HUNTRESS PRIVACY STATEMENT

A.   INTRODUCTION

Huntress Labs Inc. ("Huntress Labs") has created this Statement in order to inform and disclose its data collection and dissemination practices for the Huntress product. This Statement contains numerous details describing the steps we take to respect your privacy concerns.

Please read this document in its entirety. It provides important information that you should be familiar with before using Huntress Labs' software and services. We reserve the right to modify this Statement at any time. A current version can always be found at https://huntress.io/privacy.html.

By using Huntress, you help us identify new threats and provide better protection for all Huntress Labs customers. The information collected is used by Huntress Labs to enhance its security products and to further advance solutions against malicious software.

Data collection is integral to the Huntress solution. Do not use the Huntress product if you do not agree to provide the data required for Huntress to properly function.

Legal Issues (if applicable)

Huntress Labs may be subject to the laws of several jurisdictions because its services may be used in different jurisdictions, including the United States of America. Huntress Labs shall disclose information without your permission when required by law, or in good-faith belief that such action is necessary to investigate or protect against harmful activities to Huntress Labs guests, visitors, associates, property or to others. As mentioned above, laws related to data and information processed by Huntress may vary by country.

Huntress Labs may be required by law enforcement or judicial authorities to provide some information to appropriate governmental authorities. If requested by law enforcement or judicial authorities, we shall provide this information upon receipt of the appropriate legal documentation. Huntress Labs may also provide information to law enforcement to protect its property and the health and safety of individuals as permitted by statute.

B.    COLLECTED INFORMATION

We may collect both personally identifiable information ("PII") and non-personally identifiable information ("Non-PII"). PII is information that is either: (1) expressly provided by you, such as your name, or (2) information that can be used either alone or in combination with other information to personally identify you, such as your email address, phone number, and user name. Non-PII is all information that is not PII or is information that was PII but which we modify and/or aggregate with other data in order to make it Non-PII.

We use PII to shape our external communication and for messaging efforts. Other than the exceptions noted below, we do not share PII with third parties.

Analytics

Our servers automatically record information about how a person ("User") uses our software or services ("Log Data"). Log Data may include a User's Internet Protocol (IP) address, browser type, operating system, web page that the User was visiting before accessing our server, search terms, and the pages or features of our software or services accessed by the User and the time spent there. We may share Log Data with web analytics service providers.

Third-Party Service Providers

We may engage third-party service providers to administer and provide our services. We may provide PII to such third parties only for the purpose of performing services on our behalf. We require such third parties to agree not to disclose your PII or use your PII for any other purpose.

Business Transactions

Information that we collect from Users, including PII, is considered a business asset. Accordingly, if we go out of business or enter bankruptcy, or if we are acquired, e.g., as a result of a transaction such as a merger, acquisition, or asset sale, your PII may be disclosed or transferred to the third-party acquirer in connection with the transaction.

C.   INFORMATION RECEIVED VIA SOFTWARE

In order to identify new security threats and to quickly send notification of threats and suspicious applications, the User agrees that the Huntress software automatically provides the following information to us:

-       Information about the software installed on the computer, including the version of the operating system and installed updates, drivers, services, versions of internet browsers and extensions, printing system extensions, Windows Explorer extensions, downloaded objects, Active Setup elements, control panel applets, entries in the hosts file and system registry, mail clients, and audio/video codecs;

-       Information about applications configured to autostart when the computer boots or a user logs in, including information about files associated with the application (executable files, libraries, and scripts) consisting of the file-s attributes, size and checksums (MD5, SHA1, SHA2-256), creation/build date and time, autoplay status, names of packers, information about signatures, executable file flag, format identifier, and entropy, file name and full path, the file-s digital signature and timestamp of its generation, the user the application is configured to run as, PE-file header information, name of the account from which the application runs, name of the computer on which the application runs; names of registry keys and the values that are associated with the application;

-       Information about the state of the computer-s anti-virus protection, including the versions and release dates and times of the anti-virus databases being used;

-       Information about events in the systems logs, including the event's timestamp, the name of the log in which the event was found, type and category of the event, name of the event's source and the event's description;

For additional examination the User agrees that the Huntress software automatically provides to us files (executable files and/or associated libraries, and scripts) for applications configured to start when the computer boots or when a user logs in that Huntress Labs has not catalogued. Additionally, the following information about the file will be collected:

-       Name of a file being sent, its full path on the computer, file size and its checksums (MD5, SHA1, SHA2-256);

-       Name of the account from which the application runs;

-       Name of the computer on which the application runs;

-       Version of the operating system and installed updates;

-       Local time of the computer at the moment of the provision of information;

-       Names of registry keys and the values that are associated with the application

In order to promptly respond to errors associated with installation, uninstallation, and updating of the product, and to record the number of users, the User agrees that the Huntress software automatically   provides to us:

-       Information about the date of installation and activation of the software on the computer;

-       Type of software installation on the computer (initial installation, updating, etc.) and an installation success flag or the installation error number;

-       Identifier of the update job.

