Cato Networks Privacy Policy

The security of your personal data is of the utmost importance to us. At Cato Networks Ltd., including its subsidiaries and affiliates (“Cato,” “us,” “our,” or “we”), we want to make Cato’s Website’s or Services’ users’ experience satisfying and safe. This privacy policy (“Privacy Policy”) applies to the collection, use, safeguarding, and disclosure of Personal Information (defined below) through all access to and use of this website and associated websites (the “Website“) by Website users, job applicants, business contacts, and other individuals whose Personal Information we will collect (collectively, the “Services“).

This Privacy Policy governs all aspects of the collection and processing of your Personal Information. “Personal Information” used interchangeably with “Personal Data” (“Personal Information“) is information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to other information or identifiers such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

If you do not agree to the terms and conditions set forth herein, please do not use the Services. By using the Services, you acknowledge and agree that you have read and understand the data practices described within this  Privacy Policy. If you are a California resident, please visit the Cato Networks California Privacy Policy for more information on your rights and our information collection practices. If you have any questions about this Privacy Policy, please feel free to contact us by using the information in the “Contacting Us” section below.

You can jump to particular topics by going to the headings below:

  1. Information We Collect and How We Use It
  2. Sources of Personal Information
  3. Information Disclosure
  4. Data Security
  5. Data Retention
  6. Data Integrity
  7. EEA Users
  8. Cookies
  9. Third-Party Links
  10. Legal Justification and Consent to Processing
  11. Children and Minors
  12. Governing Law and Jurisdiction
  13. Changes to the Privacy Policy
  14. Contacting Us

1. Information We Collect and How We Use It

The types of Personal Information we collect about you depends on how you interact with us. Depending on the Services you use, the following are the categories and specific types of Personal Information that we collect, and have collected, as well as how we use it:

1.1 Usage Information. We may collect and automatically process meta data in connection with your use of the Services (“User Data“). User Data may include your IP address, user setting, location, type of browser and version, operating system or device, referral source, visit length, page views and Website navigation paths, as well as information about the frequency and timing of your use of the Service. An IP address is a numeric code that identifies your browser on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information. User Data may be processed for the purposes of analyzing the use of the Services, including the usage trends and preferences of our users, operating our Website, and improving and customizing the Services.

1.2 Your Contact Information. When registering on our Website or other create an account or profile using the Services, you may be asked to provide your name, email address, mailing address, telephone number, role within your enterprise or other details (“Entered Data“). You are the source of such Entered Data, and such data may be processed for the purposes of providing the Services, ensuring the security of the Services, and communicating with you.

1.3 User Communications. We may process information contained in any enquiry or communication you submit to us regarding the Services (“Enquiry Data“). When subscribing to Cato’s mailing lists on our Website or otherwise requesting us to contact you, we collect your phone, e-mail address and country of your residence. We may send you news and updates in respect of the Services. We may also send you newsletters and promotional communications, you may opt-out of this service, including participation in mailing list, at any time by submitting a request at privacy@com. Please note that even if you opt-out of receiving the foregoing communications, we may still send you a response to any “Contacting Us” request as well as administrative e-mails (e.g. in connection with Cato services) necessary to facilitate your use of the Services. The Enquiry Data may be processed for purpose of responding to your communication, improving our Services and offering any promotional offers with respect of our Services. We have not disclosed your Personal Information for direct marketing purposes to other controllers in the preceding twelve (12) months.

1.4 Orders. We may process information relating to transactions that you enter into with us for the purchasing of Services (“Transaction Data“). The Transaction Data may include your contact details, bank details and the transaction details. The Transaction Data may be processed for supplying the purchased Services, and maintaining proper documentation.

1.5 Recruitment and Pre-Employment. We may process information that you provide to us as part of any HR recruitment process you undergo with Cato. We will collect and use Personal Information to help assess your skills and your suitability to the relevant position. We may also use such data to contact you if we believe any career opportunities with Cato may interest you. Such information may include your name, email address, CV, telephone number, profile photo, references, certifications and qualifications and other relevant information associated with your assessment (“Candidate Data”). Please note that when providing information of third parties, such as references, you are responsible to notify them of this fact and obtain their consent for use of their Personal Information.

