Privacy Policy
Effective date: January 1, 2025
This Privacy Policy explains how Palisade Networks LLC ("Palisade," "we") collects, uses, and shares information in connection with the Palisade website, Service, and Agent.
Two roles. This policy covers information we handle as a controller — primarily about our customers, the people who administer accounts, and visitors to our site. When we process data from your Managed Devices and Connected Devices on your behalf, we act as a processor for our customer; that processing is governed by the Data Processing Addendum, and the customer (your employer or service provider) is the controller responsible for it.
1. Information we collect
You provide:
- Account & organization — name, work email, organization name, role, password (stored only as a bcrypt hash).
- Billing — handled by our payment processor; we receive limited transaction metadata, not full card numbers.
- Support & communications — messages you send us.
Collected automatically (about your use of the Service/site):
- Usage & log data — actions in the dashboard, API requests, IP address, timestamps, browser/device type.
- Cookies / similar — session and preference cookies needed to run the dashboard, and limited analytics.
Collected by the Agent (processed on the customer's behalf — see the DPA):
- Device inventory & telemetry — hostname, OS, hardware, IP addresses, logged-in user, resource usage, drive health, installed software, and similar operational data from Managed Devices.
- Network discovery data — devices found on the customer's local network during authorized scans.
- Session and operational data generated when administering devices.
We do not intentionally collect special-category personal data through the Service and ask that you not use the Service to do so except as lawfully permitted and disclosed.
2. How we use information
- Provide, secure, maintain, and improve the Service and site;
- Authenticate users and protect against fraud, abuse, and security threats;
- Communicate about the Service, support, and (with consent where required) marketing;
- Bill and collect fees;
- Comply with law and enforce our agreements.
We do not sell personal information.
3. How we share information
- Service providers / sub-processors — cloud hosting, infrastructure, payment processing, email, and analytics vendors who process data on our behalf under contract. A current sub-processor list is in the DPA.
- Legal / safety — where required by law or to protect rights, safety, and the security of the Service.
- Business transfers — in a merger, acquisition, or asset sale, subject to this policy.
4. Security
We use technical and organizational measures to protect information, described at /security — including TLS in transit, hashed tokens, encryption of sensitive secrets at rest, role-based access, and tenant isolation. No system is perfectly secure.
5. Retention
We keep information for as long as needed to provide the Service and for legitimate business and legal purposes. Customer-controlled data is retained and deleted per the Terms of Service and DPA; audit and log data are retained per our retention schedule.
6. Your rights
Depending on where you live, you may have rights to access, correct, delete, port, or restrict processing of your personal data, and to object or withdraw consent. To exercise rights, contact support@palisadenetworks.com. For data we process on a customer's behalf, please contact that customer (the controller); we will assist them as required.
- EU/UK (GDPR): legal bases include contract, legitimate interests, consent, and legal obligation. You may complain to a supervisory authority. International transfers are protected by appropriate safeguards (e.g. Standard Contractual Clauses).
- California (CCPA/CPRA): categories collected and rights to know, delete, correct, and opt out of "sharing"; we do not sell personal information.
7. International transfers
We may process information in the United States and other countries. Where required, we use appropriate safeguards for cross-border transfers.
8. Children
The Service is for business use and not directed to children under 16. We do not knowingly collect their personal data.
9. Changes and contact
We may update this policy; we will post the new version and update the effective date. For questions or requests: support@palisadenetworks.com · Palisade Networks LLC.