revised Privacy Policy will be posted to this page so that you are aware of the information we collect, how we use it, and under what circumstances we may disclose it.

If you have any questions or concerns about the Blackpoint Holdings, LLC Privacy Policy or its implementation please contact us via email at [email protected] or by writing to:

Blackpoint Holdings, LLC
1099 18th Street, Suite 3050
Denver, CO 80202
USA