Critical Research Privacy Policy

Last Updated September 12, 2019

Your privacy is important to Critical Research Corporation (“Critical Research”, “we” or “us”). This Critical Research Privacy Policy (“Privacy Policy”) describes how we may collect, use, store, disclose, and otherwise process information relating to an identified or identifiable individual, including your personal information, in any form (“Personal Data”), through your access to or use of our products and services, including those at critical.io, rumble.run, rumble.network, rumble.dev, and any related websites and subdomains thereof (the “Sites”), as well as mobile software applications, and other offerings created to provide information about our company and network asset identification software and services (collectively, together with the Sites, the “Services”).

Our Privacy Policy has the following sections:

1. INFORMATION WE COLLECT

2. OUR USE OF YOUR PERSONAL DATA AND OTHER INFORMATION

3. HOW WE STORE AND SECURE YOUR INFORMATION

4. OUR DISCLOSURE OF YOUR PERSONAL DATA AND OTHER INFORMATION

5. YOUR CHOICES

6. ADDITIONAL PRIVACY INFORMATION

1. INFORMATION WE COLLECT

When you interact with us through the Services, we may collect Personal Data and other information from you, as further described below:

Personal Data That You Provide Through the Services

We collect Personal Data from you when you provide such information, such as when you contact us with inquiries, including via the Site, phone, email, and web chat, respond to one of our surveys, register for access to the Services, use certain Services, including by responding to input fields and advertisements on the Sites, or in other such ways. Wherever Critical Research collects Personal Data we make an effort to provide a link to this Privacy Policy.

By providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Services, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Critical Research and the authorized third parties referred to herein located in the United States.

Personal Data That We Receive from Third Parties, including Our Customers

We may periodically obtain both your Personal Data from affiliated entities, our commercial customers, partners and other independent third-party sources and will add it to our database of information. For example, we may receive information about your interaction with advertisements on third party websites, including updated postal addresses and demographic information. Critical Research may cache this data and various aggregations and transformation (charts, graphs, maps, tables, dashboards, etc.) as part of normal operations as covered by our Terms of Service, Subscription Services Agreement, or Master Subscription Agreement, as applicable. In some instances, Critical Research is acting as the data processor on behalf, and pursuant to the instructions, of our commercial customers, who act as the data controller (an entity that determines the purposes and means for processing personal data). If you have any questions about our processing of your Personal Data from such commercial customers, you are advised to contact the applicable customer who has directed us to process the particular information.

Other Information

We may use cookies, log files, web beacons, device identifiers, advertising identifiers and similar tracking technologies, including those from third-party service providers like Google Analytics and other cloud-based tools, to automatically collect your preferences, performance data and information about your web usage when you visit the Services, as follows:

Cookies: In operating the Services, we may use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services. Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For instance, our Sites may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Sites, or to provide more relevant ads and search results. We may also collect information about your online activity, such as pages viewed and interactions with other users. In all cases in which we use cookies, we will provide you with prior notice. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. You can learn more about targeted ads and your ability to opt out of receiving interest-based ads at https://optout.aboutads.info and https://www.networkadvertising.org/choices. We recommend that you leave cookies turned on because they allow you to take advantage of some of the Services’ features.

Third Party Tracking: We may allow third party service providers to use cookies or similar technologies to collect information about your browsing activities over time and across different websites following your use of the Services. For example, we use Google Analytics, a web analytics service provided by Google, Inc. Google Analytics uses cookies to help the website analyze how users use the Sites and enhance your experience when you use the Services. For more information on how Google, Inc. uses this data, go to https://www.google.com/policies/privacy/partners/. You can control the information collected by such tracking technologies or be alerted when cookies are sent by adjusting the settings on your Internet browser or devices, but such adjustments may affect or disable certain functionality of the Services.

Services Data: In order to provide our Services, our software must collect information from network-connected equipment and transfer this information to the Critical Research for processing, analysis, and display within the product user interface. This information includes the type and quantities of equipment, DNS names, IP addresses, MAC addresses, and other information about the connected equipment, such as running services and installed software. The software also collects minimal information about the equipment on which it is installed; this includes the hostname, domain name, operating system, installed software, and service process environment, as well as hardware information, such as the processor model, memory, storage, and network interfaces. This information is used to enable functionality within the Services and assist with support requests. We do not currently respond to web browser “do not track” signals. If we do so in the future, we will describe how we do so in this Privacy Policy. For more information about “do not track,” visit https://www.allaboutdnt.com.

