LAST UPDATED: APRIL 17, 2024
This Obsidian Privacy Policy (the “Policy”) describes how Obsidian Security, Inc. (“Obsidian”, “we”, “us”) collects, uses, stores, and discloses information from users (“you”, “your”) of digital properties that link to this Privacy Policy, including our website at obsidiansecurity.com and other websites we operate (collectively, the “Websites”), our cloud-based SaaS cybersecurity platform (the “Platform”), as well as through social media, our marketing activities, our live events and other activities described in this Policy. By accessing the Websites and/or Platform, you agree to the collection, use, and transfer of personal data according to the terms of this Policy. If you do not agree to these terms, please do not access or use the Websites and/or Platform.
If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), see the Notice to EU and UK Residents below.
Obsidian’s Subscription terms govern the delivery and use of the Platform, including any data imported into the Platform by a customer or provided by a customer to import into the Platform on a customer’s behalf. If you are applying to work at Obsidian, please see our Applicant Privacy Policy for additional information on how we handle your personal data during and after the application process.
We also wrote a three part blog series (1, 2, 3) on the data guardianship and privacy principles we use to inform our privacy policies.
Information you provide to us. personal data you may provide to us through the Service or otherwise includes:
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Websites, the Platform, our communications and other online services, such as:
Cookies and similar technologies. We use cookies and similar technologies (such as web beacons, pixels, tags and scripts) to improve and personalize your experience, provide the Websites, analyze website performance and for marketing purposes. For more information, see our Cookie Notice.
We may use your personal data for the following purposes or as otherwise described at the time of collection:
We may share your personal data with the following parties and as otherwise described in this Policy or at the time of collection:
Authorities and others
Obsidian may disclose your personal data if required to do so by law to law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Third party services
Obsidian holds contracts with third party vendors that provide services on our behalf or help us operate the Websites or Platform or to carry out sales, marketing, recruiting, and other business functions (such as hosting, information technology, customer support, email delivery, consumer research and website analytics). The third parties may store personal data from visitors to our public facing website, social media accounts, and recruiting accounts.
Business transferees
In the event that Obsidian is involved in a bankruptcy, merger, acquisition, reorganization, or sale of assets, or other disposition of all or any portion of the business or assets of, or equity interests, your personal data may be shared with acquirers and other relevant participants in business transactions (or negotiations of or due diligence for such transactions).
We apply a general rule of keeping personal data only for so long as is required to fulfill the purpose for which it was collected. However, in some circumstances, we will retain your personal data for longer periods of time. We will retain personal data for the following purposes: (i) as long as it is necessary and relevant for our operations, business needs and to provide the Websites and/or Platform, e.g. so that we have an accurate record of your dealings with us in the event of any complaints or challenge; and (ii) in relation to personal data from closed accounts (e.g., due to contract termination) to comply with applicable laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce the Websites’ and/or Platform’s terms and take other actions as permitted by law.
We employ a number of technical, organizational and physical safeguards designed to protect the personal data we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal data.
Our Websites or Platform may contain links to other websites, including links to our partners and to media web sites. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. Please be aware that our Privacy Policy does not apply to websites, mobile applications or online services controlled by third parties. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.
The Platform and Websites are not directed to anyone under the age of 18. A parent or guardian who becomes aware that his or her child under the age of 18 has provided us with personal data may contact us using one of the methods in the Feedback and Contact Information section below and wewe will attempt to delete the child’s data as soon as possible.
We may revise this Policy from time to time. The most current version of the Policy will always be at obsidiansecurity.com/privacy-policy.
If we make a change to our website privacy policy that, in our sole discretion, is material, we will notify you by updating the date of this Policy and posting it on the Service or other appropriate means. Any modifications to this Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Websites or Platform after the effective date of any modified Policy indicates your acceptance of the modified Policy.
This Policy contains a list of the categories of personal data we collect, and have collected for the past twelve months.
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”) that include the right to:
Please note that we do not sell the personal data that we collect.
To exercise your rights, please contact us as provided in the Feedback and Contact Information section. You will not be discriminated against for exercising your privacy rights under the CCPA and CPRA. In order to protect your personal data from unauthorized access or deletion, we may require you to provide additional information for verification. If we can’t verify your identity, we will not provide or delete your data.
If you are located in the European Economic Area, Switzerland, or United Kingdom, you have additional data privacy rights outlined in this section.
The legal bases of our processing of your personal data as described in this Privacy Policy will depend on the type of personal data and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. If you have questions about the legal basis of how we process your personal data, contact us at privacy@obsidiansecurity.com.
