You can jump to particular topics by going to the headings below:
The types of Personal Information we collect about you depends on how you interact with us. Depending on the Services you use, the following are the categories and specific types of Personal Information that we collect, and have collected, as well as how we use it:
1.1 Usage Information. We may collect and automatically process meta data in connection with your use of the Services (“User Data“). User Data may include your IP address, user setting, location, type of browser and version, operating system or device, referral source, visit length, page views and Website navigation paths, as well as information about the frequency and timing of your use of the Service. An IP address is a numeric code that identifies your browser on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information. User Data may be processed for the purposes of analyzing the use of the Services, including the usage trends and preferences of our users, operating our Website, and improving and customizing the Services.
1.2 Your Contact Information. When registering on our Website or other create an account or profile using the Services, you may be asked to provide your name, email address, mailing address, telephone number, role within your enterprise or other details (“Entered Data“). You are the source of such Entered Data, and such data may be processed for the purposes of providing the Services, ensuring the security of the Services, and communicating with you.
1.3 User Communications. We may process information contained in any enquiry or communication you submit to us regarding the Services (“Enquiry Data“). When subscribing to Cato’s mailing lists on our Website or otherwise requesting us to contact you, we collect your phone, e-mail address and country of your residence. We may send you news and updates in respect of the Services. We may also send you newsletters and promotional communications, you may opt-out of this service, including participation in mailing list, at any time by submitting a request at privacy@com. Please note that even if you opt-out of receiving the foregoing communications, we may still send you a response to any “Contacting Us” request as well as administrative e-mails (e.g. in connection with Cato services) necessary to facilitate your use of the Services. The Enquiry Data may be processed for purpose of responding to your communication, improving our Services and offering any promotional offers with respect of our Services. We have not disclosed your Personal Information for direct marketing purposes to other controllers in the preceding twelve (12) months.
1.4 Orders. We may process information relating to transactions that you enter into with us for the purchasing of Services (“Transaction Data“). The Transaction Data may include your contact details, bank details and the transaction details. The Transaction Data may be processed for supplying the purchased Services, and maintaining proper documentation.
1.5 Recruitment and Pre-Employment. We may process information that you provide to us as part of any HR recruitment process you undergo with Cato. We will collect and use Personal Information to help assess your skills and your suitability to the relevant position. We may also use such data to contact you if we believe any career opportunities with Cato may interest you. Such information may include your name, email address, CV, telephone number, profile photo, references, certifications and qualifications and other relevant information associated with your assessment (“Candidate Data”). Please note that when providing information of third parties, such as references, you are responsible to notify them of this fact and obtain their consent for use of their Personal Information.
1.6 Information Received from Third Parties. We may supplement the information that you provide with information that is received from third parties. If you access the Services through any third party platforms (such as Facebook or Google), or interact with any third party platforms or other social media plug-in in the Service (such as a Facebook “Like” button) we may receive information from your respective social media or third party platforms account, including your account information, email, name, photo and any information defined as public pursuant to the policies of such third party platforms and/your settings in the respective third party platform.
1.7 Aggregate and Analytical Data. In an ongoing effort to better understand and serve the customers of the Services, we often conduct research on its customer demographics, interests and behavior based on the Personal Information and other information provided to us. This research may be compiled and analyzed on an aggregate and deidentified basis, and we may share this aggregate data with our affiliates, agents and business partners. This aggregate information does not identify you personally. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes. We also may use aggregate data for monetization.
Please do not supply any other person’s Personal Information to us without the specific and explicit consent of all parties, including the owner of such Personal Information. The provision of the Personal Information listed above is generally voluntary, but in certain instances, we will not be able to process your request for our Services without the requested Personal Information.
Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. As a result, our collection and processing of your Personal Information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our general interest in conducting our business.
We collect your Personal Information in the following ways, pursuant to applicable law:
(a) Service Providers: We may disclose your Personal Information with service providers. Among other things service providers may help us to administer and secure our Website, conduct surveys, mail communications, or provide technical support, data center services or legal advice. These service providers may collect, store, analyze, or otherwise process information on our behalf;
(b) Cato Affiliates and Acquisitions: We may disclose your Personal Information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If we become involved in a reorganization, merger, consolidation, acquisition, or any form of sale of some or all of our assets, with any type of entity, whether public, private, foreign or local, we may also disclose your Personal Information;
(f) Government agencies, regulators, and professional advisors. Where permitted or required by applicable law, we may disclose Personal Information to government agencies and regulators (e.g., tax authorities, courts, and government authorities) to comply with our legal obligations, and to external professional advisors as necessary to defend our legal interests.
We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
The following information applies to residents of the EU or the European Economic Area (“EEA”), who use our Services in the EEA.
A “resident” of the EEA is an individual who is physically present in the EEA. This section does not apply to EEA citizens who are resident outside of the EEA (for example, a French citizen who is resident in the United States). The EEA consists of the member states of the European Union, i.e., Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and Iceland, Liechtenstein, and Norway (collectively, “EEA Residents”). This section also applies to residents of Switzerland and United Kingdom as well.
From May 25, 2018, all processing of Personal Information of EEA Residents is subject to the General Data Protection Regulation (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Information and on the free movement of such data (“GDPR”) as well as section 3 of the European Union (Withdrawal) Act 2018 as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (SI 2019/419) (“UK GDPR”).
7.1 International Transfers of Personal Information
7.2 Your Rights
The following is a summary of the rights that you may have under applicable data protection law. These are complex, and not all of the details have been included herein. In light of this, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights that may be afforded to you under applicable data protection laws are:
7.3 Legal Basis for Processing Your Personal Information
As required by applicable law, we rely on several different legal bases to collect, use, and disclose your Personal Information:
In order to collect the data described herein we may use temporary cookies or web beacons that remain on your browser or device for a limited period of time. We may also use persistent cookies that remain on your browser or device until removed, in order to manage and maintain the Services and record your use of the Services.
Our Website and Services are not intended for persons under the age of 13. By using the Services, you represent that you are at least the age of majority in your state, province or country of residence, or that you are the age of majority in your state, province or country of residence and you have given us your consent to allow any of your minor dependents to use the Services. If we learn that we have collected Personal Information from persons under 13 through our Website or Services, we will take appropriate steps to delete this information. Cato does not knowingly collect or sell Personal Information from children under the age of 13.
Cato Networks Ltd.
121 Menachem Begin St., Tel Aviv, Israel
If you consider that our processing of your Personal Information infringes upon data protection regulations, you have a legal right to file complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work, or the place of the alleged infringement.
Effective Date. June 5, 2023.
Last Updated Date. June 5, 2023.