1.6 Information Received from Third Parties. We may supplement the information that you provide with information that is received from third parties. If you access the Services through any third party platforms (such as Facebook or Google), or interact with any third party platforms or other social media plug-in in the Service (such as a Facebook “Like” button) we may receive information from your respective social media or third party platforms account, including your account information, email, name, photo and any information defined as public pursuant to the policies of such third party platforms and/your settings in the respective third party platform.

1.7 Aggregate and Analytical Data. In an ongoing effort to better understand and serve the customers of the Services, we often conduct research on its customer demographics, interests and behavior based on the Personal Information and other information provided to us. This research may be compiled and analyzed on an aggregate and deidentified basis, and we may share this aggregate data with our affiliates, agents and business partners. This aggregate information does not identify you personally. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes. We also may use aggregate data for monetization.

Please do not supply any other person’s Personal Information to us without the specific and explicit consent of all parties, including the owner of such Personal Information. The provision of the Personal Information listed above is generally voluntary, but in certain instances, we will not be able to process your request for our Services without the requested Personal Information.

In addition to the purposes and uses described elsewhere in this Privacy Policy, we use your Personal Information in the following ways:

  • To identify you when you visit our Website;
  • To manage your account;
  • To conduct our business, including providing you the Services you requested;
  • To send you marketing communications about new or updates to our existing Services;
  • To comply with our legal obligations, to establish and exercise our rights, and to defend against a legal claim;
  • To maintain and improve our Website and tailor the user experience;
  • To respond to your inquiries related to support or other requests;
  • To conduct analytics;
  • To protect the security of your information and the Website;
  • To consider individuals for employment and contractor opportunities and manage onboarding procedures, as well as to administer and improve our recruitment process;
  • To evaluate our progress in achieving our diversity hiring goals, to ensure equal opportunity monitoring and reporting, to meet obligations, including providing workforce accommodations and for disability and workplace safety tracking administration.
  • To provide and maintain the functionality of our Website, including identifying and repairing errors or problems; and
  • To provide customer service and otherwise administer our business relationship with you.

Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. As a result, our collection and processing of your Personal Information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our general interest in conducting our business.

2. Sources of Personal Information

We collect your Personal Information in the following ways, pursuant to applicable law:

  • Directly From You, when you use our Website or Services, sign-up for an account, contact us, sign up to receive emails, text messages, and/or postal mailings.
  • Through Our Use of Cookies and Other Web Devices, when you visit our Website, open or click on emails we send you, or interact with our advertisements. We or third parties we work with automatically collect certain information using technologies such as cookies, web beacons, clear GIF, pixels, internet tags, web server logs, and other data collection tools. For more information, please visit our Cookie Policy here.
  • From Our Third‑Party Partners, including from third parties that we have partnered with to provide you the Services that you have requested from us.
  • Other Sources, including publicly available sources, as permitted by applicable law.

3. Information Disclosure.

In addition to the specific situations discussed elsewhere in this Privacy Policy, we may disclose the Personal Information listed above in each of the following situations, as permitted by applicable law:

(a) Service Providers: We may disclose your Personal Information with service providers. Among other things service providers may help us to administer and secure our Website, conduct surveys, mail communications, or provide technical support, data center services or legal advice. These service providers may collect, store, analyze, or otherwise process information on our behalf;

(b) Cato Affiliates and Acquisitions: We may disclose your Personal Information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If we become involved in a reorganization, merger, consolidation, acquisition, or any form of sale of some or all of our assets, with any type of entity, whether public, private, foreign or local, we may also disclose your Personal Information;

(c) Other Disclosures with Your Consent: We may ask if you would like us to disclose your information with other unaffiliated third parties who are not described elsewhere in this Privacy Policy;

(f) Government agencies, regulators, and professional advisors. Where permitted or required by applicable law, we may disclose Personal Information to government agencies and regulators (e.g., tax authorities, courts, and government authorities) to comply with our legal obligations, and to external professional advisors as necessary to defend our legal interests.