In order to increase the level of support and monitoring of the defined level of software protection, the User agrees that the Huntress software automatically provides to us the following information about the results of testing software operability after applying of updates:

-       Information about the set of all installed updates, and the set of most recently installed/removed updates;

-       The type of event that caused the update information to be sent;

-       Duration since the installation of last update;

-       CPU and memory usage data;

To improve performance of Huntress Labs- products, the User agrees that the Huntress software automatically provides to us:

-       Information about errors that occurred during operation of the software, the error type, code and time of occurrence, the ID of the task or update category during which the error occurred;

-       Information about general run-time errors and abnormal termination of the software, including the creation date and time of the error, its type, the name of the process linked to the error, and any trace, log, or dump file related to the error;

-       Information about software operation, including data on the processor (CPU) and memory usage, the length of time the software was in operation before the error occurred;

-       Event identifiers (unexpected power-off, third-party application crash, errors of interception processing), date and time of the unexpected power-off;

-       Information about third-party applications that caused the error, including the application name, version and localization, the error code and information about the error from the system log of applications, checksums (MD5, SHA1, SHA2-256) of the application-s executable file, full path to application's executable file;

-       Information on the status of computer protection, including the protection status code;

-       Version of the Updater component, number of crashes of the Updater component while running update tasks over the lifetime of the component;

-       ID of the update task, number of failed Updater attempts to complete update tasks;

-       Information about computer, including operating system and service packs installed, version and checksums (MD5, SHA1, SHA2-256) of the operating system kernel file;

-       Information about the software installed on the computer, including the name of the software and the name of its publisher, information about registry keys and their values, information about software components files, including checksums (MD5, SHA1, SHA2-256), name of a file, its path on the computer, size, version and digital signature;

-       Information about hardware installed on the computer, including type, name, model name, firmware version, parameters of built-in and connected devices;

-       Information about the last unsuccessful operating system restart, including the number of unsuccessful restarts.

The User agrees that the Huntress software automatically provides to us the following information for all purposes mentioned above:

-       The unique software installation identifier;

-       The full version of the installed software;

-       Information about software installed on the computer, including the operating system version and service packs installed;

-       Information about the computer-s hardware, including but not limited to CPU architecture, RAM, hard drive size;

-       Information used to uniquely identify the computer including the computer name, IP address, MAC address, and User provided description.

Securing the Transmission and Storage of Data

Huntress Labs is committed to protecting the security of the information it collects and processes. The information is stored on computer servers with limited and controlled access. Huntress Labs operates secure data networks protected by industry-standard firewall and password protection systems. Huntress Labs uses a wide range of security technologies and procedures to protect information from threats such as unauthorized access, use, or disclosure. Our security policies are periodically reviewed and enhanced as necessary, and only authorized individuals have access to the data that we process. Huntress Labs takes steps to ensure that your information is treated securely and in accordance with this Statement. Unfortunately, no data transmission can be guaranteed secure. As a result, while we strive to protect your data, we cannot guarantee the security of any data you transmit to us or from our products or services, including without limitation Huntress Security Cloud, and you use all these services at your own risk.

We treat the data we process as confidential information; it is, accordingly, subject to our security procedures and corporate policies regarding protection and use of confidential information. All Huntress Labs employees are aware of our security policies. Your data is only accessible to those employees who need it in order to perform their jobs. Huntress Labs does not combine the data stored by the Huntress product with any data, contact lists, or subscription information that is processed by Huntress Labs for promotional or other purposes.

D.    USE OF THE DATA

Huntress Labs collects and processes the data described above along with other information collected by the system in order to analyze and identify potential security risks, and to improve the ability of Huntress Labs- products to detect malicious software and other types of computer security threats to provide the best possible level of protection to Huntress Labs customers in the future.

Disclosure of Information to Partners

Huntress Labs may share collected executable files and libraries with anti-malware and security industry partners. The files can be analyzed by automatic tools and security analysts to detect malicious code and to improve antivirus engines and other security solutions. Huntress Labs only provides the file--no other information about the file is provided.

In order to promote awareness, detection and prevention of Internet security risks, Huntress Labs may share certain information with research organizations and other security software vendors. Huntress Labs may also make use of statistics derived from the information processed to track and publish reports on security risk trends.

E.     DATA PRIVACY – RELATED INQUIRIES AND COMPLAINTS

Huntress Labs believes in your right to privacy. If you have any questions or concerns, please contact Huntress Labs by email: support@huntresslabs.com.

We reserve the right to send infrequent alert messages to users to inform them of specific changes that may impact their ability to use our services that they have previously signed up for. We also reserve the right to contact you if compelled to do so as part of a legal proceeding or if there has been a violation of any applicable licensing, warranty or purchase agreements.

Huntress Labs is retaining these rights because in limited cases we feel that we may need the right to contact you as a matter of law or regarding matters that may be important to you. These rights do not allow us to contact you to market new or existing services if you have asked us not to do so, and issuance of these types of communications is rare.

This privacy policy last updated and posted on 2 October 2016