Privacy Policy

Effective from Feb 04, 2020
This Privacy Policy applies to the website: (the “Site”) and our products (“Core”, “CyberRisk”, "Vendor Risk" and “BreachSight”) (collectively, the “Services”) owned and operated by UpGuard, Inc (collectively, “UpGuard”, “we”, “us”, or “our”). We respect the rights and privacy of individuals who use our website ( and/or our products and services. This Privacy Policy describes how UpGuard collects, uses, shares and secures the personal information you provide. It also describes your rights choices regarding use, access, erasure, objection, portability and correction of your personal information.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

UpGuard, Inc complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland, to the United States. UpGuard has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit

UpGuard is responsible for the processing of personal data it receives under both privacy frameworks and third-party agent acting on its behalf. UpGuard complies with all of the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provision. This Policy applies to all UpGuard operating divisions, subsidiaries, affiliates, and branches, including its U.S. affiliates certified under the Privacy Shield and any additional subsidiary, affiliate, or branch of UpGuard that we may subsequently form.

With regards to personal data transferred from the EU and Switzerland in accordance with the Privacy Shield Framework, UpGuard is subject to the regulatory enforcement of the U.S. Federal Trade Commission. In certain circumstances, UpGuard may be required to disclose personal data to meet law enforcement or national security requirements. In compliance with the Privacy Shield Principles, UpGuard, Inc, commits to resolving complaints regarding Upguard’s use or collection of your personal data. We encourage EU and Swiss individuals to contact UpGuard at privacy with inquiries or complaints.

UpGuard has committed to refer unresolved complaints to a third party dispute resolution provider. If you do not receive acknowledgement from UpGuard within 45 days, or if your concern has not been resolved to your satisfaction, please contact our US based third party resolution provider for more information or to file a complaint. In order to facilitate quick and convenient complaint resolution, you agree to file an online complaint with JAMS Online Mediation. In some circumstances, Privacy Shield provides the right to invoke binding arbitration when other resolution methods have failed to yield satisfactory results.

Information we collect

Information You Provide to Us

When you use the Services, register for an Account with UpGuard, request Services or information from us, request a demo, subscribe to our SMB services, or contact us directly, we may ask you to provide personal information, which is information that can be used to identify you. This personal information may include your name, email address, company, phone number, business address and other information about your business. We may also collect your personal information when you engage in transactions on our Site.

Payment Information

When you subscribe to our products online, UpGuard’s third party PCI-compliant service providers collect and process payment information from you, including credit card numbers and billing information.

Information We Automatically Collect

You are free to explore our website without registering for an account. We automatically collect certain navigational information from visitors to our Site, including your IP address, browser type, geographical location, referral source, length of visits and pages viewed.

Publicly Available Information

We may collected publicly available information from third parties to confirm your identity when you request information or a demo from us or to market our products and services to you.

How we use information we collect

Use of personal information

We use the information we collect to provide our Services to customers, to manage customers’ accounts, for billing, and to provide information you requested. In addition, we may use personal information for the following purposes:

  • Send information to you which we believe may be of interest by email;
  • Send you marketing communications which we believe may be of interest to your business;
  • Provide your information to our partners and/or resellers in order to deliver products or services as part of our contractual agreement with you;
  • Provide your information to third parties, who may provide customer support, facilitate business operations and payments. Such third parties are prohibited from using your personal information except for these purposes;
  • To improve or modify our services; and
  • To understand how users interact with the Site so that we can improve it and provide a more optimal user experience.

We will never sell your information to third parties.

Retention of personal information

If you are in the European Economic Area (EEA) or Switzerland we retain Personal Information that you provide us as long as we consider it potentially useful in contacting you about your use of our products and services, continue to subscribe to our marketing communications, to comply with our legal obligations, resolve disputes and/or enforce our agreements, and then we securely delete the information. We will delete this information at an earlier date if you so request, as described in "Opting Out and Unsubscribing" below.