2. OUR USE OF YOUR PERSONAL DATA AND OTHER INFORMATION

Critical Research uses the Personal Data you provide in a manner that is consistent with this Privacy Policy, or for which it has been collected or subsequently authorized by you. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Services, we will use your Personal Data to provide you with such access to the Services and to monitor your use of such Services. Critical Research and its subsidiaries and affiliates (the “Related Companies”) may also use your Personal Data and other information collected through the Services to help us improve the content and functionality of the Services, to better understand our users, improve the Services, and other legitimate purposes. To the extent necessary for those purposes, we may also take reasonable steps to confirm that Personal Data is reliable for its intended use, accurate, complete and current.

Critical Research and its affiliates may use this information to contact you in the future to tell you about Services we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to “opt-out” of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing lists, please contact us at privacy@rumble.run. If Critical Research intends on using any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected and you will be given an opportunity to opt out of such use.

3. HOW WE STORE AND SECURE YOUR INFORMATION

We are committed to securing all Personal Data provided to us. Personal Data that we collect may be stored and processed in your region, in the United States, and in any other country where Critical Research, or its Related Parties or service providers, operate facilities. Critical Research will retain your Personal Data as long as necessary for the purposes outlined in this Privacy Policy and for a commercially reasonable time thereafter for backup, archival, fraud prevention or detection or audit purposes, or as otherwise required by law. Critical Research takes technological and organizational measures to protect your Personal Data against loss, theft, and unauthorized access, misuse, disclosure, modification, and destruction. For example:

  • we only transmit Personal Data over secured communication channels using TLS
  • we only store Personal Data using solutions that are encrypted at rest
  • all systems used to provide the Services are password protected
  • all applications used to provide Services are built using security best practices
  • all applications used to provide Services run with limited rights and limited roles

Among other third party providers, we partially rely on AWS’ security programs to protect personal information while stored in their respective controlled facilities. We require encryption at rest to be enabled for all storage, multi-factor authentication to be enabled for AWS console access, and CloudTrail configured to log all administrative activity. We maintain layered, rotated backups of the database servers and all Service-related artifacts. For more information on AWS’ security practices and processes, please see https://aws.amazon.com/security/.

Client complies with applicable data protection laws, including applicable security breach notification requirements.

Please keep in mind that no Internet or email transmission is ever fully secure or error free, so you should take special care in deciding what information you send to us.

4. OUR DISCLOSURE OF YOUR PERSONAL DATA AND OTHER INFORMATION

Critical Research is not in the business of selling your information. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

Business Transfers: Critical Research may disclose Personal Data as necessary in connection with the sale or transfer of all or part of its business. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.

Related Companies: We may also share your Personal Data with our Related Companies for purposes consistent with this Privacy Policy.

Agents, Consultants and Related Third Parties: Critical Research, like many businesses, sometimes hires other companies to perform certain business-related functions. We may disclose Personal Data to third-party service providers (such as providers of customer and lead management services, email communication and customer support services) and subcontractors (such as providers of compute and storage resources) who perform certain services or provide certain solutions on our behalf and under our instructions as necessary in connection with the performance of requested services or solutions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function, and we maintain contracts with these third parties restricting their access, use and disclosure of Personal Data consistent with this Privacy Policy.

Legal Requirements: Critical Research may disclose your Personal Data if required or permitted by law, or when we believe, in the good faith, that such action is necessary to (a) comply with a legal obligation or process, including to meet national security or law enforcement requirements, (b) protect and defend the rights or property of Critical Research, © act in urgent circumstances to protect the personal safety of users of the Services, our customers, or the public, or (d) protect against legal liability.

Aggregated Personal Data: In an ongoing effort to better understand and serve the users of the Services, Critical Research often conducts research on its Customer demographics, interests and behavior based on the Personal Data and other information provided to us, including the total number of visitors to our Sites, the number of visitors to each page of our Sites, and the domain names of our visitors’ Internet service providers. We may compiled, analyzed, publish, share, distribute, or disclose such information on an aggregate basis or in a de-identified manner that does not allow such data about you to be separated from the aggregate data and identified as originating from you.