Processing purpose: Details regarding each processing purpose listed below are provided in the section above titled “How we use your personal data”.Legal basisFor Websites and Platform delivery: We need to process your personal data to operate the Websites and Platform, including managing your account or transactions, responding to your requests or inquiries, providing you with access to content or information you requested, etc.Processing is necessary to perform the contract governing our provision of our Websites or Platform or to take steps that you request prior to signing up for the Platform.For research and development: We may use your personal data for research and development purposes, including to analyze and improve the Websites, Platform, and our business.These activities constitute our legitimate interests. We do not use your personal data for these activities where our interests are overridden by the impact on you.For additional purposes, such as:
We rely on our legitimate interests to process your personal data when performing these processing activities. We do not use your personal data for these purposes where our interests are overridden by the impact on you.For marketing and advertising purposes: We and our third-party advertising partners may collect and use your personal data for marketing and advertising purposes.Processing is based on your consent where that consent is required by applicable law. Where such consent is not required by applicable law, we process your personal data for these purposes based on our legitimate interests in promoting our business.Compliance with legal obligations and protection purposes: We are subject to certain legal obligations that may oblige us to disclose your personal data to courts, law enforcement or regulatory authorities.Processing is necessary to comply with our legal obligations.To comply with applicable lawProcessing is necessary to comply with our legal obligations.
Actions we take with your consent:
In these scenarios, the processing of the personal data you voluntarily provide to us is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the services.
Use for new purposes:
We may use your personal data for reasons not described in this Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal data for an unrelated purpose, we will notify you and explain the applicable legal basis.
Special categories of data / sensitive personal data:
We ask that you not provide us with any sensitive personal data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Websites and/or Platform, or otherwise to us.
Your rights:
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you may have the following rights under data protection laws:
You may submit these requests by email to privacy@obsidiansecurity.com or our postal address provided in the Feedback and Contact Information Section below. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
Pursuant to Article 27 of the UK GDPR, Obsidian Security, Inc, has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
Cross-border data transfer:
We may share your personal data with third parties who may be based outside of the EEA and/or UK. In such circumstances, those parties’ processing of your personal data will involve a transfer of your personal data outside of the EEA and/or UK where privacy laws may not be as protective as those in your state, province, or country.
You can obtain further information or a copy of or access safeguards under which your personal data is transferred outside of the EEA and/or UK by contacting us at privacy@obsidiansecurity.com.
Obsidian is on a continual quest for improvement. We invite feedback from customers, interested third parties, and visitors to the Websites.
If you would like to provide feedback, have questions about this Policy, or if you would like to exercise your statutory rights, you may contact us using any of the options below:
Email — privacy@obsidiansecurity.com
Physical mail –
Obsidian Security
c/o Privacy Team
680 Newport Center Drive #200
Newport Beach, CA 92660
Anonymous feedback — Submit here.
You can stop receiving promotional email communications from us by clicking on the “unsubscribe” link provided in such communications or emailing privacy@obsidiansecurity.com. We make every effort to promptly process all unsubscribe requests. You may not opt out of Platform-related communications (e.g., account verification, information about your orders, changes/updates to our products or features of the Platform, technical and security notices), unless you cease using the Platform.
If you are a user of the Platform, you may modify or delete your information by logging into your account. If you otherwise have any questions about reviewing, modifying or deleting your information, you can contact us directly at privacy@obsidiansecurity.com.
We employ a number of technical, organizational and physical safeguards designed to protect the personal data we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal data.
Our Websites or Platform may contain links to other websites, including links to our partners and to media web sites. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications or online services operated by third parties, and we are not responsible for their actions. Please be aware that our Privacy Policy does not apply to websites, mobile applications or online services controlled by third parties. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use.
The Platform and Websites are not directed to anyone under the age of 18. A parent or guardian who becomes aware that his or her child under the age of 18 has provided us with personal data may contact us using one of the methods in the Feedback and Contact Information section below and wewe will attempt to delete the child’s data as soon as possible.
We may revise this Policy from time to time. The most current version of the Policy will always be at obsidiansecurity.com/privacy-policy.
If we make a change to our website privacy policy that, in our sole discretion, is material, we will notify you by updating the date of this Policy and posting it on the Service or other appropriate means. Any modifications to this Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Websites or Platform after the effective date of any modified Policy indicates your acceptance of the modified Policy.
This Policy contains a list of the categories of personal data we collect, and have collected for the past twelve months.
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (“CCPA”) and California Privacy Rights Act (“CPRA”) that include the right to:
Please note that we do not sell the personal data that we collect.
