We're proud to be named a 2024 Publisher's Choice winner!

We're an RSA Conference 2024 Innovation Sandbox Finalist!

Mitiga takes the privacy of our clients’ and potential clients' data seriously and believes it is an important component of building and maintaining their trust. This privacy policy ("Privacy Policy") explains how Mitiga Security, Inc. and its affiliates (collectively, "Mitiga") collect, receive, use, store and share your personal data in connection with the Mitiga website at https://www.mitiga.io/ ("Site"). This Privacy Policy is an integral part of the terms of use of the Site, which are available at Terms of Use ("TOU").


1.1. You ("User") are not under any legal obligation to submit personal data to Mitiga. Even if User chooses not to submit personal data to Mitiga, User may use the Site.
1.2. Mitiga may change this Privacy Policy from time to time, therefore User should check back periodically. Mitiga will post any changed Privacy Policy on the Site. If Mitiga makes any changes to this Privacy Policy that materially affect Mitiga's practices with regard to the personal data Mitiga previously collected from User, Mitiga will endeavor to provide User with notice in advance of such change via email notification or notification via the Site. Mitiga will seek User's prior consent to any material changes, if and where this is required by applicable data protection laws.


2.1. Information provided by User voluntarily when using the Site, e.g. when User calls the emergency numbers on the Site and provides information on the call (which will be recorded by Mitiga), or when User submits the User's contact information User on the "Contact Us" page on the Site when pressing the "submit" button (or any other similar button on such page), including but not limited to User's name, surname, email address, and phone number.
2.2. Mitiga may automatically collect data when User visits, interacts with, or uses the Site, including but not limited to:
 2.2.1. Identifiers and information contained in cookies;
 2.2.2. User's settings preferences, backup information;
 2.2.3. Content User viewed or searched for, page response times, and page interaction information (such as scrolling, clicks, and mouse-overs);
 2.2.4. Network and connection information, such as the Internet protocol (IP) address and information about User's Internet service provider;
 2.2.5. Device information, such as browser type and version, operating system, or time zone setting; location of the device, encounters with other devices using the Site.


3.1. Mitiga may process User's personal data to operate, provide, and improve the Site, including but not limited to:
 3.1.1. contacting User and communicating with User with respect to the Site and/or Mitiga's services;
 3.1.2. identifying User's interests and recommending offers that might be of interest to User;
 3.1.3. marketing and promoting Mitiga's services;
 3.1.4. providing assistance, notification and support;
 3.1.5. fulfilling User requests; meeting contractual or legal obligations;
 3.1.6. protecting Users security, e.g. preventing and detecting fraud;
 3.1.7. internal purposes, e.g. trouble shooting, data analysis, testing and statistical purposes.
3.2. Except as provided herein, Mitiga does not use any personal data obtained hereunder, without obtaining User's prior consent.


4.1. Mitiga may use tracking mechanisms such as cookies on the Site. A cookie is a small text file that is stored on a User’s computer for record-keeping purposes which contains information about that User. Most browsers automatically accept cookies, but User may be able to modify its browser settings to decline cookies. Please note that if User declines or deletes these cookies, some parts of the Site may not work properly.
4.2. This Privacy Policy does not apply to any products, services, websites, links or any other content that may be offered by third parties on the Site. By clicking on a link to a third-party website or service on the Site, a third party may also transmit cookies to User. This Privacy Policy does not cover the use of cookies by any third parties, and Mitiga is not responsible for such third parties' privacy policies and practices. Mitiga does not have any control over any third parties' privacy practices, or the technology used by any third parties in order to collect any personal data. Each User is advised to thoroughly review such third parties' privacy policies before making any use of such third party's products and services.
4.3. Without derogating from the generality of the foregoing, please note the following:
 4.3.1. Mitiga uses Google Analytics. Please click on www.google.com/policies/privacy/partners/ in order to find out how Google Analytics collects and processes data.
 4.3.2. When clicking on certain social media links provided on the Site (e.g. Twitter, LinkedIn) User will be transferred to Mitiga's sites on such social media ("Social Media Sites"). It shall hereby be clarified that such Social Media Sites are governed by the terms of use and privacy policy of the respective social media and not by Mitiga.


5.1. Mitiga may be required to retain or disclose personal data in order to:
 5.1.1. comply with applicable laws or regulations;
 5.1.2. comply with a court order, subpoena or other legal process;
 5.1.3. respond to a lawful request by a government authority, law enforcement agency or similar government body (whether situated in User's jurisdiction or elsewhere);
 5.1.4. engage with third-party service providers and/or sub-contractors which provide services for Mitiga's business operations, a list of which can be received upon request;
 5.1.5. disclose and/or transfer data to another entity if Mitiga is acquired by or merged with another entity, if Mitiga sells or transfer a business unit or assets to another  entity, as part of a bankruptcy proceeding, or as part of any other similar business transfer;
 5.1.6. Mitiga believes release is appropriate to comply with the law, enforce or apply Mitiga's terms and other agreements, or protect the rights, property, or security of Mitiga, Users, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.
5.2. When Mitiga shares User's data with third parties as specified above, Mitiga makes reasonable efforts to require such recipients to agree to only use the personal data Mitiga shares with them in accordance with this Privacy Policy and Mitiga's contractual specifications and for no other purpose than those determined by Mitiga in line with this Privacy Policy.