4. Data Security.

We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Information. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

5. Data Retention.

Cato will retain Personal Information for as long as it is necessary to carry out the purposes set out in this Privacy Policy and in accordance with its retention policies. Cato performs periodic reviews of our databases, and have established specific time limits for data retention, based on the criticality of the Personal Information and the purposes of the data processing. We will also retain Personal Information to meet any audit, compliance, and business best-practices. Personal Information that is no longer retained will be anonymized or deleted. Non-personal, non-identifiable, metadata and statistical information concerning the use of our Services may be retained by Cato indefinitely. Some Personal Information  may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.

6. Data Integrity.

Cato processes Personal Information only for the purposes for which it was collected and in accordance with this Privacy Policy or any applicable service agreements. We review our data collection, storage and processing practices to ensure that we only collect, store and process the Personal Information needed to provide or improve our Website and Services. We take reasonable steps to ensure that the Personal Information we process is accurate, complete, and current, but we depend on our users to update or correct their Personal Information whenever necessary. Unless otherwise agreed between the Company and you, nothing in this Privacy Policy is interpreted as an obligation to store information, and we may, at our own discretion, delete or avoid from recording and storing any and all information.

7. EEA Users

The following information applies to residents of the EU or the European Economic Area (“EEA”), who use our Services in the EEA.

A “resident” of the EEA is an individual who is physically present in the EEA. This section does not apply to EEA citizens who are resident outside of the EEA (for example, a French citizen who is resident in the United States). The EEA consists of the member states of the European Union, i.e., Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and Iceland, Liechtenstein, and Norway (collectively, “EEA Residents”). This section also applies to residents of Switzerland and United Kingdom as well.

From May 25, 2018, all processing of Personal Information of EEA Residents is subject to the General Data Protection Regulation (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Information and on the free movement of such data (“GDPR”) as well as section 3 of the European Union (Withdrawal) Act 2018 as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (SI 2019/419) (“UK GDPR”).

7.1 International Transfers of Personal Information

Some of the uses and disclosures mentioned in this Privacy Policy may involve the transfer of your Personal Information to various countries around the world that may have different levels of privacy protection than your country and may be transferred outside of the EEA. If there is a transfer of your Personal Information outside the EEA, we will either transfer your Personal Information to countries having adequate data protection laws under adequacy decisions or otherwise rely on appropriate safeguards, such as the EU Standard Contractual Clauses or the UK Addendum to the EU Standard Contractual Clauses, as well as adequate supplementary measures .  Please contact us using the information in the “Contacting Us” section below for a copy of the safeguards which we have put in place to protect your Personal Information.

7.2 Your Rights

The following is a summary of the rights that you may have under applicable data protection law. These are complex, and not all of the details have been included herein. In light of this, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

Your principal rights that may be afforded to you under applicable data protection laws are:

  1. The Right to Access: You have the right to request access to the Personal Information we hold about you, along with other information such as the purposes of the processing, the recipients or categories of recipients to whom the Personal Information has been or will be disclosed, the sources of the Personal Information, retention, and transfers of Personal Information.
  2. The Right to Rectification: You have the right to request correction of inaccurate Personal Information we have about you. Depending on the purposes of the processing, you may have the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.  As noted above, you may also be able to correct your information in your account or profile.
  3. The Right to Restrict Processing: You may have the right to restrict processing under certain circumstances.
  4. The Right to Object to Processing; You may, as permitted by law, request that we stop processing your Personal Information.
  5. The Right to Data Portability: Under certain circumstances, you have the right to receive the Personal Information about you that you have provided to us, in a structured, commonly used, and machine-readable format.
  6. The Right to Withdraw Consent: Where we rely on your consent to process your Personal Information, you have the right to withdraw that consent at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.
  7. The Right to Erasure: You have the right to request that we delete your Personal Information. If required by law, we will grant your request to delete information. However, when we delete Personal Information it will be removed from our active database, but it may remain in archives where it is not practical or possible to delete it. In addition, we may keep your Personal Information as needed to comply with our legal obligations, resolve disputes, and/or enforce any of our agreements.