To exercise your rights, please contact us as provided in the Feedback and Contact Information section. You will not be discriminated against for exercising your privacy rights under the CCPA and CPRA. In order to protect your personal data from unauthorized access or deletion, we may require you to provide additional information for verification. If we can’t verify your identity, we will not provide or delete your data.
If you are located in the European Economic Area, Switzerland, or United Kingdom, you have additional data privacy rights outlined in this section.
The legal bases of our processing of your personal data as described in this Privacy Policy will depend on the type of personal data and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. If you have questions about the legal basis of how we process your personal data, contact us at privacy@obsidiansecurity.com.
Processing purposeDetails regarding each processing purpose listed below are provided in the section above titled “How we use your personal data”.Legal basisFor Websites and Platform delivery: We need to process your personal data to operate the Websites and Platform, including managing your account or transactions, responding to your requests or inquiries, providing you with access to content or information you requested, etc.Processing is necessary to perform the contract governing our provision of our Websites or Platform or to take steps that you request prior to signing up for the Platform.For research and development: We may use your personal data for research and development purposes, including to analyze and improve the Websites, Platform, and our business.These activities constitute our legitimate interests. We do not use your personal data for these activities where our interests are overridden by the impact on you.For additional purposes, such as:
We rely on our legitimate interests to process your personal data when performing these processing activities. We do not use your personal data for these purposes where our interests are overridden by the impact on you.For marketing and advertising purposes: We and our third-party advertising partners may collect and use your personal data for marketing and advertising purposes.Processing is based on your consent where that consent is required by applicable law. Where such consent is not required by applicable law, we process your personal data for these purposes based on our legitimate interests in promoting our business.Compliance with legal obligations and protection purposes: We are subject to certain legal obligations that may oblige us to disclose your personal data to courts, law enforcement or regulatory authorities.Processing is necessary to comply with our legal obligations.To comply with applicable lawProcessing is necessary to comply with our legal obligations.Actions we take with your consent:
In these scenarios, the processing of the personal data you voluntarily provide to us is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or in the services.
Use for new purposes.
We may use your personal data for reasons not described in this Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal data for an unrelated purpose, we will notify you and explain the applicable legal basis.
Special Categories of data / Sensitive personal data.
We ask that you not provide us with any sensitive personal data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Websites and/or Platform, or otherwise to us.
Your rights.
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you may have the following rights under data protection laws:
You may submit these requests by email to privacy@obsidiansecurity.com or our postal address provided in the Feedback and Contact Information Section below. We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
Pursuant to Article 27 of the UK GDPR, Obsidian Security, Inc, has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
Cross-border data transfer.
We may share your personal data with third parties who may be based outside of the EEA and/or UK. In such circumstances, those parties’ processing of your personal data will involve a transfer of your personal data outside of the EEA and/or UK where privacy laws may not be as protective as those in your state, province, or country.
You can obtain further information or a copy of or access safeguards under which your personal data is transferred outside of the EEA and/or UK by contacting us at privacy@obsidiansecurity.com.
Obsidian is on a continual quest for improvement. We invite feedback from customers, interested third parties, and visitors to the Websites.
If you would like to provide feedback, have questions about this Policy, or if you would like to exercise your statutory rights, you may contact us using any of the options below:
Email — privacy@obsidiansecurity.com
Physical mail –
Obsidian Security
c/o Privacy Team
680 Newport Center Drive #200
Newport Beach, CA 92660
Anonymous feedback — Submit here.
Last updated: 17 April 2024
This Cookie Notice explains how Obsidian Technologies Inc. (“Obsidian”, “we”, “us” or “our”) use cookies and similar technologies in connection with its digital properties that link to this Cookie Notice, including our websites (collectively, the “Websites”) and the purposes for using them.
For more information about how we collect, use and share your personal data, see our Privacy Policy.
Our Websites use cookies, in combination with other tracking technologies (collectively, “cookies” unless otherwise noted) to distinguish you from other users of the Websites.
You do not need to allow cookies to visit most of the Websites. However, enabling cookies may allow for a more tailored browsing experience and is required for certain parts of the Websites to work. In the majority of cases, a cookie does not provide us with any of your personal data.
Cookies are small data files containing a unique identifier that are placed on your computer or mobile device when you visit a Service. Cookies and similar technologies (which include pixels, tags, web beacons and software development kits (“SDKs”) and local browser storage technologies) (together “cookies”) enable operators of website/apps to recognize your device and collect information from it when you interact with them. They use this information to understand how the website is being used, letting you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience. Cookies are also used to make the advertising you see online more relevant to your interests.
Our Websites may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them).