Personal Information You Post in Public Areas: When you post a message in a Critical Research forum, chat room, review, or customer feedback, the information you post may be accessible to other users of the Services and the public. If you post Personal Data anywhere on the Services that is accessible to other users or the public, you are advised that such Personal Data can be read, collected, used, or disseminated by others and could be used to send you unsolicited information or otherwise. Accordingly, you assume full responsibility for posting such Personal Data and agree that Critical Research is not responsible in any way for Personal Data you choose to post in these public areas. All such data shall be deemed to be non-confidential and Critical Research shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

In addition to the above, we may share Personal Data about you with others to the extent you consent to such sharing.

5. YOUR CHOICES

You can visit the Sites without providing any Personal Data. If you choose not to provide any Personal Data, you may not be able to use certain Services. Critical Research will offer you the opportunity to opt out of your Personal Data being (a) disclosed to third parties, except when disclosure is made to a third party that is acting as an agent to perform task(s) on our behalf and under our instructions, or (b) used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by you. Critical Research will provide clear, conspicuous and readily available mechanisms to opt out should applicable circumstances arise.

To the extent provided by the law of your jurisdiction, you may also (a) have the right to access certain Personal Data we maintain about you, (b) request certain information regarding our disclosure of your Personal Data to third parties for their direct marketing purposes, © request that we update or correct inaccuracies in your Personal Data, (d) object to our use of your Personal Data, (e) ask us to block or delete your Personal Data from our database, and (f) request to download the Personal Data you have shared on the Services. You may make these requests and any other inquiries about this Privacy Policy by emailing privacy@rumble.run. Any such requests are subject to the protection of other individuals’ rights and applicable law. Critical Research will process all reasonable requests for access within a reasonable time period, but reserves the right to restrict access in cases where the legitimate rights of other individuals would be violated or where applicable law requires such restriction. Additionally, to help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the data. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your Personal Data that we maintain.

6. ADDITIONAL PRIVACY INFORMATION

Children

Critical Research does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Critical Research through the Services, please contact us, and we will endeavor to delete that information from our databases.

This Privacy Policy applies only to the Services (which includes the Sites). The Services may contain links to other web sites not operated or controlled by Critical Research (the “Third Party Sites”). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that Critical Research endorses or has reviewed the Third Party Sites. We suggest you review the privacy polices of those Third Party Sites for information on their privacy practices.

Terms of Service

Your access to and use of the Services is subject to either the Terms of Service at https://rumble.run/terms, Subscription Services Agreement, Master Subscription Agreement, or other agreement (e.g. beta agreement, clickwrap) as you may have accepted.

Changes to Critical Research’s Privacy Policy

The Services and our business may change from time to time. As a result, at times it may be necessary for Critical Research to make changes to this Privacy Policy. Critical Research reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

California Privacy Rights

Applicable California privacy legislation permits visitors who are California residents to request certain information regarding our disclosure of Personal information to third parties for their direct marketing purposes. To make such a request to access such information, please contact us as at privacy@rumble.run. Within thirty (30) days of receiving such a request, we will provide a list of the categories of personal information disclosed to third parties for third-party direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the address specified in this paragraph.

International Transfers

Our databases are currently located in the United States. Critical Research makes no claim that its Services are appropriate or lawful for use or access outside the United States. If you access the Services from outside the United States, you are consenting to the transfer of your personal information from your location to the United States. You are solely responsible for complying with all local laws, rules and regulations regarding online conduct and access to the Services. By sending us your information, you further consent to its storage within the United States. For residents of the EU, Switzerland, plus Iceland, Liechtenstein and Norway, Critical Research certifies to the EU-US and Swiss-US Privacy Shield. See our privacy statement specific to Privacy Shield at the following link: https://rumble.run/privacy-shield.

Access to Information; Contacting Critical Research

Please feel free to contact us if you have any questions about Critical Research’s Privacy Policy or the information practices of the Services. You may contact us via email using the address privacy@rumble.run.