At Product Security Group, Inc [PSG] we care about your privacy and we are committed to protecting your
This Privacy Notice governs personal information that PSG collects from customers, event attendees, and
online visitors (“you” or “your”) in connection with your use of PSG’s websites, services, corporate
meetings and other events where we post or link to this Privacy Notice, as well as information we
automatically collect from your online visits (e.g. data collected via cookies).
For the purposes of this Privacy Notice, “personal information” means any information that, by itself,
can identify you or can be combined with other information to identify you and for the purposes of the
EU General Data Protection Regulation includes “personal data”.
What Personal Information Does PSG Collect About You?
We collect personal information when you:
- Purchase services
- Register for webcasts, seminars, conferences, or other events sponsored by us or one of our business
- Request quotes, services, product support, trials, whitepapers and related downloads, or additional
- Subscribe to newsletters, promotional emails or other PSG materials
- Participate in surveys, sweepstakes or contests
- Apply for a job or submit your resume/CV or
- Contact us
Personal information we may collect includes:
- Job Applicant: Full name, email address, personal phone number, personal address, title, prior
- Employee: Full name, email address, personal phone number, personal address, title, prior
employer(s), education, bank account number, tax ID, criminal history, photo
- Customer / Prospective Customer / Partner employee: Full name, business email address, company,
title, business phone number, business address, photo
- Visitor: Full name, email address, company, photo
When we ask you to provide your personal information, we will advise you at the time of collection
whether providing your personal information is necessary for your access to, or use of, PSG’s products,
programs, applications and/or services. When we ask for personal information through one of our
registration pages on our website, you will have the option of not providing the information, in which
case you may still be able to access other portions of the website, although you may not be able to
access certain programs or services.
Personal Information from Other Sources
We may also obtain information about you from other sources and combine that with information we
collect through our Services. For example, we may aggregate your personal information with information
that you make publicly available on social media or third-party websites to better market our Services
How Does PSG Use Your Personal Information?
We use your personal information to:
- Provide and deliver the requested Services
- Send you transaction information, including confirmations, transaction status, services information,
updates, security alerts, and support and administrative messages
- Administer your account, including verifying your information
- Respond to your comments and questions and provide customer support or other services
- Offer Live Chat assistance to facilitate the delivery of the requested Services
- Operate and improve our websites, products, and services
- Ask you to take part in surveys used to measure our performance and improve our services and
- Communicate with you about new promotions and upcoming events if you have agreed to receive
marketing communications from us
- Invite you to corporate events, online forums, communities and social networks
- Link or combine with other information we get from third parties, to help understand your needs, and
customize our offerings and market our Services based on your needs
- Perform other functions or serve other purposes, as disclosed to you at the point of collection, or
as otherwise required or allowed under applicable laws including tax and financial laws and
regulations such as anti-money laundering and fraud prevention; employment laws; court orders, etc.
Retention of Personal Information
PSG retains your personal information data as long as is necessary to fulfill the purposes for which it
was collected and in accordance with PSG’s record retention policy and applicable law.
How Does PSG Share Your Information
We share your personal information with third parties for the purposes described below:
- Third-Party Vendors/Service Providers. We rely on third-party vendors, consultants and other service
providers to perform functions on our behalf and under our instruction in order to make our websites
and the Services available to you
- Legal Obligations and Rights. We disclose your personal information: (i) in connection with the
establishment, exercise or defense of legal claims; (ii) to comply with laws or to respond to lawful
requests or legal process; (iii) for fraud or security monitoring purposes (e.g., to detect and
prevent cyberattacks); (iv) or as otherwise permitted by applicable law
- Business Reorganization. We may share your personal information in connection with a sale or
business transaction (e.g., merger or acquisition)
PSG also uses or shares anonymized aggregate data (data from which personal information has been
Except as described above, PSG will not disclose your personal information to third parties for their
own marketing purposes without your consent.
How Does PSG Protect Your Personal Information?
PSG takes all reasonable steps to protect your information from loss, misuse, unauthorized access or
disclosure, alteration, or destruction, including through the use of encryption when collecting or
transferring personal information including credit card information.
How Does PSG Provice Choice in Receiving Email and Marketing?
In most instances, PSG gives you options with regard to the personal information you provide, including
choices with respect to marketing materials. You may manage your receipt of marketing and
non-transactional communications by: (i) clicking on the “unsubscribe” link located at the bottom of
every PSG marketing email; or (ii) checking certain boxes on our preference center which can also be
found on forms we use to collect personal information.
Portions of our websites make chat rooms, forums, blogs, message boards, and/or news groups available
to you. Please remember that any information that is disclosed in these areas could be made public, so
exercise caution when deciding to disclose any personal information.
In addition, PSG’s website(s) may include social media features, including the Facebook “Like” button.
These features may collect your IP address and identify the web page you are visiting on PSG’s website,
and may set a cookie to enable the feature to function properly. You may be given the option by that
social media site to post information about your activities on PSG’s website(s) to your profile page on
company that is providing them.