When you visit our Websites, both first-party cookies and third-party cookies may be placed on your device:
(1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Websites; and
(2) third party cookies, which are served by service providers or business partners on our Websites, and can be used by these parties to recognize your computer or mobile device when it visits other websites. Third party cookies can be used for a variety of purposes, including service analytics, advertising and social media features. We do not control how these third parties use your information, which is subject to their own privacy policies.
The cookies used on our Websites are categorized as follows:
You can find more information regarding the cookies we use on our Websites below:Name and link to cookie policyCompany’s LocationTypes of CookiesPurpose of CookiesWhich Obsidian Security media use these cookies?Google AnalyticsMountain View, CAWeb cookiesGives Obsidian aggregate understanding of number of page views per page,referring sites, time spent on site, whether content is read to completion andhelps us improve ourcontentobsidiansecurity.comRollworksSan Francisco, CAWeb cookies and tracking pixelsAllows Obsidian to provide personalized advertising to you regarding our products and services on other sites and understanding of your usages of our site.obsidiansecurity.comAdobe (Marketo)San Mateo, CAWeb cookies, tracking pixels and/orweb beacons embedded in emailsGives Obsidian metricsregarding how many ofthe emails we send arebeing opened and howmany links within theemails are being clicked.Obsidian can linkbehavior to individualemail recipients. Also provides information regarding site visits that helps us improve content.obsidiansecurity.com, emails sent by ObsidianGlassdoorMill Valley, CAWeb cookies, webbeacons, flash cookiesHelps Obsidian improveour employee recruitingand retention byunderstanding how much interaction from whomour Glassdoor account isreceivingObsidian’s Glassdoor page and related posts,including job postsLinkedIn
(Owned by Microsoft)Sunnyvale, CAWeb cookiesHelps Obsidian recruitand improve our webcontent by understanding who is interacting withour social media and jobpostsObsidian’s LinkedIn
profile, posts onObsidian’s LinkedInprofile, and any posts that mention Obsidian Security on LinkedInClearbitSan Francisco, CAWeb cookies and pixelsHelps automate and populate forms for your requests with information about you.obsidiansecurity.com
Strictly necessary cookies do not require your consent.
For performance/analytical, functional and targeting cookies, we request your consent before placing them on your device. You can give your consent by clicking on the appropriate button on the banner displayed to you. If you wish to avoid cookies placed on Obsidian Security’s behalf, simply check “I decline”.
Additionally, most browsers let you remove or reject cookies, or set rules to manage cookies on a site by site basis. To do this, follow the instructions in your browser settings. For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them.
To learn more about cookies, clear gifs/web beacons and related technologies and how you may opt-out of some of this tracking, you may wish to visit one or more of the following sites:
http://www.allaboutcookies.org
http://www.networkadvertising.org
http://www.aboutads.info/choices
For more information about how we collect, use and share your information, see our Privacy Policy.
Information about the cookies we use may be updated from time to time, so please check back on a regular basis for any changes. In all cases, your use of the Service after the effective date of any modified Cookie Notice indicates your acceptance of the modified Cookie Notice.
If you have any questions about this Cookie Notice, please contact us by email at privacy@obsidiansecurity.com.
Last updated: 17 April 2024
The purpose of this Applicant Privacy Policy (“Policy”) is to provide you with information about how Obsidian Security, Inc. (the “Company,” “Obsidian,” “we,” “us” and/or “our”) processes your personal data collected during the recruitment process. This Policy describes the categories of personal information collected by the Company and the purposes for which such information may be collected and used. This Policy applies to any individuals who submit an application for an advertised position, provide their personal data for general employment inquiries, or otherwise seek to work for Obsidian, regardless of the manner in which you provide your personal data. This Policy applies in addition to our general Privacy Policy. Please refer to the Privacy Policy for our practices related to personal data submitted for other purposes.
This Policy may be updated from time to time. We will post any changes to this page. For additional information about the Company’s data privacy practices, please review our Privacy Policy.
During the recruitment process, we may need to collect certain data about you, either from you directly, or from third parties with your approval. This data may include the following:
Identifiers and Contact information. This category includes names, addresses, telephone numbers, mobile numbers, email addresses, signatures, account names, dates of birth, bank account information, and other similar contact information and identifiers.
Protected Classification Information. This category includes characteristics of protected classifications under California or federal law.
Internet or Other Electronic Network Activity Information. This category includes, without limitation:
Geolocation Data. This category includes, without limitation, GPS location data from company-owned or issued mobile devices, applications, or vehicles.