Security of your personal information

The security of your information is important to us. We adhere to generally accepted standards to ensure that the personally identifiable information you entrust us with is secure. Access to this information is restricted to UpGuard employees, contractors and third parties who are necessary to operate or improve our products and services. All of our employees, contractors and third parties are bound by confidentiality agreements and may face termination or criminal prosecution for breaching these agreements. If you have any questions about the security of your personal information please contact us at


UpGuard and our authorized vendors may use cookies and other technologies to collect information from you for a variety of purposes. These technologies provide us with personal information about your devices and networks you utilize to access our Websites, and other information regarding your interactions with our Websites.

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can change your browser settings to decline cookings if you choose. For more information about UpGuard’s use of cookies, please read our Cookie Policy.

We partner with third parties to manage our advertising on other sites. Our third parties may also use technologies such as cookies to gather information about your activities on our Website and other sites in order to suggest advertising based on your browsing activities and interests.

Clear Gifs

We use a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs), that help us manage and improve the quality of our Website and marketing communications by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user's computer hard drive, clear gifs are embedded invisibly on Web pages or in emails and are about the size of the period at the end of this sentence. We use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. We tie the information gathered by clear gifs in emails to our customers' Personal Information. You can opt-out of emails from us at any time by clicking ‘unsubscribe’.

Log Files

Like most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Websites and Services. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, your mobile carrier, and system configuration information. Occasionally, we connect personal information to information gathered in our log files as necessary to improve our Websites and Services. In such a case, we would treat the combined information in accordance with this Policy.

Information We Share

Our Vendors and Service Providers

UpGuard uses third party services which are necessary to the operation of our website, product and business operations. Examples may include, marketing CRM, customer support and payment management in order to provide you with better service. In all cases where our third parties handle your personal information we require their acknowledgment and adherence to our privacy policy and customer data handling policies.

Customer Testimonials

We post customer testimonials on our website which include personal information. We ensure we have our customer’s approval before posting their testimonial and name.

Compelled Disclosure

We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.

Opting Out and Unsubscribing

Reviewing, correcting and removing your personal information

If you reside or are located in the EEA or Switzerland, on request, and following confirmation of your identity, UpGuard will provide you with access to the personal information we have collected about you in machine-readable format. Additionally, we will respond to your requests that we do the following:

  • Correct any errors, omissions, or outdated information you have supplied to us in relation to use of our website and/or products.
  • Not use it to contact you.
  • Object to further processing of your personal information.
  • Delete it from our systems.

To exercise any of these rights please contact us at or 650 Castro Street, Suite 120-387 Mountain View, CA 94041 United States.

When contacting us, please make clear in the email what Personal Information you would like to have changed. For your protection, we may only process requests with respect to the personal data associated with the email address that you use to send us your request. We may need to verify your identity before implementing your request.

We will respond within a reasonable timeframe to all requests for access, change or delete information we have within a reasonable timeframe. In some instances, we may not delete your personal information if we have a legal obligation to retain it, or we otherwise have a legitimate purpose, such as fraud prevention.

To unsubscribe from our communications

You can unsubscribe at any time from receiving communications from UpGuard by clicking unsubscribe at the bottom of emails from us, emailing us at or by sending us mail to UpGuard at 650 Castro Street, Suite 120-387 Mountain View, CA 94041 United States.

Customers, please note, while you can opt-out of receiving marketing communications from us, you cannot opt-out from receiving transactional emails relating to your use of our product and/or services.

Important Information

International Transfer

UpGuard is headquartered in the United States of America. Please note that your information may be transferred and stored in a city, state, country or government jurisdiction where the privacy laws may not as protective as your own jurisdiction. If you are located outside of the United States of America, please note that we transfer and process PII there.


We may update this Privacy Policy to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the email address specified in your account) or with a notice on our website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact us

If you have any inquiries or concerns about UpGuard’s Privacy Policy please contact us at or 650 Castro Street, Suite 120-387 Mountain View, CA 94041 United States.

Anonymously report a code of conduct violation

What would you like to report?

Your report has been received and we will be investigating.
Something went wrong while submitting the form... Please refresh the page.

Book a free demo

Book a free, personalized onboarding call with one of our cybersecurity experts.