You may exercise the above rights by using the contact information provided in the “Contacting Us” section of this Privacy Policy or contacting us at privacy@catonetworks.com.

7.3 Legal Basis for Processing Your Personal Information

As required by applicable law, we rely on several different legal bases to collect, use, and disclose your Personal Information:

  • Necessity to Perform Contract with You – We need to process your Personal Information to provide our Services, ensure Services are working as they should, answer questions and requests from you, manage our business relationship with you, and provide customer support.
  • Compliance with Legal Obligations – We need to process your Personal Information to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal process.
  • Consent – We rely on your consent when you provide us with your consent.
  • Based on Legitimate Interests – We process your Personal Information to protect your security and the security of the Website and/or Services; to detect and prevent fraud; to protect and defend the rights or property of others, or our own rights and interests; and to maintain and improve the user experience.

8. Cookies

In order to collect the data described herein we may use temporary cookies or web beacons that remain on your browser or device for a limited period of time. We may also use persistent cookies that remain on your browser or device until removed, in order to manage and maintain the Services and record your use of the Services.

Most browsers and devices may allow you to block cookies but you may not be able to use some features on the Services if you block them. You may set most browsers or devices to notify you if you receive a cookie (this enables you to decide if you want to accept it or not). Please note that turning off your cookies may affect some of the features on our Website. You can find more information regarding our Cookie Policy at https://www.catonetworks.com/cookie-notice/.

Our Website and Services may be provided through, include, utilize or offer features, products or services operated by third-party websites and platforms or contain links to websites or platforms. These third-party operators have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Please be aware that we are not responsible for the privacy practices of third-party websites, platforms or applications even though our name or logo may appear on such. We encourage you to be aware of this and to read the privacy statements of each and every website, platform or application that you visit. Our Privacy Policy applies solely to our Website and Services.

By providing any Personal Information to us pursuant to this Privacy Policy, you, including, without limitation, persons in Israel, the United States and member states of the EEA, fully understand and unambiguously consent to this Privacy Policy and to the collection and processing of such Personal Information abroad. By submitting your Personal Information through the Website or Services, you consent, acknowledge, and agree that we will collect, use, process, transfer, and disclose your Personal Information as described in this Privacy Policy.

11. Children and Minors

Our Website and Services are not intended for persons under the age of 13. By using the Services, you represent that you are at least the age of majority in your state, province or country of residence, or that you are the age of majority in your state, province or country of residence and you have given us your consent to allow any of your minor dependents to use the Services. If we learn that we have collected Personal Information from persons under 13 through our Website or Services, we will take appropriate steps to delete this information. Cato does not knowingly collect or sell Personal Information from children under the age of 13.

12. Governing Law and Jurisdiction

This Privacy Policy is exclusively governed by the laws of the State of Israel. All disputes regarding this Privacy Policy shall be exclusively submitted to the competent courts of the exclusive jurisdiction of Tel Aviv, Jaffa, Israel.

13. Changes to the Privacy Policy

We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Please take a look at the “Last Updated” and “Effective Date” at the bottom of this Privacy Policy. The effective date refers to the date that the current version took effect. The last updated date refers to the date that the current version was last substantively modified. Changes and clarifications will take effect immediately upon their posting on our Website. Your access or use of the Services following these changes means that you accept and consent to the revised Privacy Policy.

14. Contacting Us

If there are any questions regarding this Privacy Policy, or if you would like to exercise your rights (if they apply to you), you may contact us and our Data Protection Officer using the information below:

 

Cato Networks Ltd.

121 Menachem Begin St., Tel Aviv, Israel

972-72-273-9740

privacy@catonetworks.com

 

If you consider that our processing of your Personal Information infringes upon data protection regulations, you have a legal right to file complaint with a supervisory authority responsible for data protection.  You may do so in the EU member state of your habitual residence, your place of work, or the place of the alleged infringement.

 

Effective Date. June 5, 2023.

Last Updated Date. June 5, 2023.

The network you have been waiting for is here.
Prepare to be amazed.