Audio, Electronic, Visual, Thermal, Olfactory, or Similar Information. This category includes, for example, information collected from cameras, thermometers, and similar devices.
Biometric Information. This category includes the use of biometric equipment, devices, or software to record your time worked, to enter or exit facilities or rooms, to access or use equipment, or for other business purposes.
Professional and Employment-Related Information. This category includes, without limitation:
Education Information. This category includes, without limitation, education history.
Sensitive Personal Information. This category includes sensitive information such as:
Data we collect about you as part of our recruitment process may be used for the following purposes:
If you accept a position with Obsidian, your data will become part of your employment records. At that point, your data will be subject to our applicable employee privacy policies. If you are not hired, or elect to withdraw or decline our employment offer, we will retain your applicant data for three years unless a longer period is required by applicable law or to establish, exercise, or defend legal challenges related to our recruitment processes. We hold your data for three years so that we may consider you for other positions that arise within our organization and to comply with our regulatory requirements.
We retain your personal information for as long as is necessary to process your application for employment, process your payroll, administer your benefits, etc. and in accordance with the Company’s data retention schedule. We may retain your personal information for longer if it is necessary to comply with our legal or reporting obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, enforce our legal agreements and policies, address other legitimate business needs, or as permitted or required by applicable law. We may also retain your personal information in a deidentified or aggregated form so that it can no longer be associated with you. To determine the appropriate retention period for your personal information, we consider various factors such as the amount, nature, and sensitivity of your information; the potential risk of unauthorized access, use or disclosure; the purposes for which we collect or process your personal information; and applicable legal requirements. Personal information does not include certain categories of information, such as publicly available information from government records, and deidentified or aggregated consumer information.
To carry out the purposes outlined above, the Company may disclose personal information to service providers or other third parties, such as background check vendors, third-party staffing vendors, information technology vendors, outside legal counsel, and state or federal governmental agencies. In addition to the parties listed in the Privacy Policy, we may share your personal data with your references and your previous or current employers to perform professional reference and employment checks. The Company does not sell or share, as those terms are defined under applicable law, the above categories of personal information. The Company may add to the categories of personal information it collects and the purposes for which it uses that information.
Individuals who are residents of the State of California have certain individual rights, which are outlined below.
Right To Know About Personal Information Collected or Disclosed. As a California resident, you have the right to request additional information, beyond that disclosed above, regarding the following, to the extent applicable:
Upon receipt of a verifiable request to know (see below), and as required by applicable law, we will provide a response to such request.
Right To Request Deletion of Your Personal Information. You have the right to request that we delete the personal information we collected or maintain about you. Once we receive your request, we will let you know what, if any, personal information we can delete from our records, and will direct any service providers and contractors to whom we disclosed your personal information to also delete your personal information from their records.
There may be circumstances where we cannot delete your personal information or direct service providers or contractors to delete your personal information from their records. Such instances include, without limitation, when the information at issue is maintained: (a) to enable solely internal uses that are reasonably aligned with your expectations based on your relationship with the Company and compatible with the context in which you provided the information, or (b) to comply with a legal obligation.
Upon receipt of a verifiable request to delete (see below), and as required by applicable law, we will provide a response to such requests.
Right to Request Correction. You have the right to request that the Company correct any inaccurate personal information we maintain about you, taking into account the nature of that information and purpose for processing it. Upon receipt of a verifiable request to correct (see below), and as required by the CCPA, we will provide a response to such requests.
Right to Limit Use or Disclosure of Sensitive Personal Information. You have the right, subject to certain exceptions, to request that we limit the use and disclosure of your sensitive personal information, as that term is defined in the CCPA. Upon receipt of a verifiable consumer request, and as required by the CCPA, we will take appropriate steps to respond to your request.
Right to Non-Discrimination for the Exercise of Your Privacy Rights. We will not discriminate or retaliate against you for exercising any of the rights described above.
Submitting CCPA Rights Requests. To submit a CCPA Rights request as outlined above, please contact us at privacy@obsidiansecurity.com or submit a General Inquiry form on https://www.obsidiansecurity.com/contact/. We reserve the right to only respond to verifiable consumer requests that are submitted as instructed.
We reserve the right to amend this notice at any time without advance notice. Please direct questions about this notice to privacy@obsidiansecurity.com.
If you are a resident of the European Union, UK or European Economic Area we may rely on one or more of the following lawful bases for processing your applicant data:
If you have knowledge that the Company collected personal information related to your spouse, dependent, or associate, please share a copy of this notice with all such individuals.
Start in minutes and secure your critical SaaS applications with continuous monitoring and data-driven insights.
Get a Demo