Training & Certification
Request a Proposal
User Behavior Analytics
By Compliance Requirement
Find a Partner
Events & Webcasts
Training & Certification
IT & Security Fundamentals
News & Press Releases
Last Updated: June 30, 2017
Our quest to accelerate insight for security and technology practitioners requires collecting and processing an enormous amount of data. Ensuring your data is used only in a manner consistent with your expectations is a responsibility we take very seriously, and we back the privacy guidelines below with layers of security to safeguard your data.
For example, we collect information you provide in order to access our solutions, use our sites, subscribe to our content, or register for an activity associated with Rapid7. This may include, but is not limited to, your name, email address, telephone number, and mailing address.
If you make a purchase from Rapid7, become one of our vendors, or otherwise establish a relationship with us that involves financial transactions, we collect information about those transactions. This may include, but is not limited to, your credit or debit card information, account and authentication information, tax identifiers, and other billing, delivery, and contact details.
We collect information about the solutions you use and how you use them, such as how often you access our products and which features you use most frequently.
On our sites, we collect information using cookies and other tracking technologies. Please see our full Cookies, Widgets, and Other Tracking Technologies Policy.
We receive various types of information from third-party partners on some occasions, such as when we jointly offer services or sponsor events. We also collect data from third parties that relate to active or historic threats, vulnerabilities, and risks around the world. This can include data like hostnames, IP Addresses, email accounts, and usernames.
We conduct many types of research activities, including initiatives like Project Sonar, which periodically scans the internet to gain insights into global exposure to common vulnerabilities.
We collect the human resources information of our employees.
Return to top
We are able to deliver our solutions and services, understand the behavior of attackers, and better help our customers keep their environments safe by using collected information. This may include basic metadata, but we do not access sensitive customer information, such as user, network, vulnerability, incident, or asset information, unless you have requested we do so to investigate issues with our solution or carry out a service.
We use your information to communicate with you about our solutions, services, features, surveys, newsletters, offers, promotions, and events, and to provide other news or information about Rapid7 and our partners. We also use your information to respond to you when you contact us.
The vast majority of the data we collect through our research initiatives like Project Sonar is publicly available. It is collected to educate and enrich the security community.
We do not sell your personal information to third parties.
Information may be shared:
Other information related to the research we conduct may be shared with various organizations, including academic institutions or publications, but only when this information is public and/or non-identifiable.
Some third parties may provide services on our behalf and may require access to your information to carry out that work, including billing, customer support, etc. These service providers are authorized to use your personal information only as necessary to provide the services in scope.
We may share your information with third-party business partners, for instance, for the purpose of enhancing our products and services. If you do not want us to share your personal information with these companies, contact us at email@example.com.
We do not sell any customer, user, or research data to third parties.
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will subsequently be notified via email and/or via a prominent notice on our sites of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Rapid7 may share information internally across our parent, subsidiary, and affiliate companies or with third parties for the purposes defined in this policy. Information collected within the European Economic Area (“EEA”) may, for example, be transferred to countries outside of the EEA for the purposes as described in this policy.
For more information please see Rapid7 LLC and the EU-U.S. Privacy Shield.
Upon request, Rapid7 will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by emailing us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe.
We may use your information to send you a newsletter or other marketing communications. You may choose to stop receiving our newsletter or marketing communications at any time by following the unsubscribe instructions included in the newsletters or communications. Alternatively, you can opt-out of receiving such newsletters and communications by contacting us at email@example.com.
If you opt to end your engagement with Rapid7, you have the opportunity to collect and transfer any data that is possible to export. If you request that Rapid7 delete all of your data, the request will be processed within 14 days.
We will retain your information for as long as your account is active, or as needed to provide you products and/or services. If you wish to cancel your account or request that we no longer use your information to provide our offerings, contact us at firstname.lastname@example.org. We will retain and use your information as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements.
Rapid7, 100 Summer Street, 13th Floor, Boston, MA 02110-2115