Third Party Websites
PSG’s websites may contain links to other third-party websites. This Privacy Notice does not apply to,
and PSG is not responsible for, the privacy practices or the content of such third-party websites,
including business partner websites, and their use of personal information will be governed by their own
If the California Consumer Privacy Act (CCPA) applies to your information, we provide these disclosures
described in this policy so you can exercise your rights to receive information about our data
practices, as well as to request access to and deletion of your information. You can also read more
about PSG’s data retention periods, and the process we follow to delete your information in this
PSG does not sell your personal information. We only share your information as described in this
policy. PSG processes your information for the purposes described in this policy, which include
“business purposes” under the CCPA. These purposes include:
- Protecting against security threats, abuse, and illegal activity. PSG uses and may disclose
information to detect, prevent and respond to security incidents, and for protecting against other
malicious, deceptive, fraudulent, or illegal activity. For example, to protect our services, PSG may
receive or disclose information about IP addresses that malicious actors have compromised.
- Auditing and measurement. PSG uses information for analytics and measurement to understand how you
use our website.
- Maintaining our services. PSG uses information to ensure our services are working as intended, such
as tracking outages or troubleshooting bugs and other issues that you report to us.
- Research and development. PSG uses information to improve our services and to develop new products,
features and technologies that benefit our users and the public.
- Use of service providers. PSG shares information with service providers to perform services on our
PSG also uses information to satisfy applicable laws or regulations, and discloses information in
response to legal process or enforceable government requests, including to law enforcement.
If you have additional questions or requests related to your rights under the CCPA, PSG at the address
How Will You Be Notified About Changes to this Privacy Notice?
PSG may modify or update this Privacy Notice at any time without prior notice. If we make any changes
to this Privacy Notice, we will change the “Last Updated” date at the beginning of this Privacy Notice.
If we make material changes to this Privacy Notice that may impact individual rights, PSG will make
prominent note of such change on its website at least one month prior to the change taking place.
How Do I Contact PSG?
If you have any questions, concerns, or comments about this Privacy Notice or our privacy practices,
please contact PSG via email at [email protected] with the words
“PRIVACY NOTICE” in the
You may also reach out by regular mail to:
Product Security Group, Inc.
P.O. Box 815
Fiskdale, MA 01518
Attention: Data Protection Officer
EU/EEA/SWISS – Data Protection Officer
PSG has appointed a Data Protection Officer as the person with responsibility for PSG’s EU/EEA and
Swiss data protection compliance. This individual is – Marc French, CISO, PSG. PSG’s Data Protection
Officer can be contacted at by email at [email protected]. Questions about
Notice, or requests for further information, should be directed to PSG’s Data Protection Officer.
EU/EEA/SWISS – Legal Basis
In order to collect, use and otherwise process your Personal Data, PSG relies on the following legal
- To fulfill any contractual obligations, such as where you have purchased a service from PSG. For
example, we may require your contact details in order to deliver your order if you have purchased a
service from us.
- PSG’s legitimate interest in providing its websites and making the Services available to you,
provided our interest is not outweighed by the risk of harm to your rights and freedoms.
- Your consent, where PSG has obtained your consent to process your personal information for certain
activities. You may withdraw your consent at any time by contacting [email protected]
However, please note that your withdrawal of consent will not affect the lawfulness of any use of your
personal information by PSG based on your consent prior to withdrawal.
- For compliance with PSG’s legal obligations where applicable laws require PSG to process your
- If you have any questions or would like more information regarding the legal basis on which PSG
collects your personal information, please contact us at [email protected]
EU/EEA/SWISS – Transfers to Independent Third Parties
PSG will disclose Personal Data to Third Parties other than those identified above only if:
- required by law or legal process (e.g., lawful requests by public authorities, including disclosures
to law enforcement authorities in connection with their duties or to meet national security
- to investigate, prevent or take actions against illegal activities, suspected fraud, situations
as otherwise required by law.
- to protect and defend the legal rights, property/or and legitimate interests of PSG and/or members
of its workforce, customers, business partners, Sub-contractors and/or Third Parties
- where necessary for PSG to perform a contractual obligation owed to a customer, member of its
workforce or for other lawful purposes.
EU/EEA/SWISS – Excercising Your Personal Data Access Rights
To make a personal data access request, individuals in the EU/EEA or Switzerland should send their
request to PSG’s Data Protection Officer by email at [email protected] with the words
“Data Subject Access Request” in the subject line.
You may also reach out by regular mail to:
Product Security Group, Inc.
P.O. Box 815
Fiskdale, MA 01518
Attention: Data Protection Officer
PSG may need to ask for proof of identification before a request can be processed. PSG will inform the
requestor if it needs to verify his/her identity and the documents it requires.
PSG will normally respond to a request within a period of 30 days from the date a request is received.
In some cases, such as where PSG processes large amounts of the individual’s data, it may respond within
90 days of the date the request is received. PSG will write to the requestor within 30 days of receiving
the original request to tell him/her if more time is needed to complete the response to their request.
If an EU/EEA or Swiss individual submits a request which is manifestly unfounded or excessive, PSG is
not required to comply with the request. Alternatively, PSG can agree to respond but will charge a fee,
which will be based on the administrative cost of responding to the request.