6.1. Mitiga may send User advertisements, as such term is defined in the Israeli Media Law (Bezeq and Broadcasting), 1982.
6.2. User can opt out of receiving these email communications from Mitiga at any time by using the unsubscribe link within each email, and/or emailing Mitiga to have User's contact information removed from Mitiga's email list or registered database.


Mitiga has taken appropriate technical and organizational measures to protect the information Mitiga collects about User from loss, misuse, unauthorized access, disclosure, alteration, destruction, and any other form of unauthorized processing. User should be aware, however, that no data security measures can guarantee 100% security.


8.1. Definition
“Personal Data” means data that may be used, either alone or together with other information, to identify an individual user, including, without limitation, a user’s name, address, telephone number, username, email address, city and country, geolocation, unique identifiers, picture, or other similar information and includes personal data as defined in the General Data Protection Regulation 2016 /679 of the European Parliament and of the Council of 27 April 2016 ("GDPR").
8.2. Legal Basis for Processing of Personal Data
Mitiga will only process User's Personal Data if it has one or more of the following legal bases for doing so:
 8.2.1. Contractual Necessity: processing of Personal Data is necessary to enter into a contract with User, to perform Mitiga's contractual obligations to User under the TOU, to respond to requests from User, or to provide User with customer support;
 8.2.2. Legitimate Interest: Mitiga has a legitimate interest to process User's Personal Data;
 8.2.3. Legal Obligation: processing of User's Personal Data is necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders;    or
 8.2.4. Consent: processing of User's Personal Data with User's consent.
8.3. User's Rights regarding Personal Data
 8.3.1. Subject to applicable law, User has certain rights with respect to User's Personal Data, including the following: User may ask whether Mitiga holds Personal Data about User and request copies of such Personal Data and information about how it is processed; User may request that inaccurate Personal Data is corrected; User may request the deletion of certain Personal Data; User may request Mitiga to cease or restrict the processing of Personal Data where the processing is inappropriate; When User consents to processing User's Personal Data for a specified purpose by Mitiga, User may withdraw User's consent at any time, and Mitiga will stop any further processing of User's data for that purpose.
 8.3.2. In certain circumstances, Mitiga may not be able to fully comply with User's request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, however, in those circumstances, Mitiga will still respond to notify User of such a decision.
 8.3.3. User can exercise User's rights of access, rectification, erasure, restriction, objection, and data portability by contacting Mitiga at info @mitiga.io. In some cases, Mitiga may need User to provide Mitiga with additional information, which may include Personal Data, if necessary to verify User's identity and the nature of User's request.
8.4. Transfer of User's Personal Data outside of the EEA
 8.4.1. The data that Mitiga processes in relation to Users may be transferred to, and stored at a destination outside the European Economic Area (“EEA“), e.g. Israel and the USA, that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who works for us or for one of our service providers: In order to store it. Where we are legally required to do so. In order to facilitate the operation of our businesses, where it is in our legitimate interests and we have concluded these are not overridden by User's rights.
 8.4.2. Where Personal Data is transferred by Mitiga or Mitiga's affiliates in relation to providing the services Mitiga will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, which may include by entering into European Commission approved standard contractual clauses relevant to transfers of Personal Data and that it is treated securely and in accordance with this Privacy Policy.


Each User is advised to be aware that personal data Mitiga collects may be transferred to, processed and stored outside User's jurisdiction, and that data protection laws in the jurisdiction where the information is collected stored and/or processed may differ from User's jurisdiction. Each User hereby gives User's consent to this transfer, processing and storage of User's information outside its jurisdiction.


To the extent the California Consumer Privacy Act of 2018, Cal. Civ. Code 1798.100 et seq. ("CCPA"), including any subordinate or implementing legislation, is applicable the following shall apply:
 10.1. Mitiga will only process personal information on User's behalf.
 10.2. Mitiga will (i) not collect, retain, use, or disclose personal information for any purpose other than for the specific purposes set out in the Mitiga Privacy Policy, TOU, and the Data Processing Agreement between Company and User; (ii) not sell Personal Data (as defined under the CCPA); and (iii) put in place appropriate technical and organizational measures to protect personal information against unauthorized or unlawful processing or accidental destruction, loss or damage.


Mitiga does not knowingly collect or solicit any information from anyone under the age of 18. The Site is not directed at children under the age of 18. In the event that Mitiga learns that it has collected personal data from a child under the age of 18 without consent from a parent or a guardian, Mitiga will delete that personal data as quickly as possible. If User believes that Mitiga might have any information from or about a child under 18, User should contact Mitiga at info@mitiga.io.


If User has any questions about this Privacy Policy or Mitiga's privacy and/or data protection practices in general, please contact us using the following information:

Email: info@mitiga.io

Last updated March 15, 2021.

Want to see the future of IR for cloud and SaaS?

Request a Demo of IR2