Check Point Software Technologies Ltd, including all of its affiliates and subsidiaries worldwide (collectively, “Check Point,” “we,” “us,” or “our”) value the privacy of individuals who use or express interest in the Check Point Websites (as defined below), and the Check Point products and services (collectively, our “Services”). This privacy policy (the “Privacy Policy”) explains how we collect, use, and disclose Personal Data and applies to all of Check Point’s Services.
1.1 “Personal Data” means any data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of, Check Point (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of Check Point or any other person in respect of an individual.
1.2 Beyond this Privacy Policy, your use of our Services is also subject to applicable End-user License Agreement available at our website.
1.3 If you are a California resident, our California Resident Privacy Notice provides more information about your California privacy rights and explains how you can exercise those rights.
1.4. If you are using the Check Point ZoneAlarm services and products, please refer to our ZoneAlarm Privacy Policy.
This Privacy Policy concerns the following sources of information that we collect in connection with our Service, which include:
We may collect and receive a variety of information from you or about you or your devices from various sources, as described below. If you do not provide your Personal Data when requested, you may not be able to use our Services if that information is necessary to provide you with our Services or if we are legally required to collect it.
3.1 Information that you provide to Check Point. This includes Personal Data about you that you provide to us. The nature of the Services you are requesting or using will determine the kind of Personal Data we might ask for, though such information may include (by way of a non-exhaustive list):
3.2 Information that we collect or generate about you. This includes (by way of non-exhaustive list):
3.3 Cookies. We and our third-party partners may collect Personal Data using cookies, which are small files of letters and numbers that we store on your browser or the hard drive of your computer. We may also use pixel tags and web beacons on our Services. These are tiny graphic images placed on web pages or in our emails that allow us to determine whether you have performed a specific action. We use cookies, beacons, invisible tags, and similar technologies (collectively “Cookies”) to collect information about your browsing activities and to distinguish you from other users of our Services. This aids your experience when you use our Services and allows us to improve the functionality of our Services. Cookies can be used for performance management, collecting information on how our Services are being used for analytics purposes. They can also be used for functionality management, enabling us to make your visit more efficient by, for example, remembering language preferences, passwords, and log-in details. For more information on the types of Cookies we and third parties may use in connection with our Services, please see our Check Point Cookies Notice.
How to Block Cookies. You can block Cookies by setting your internet browser to block some or all Cookies. However, if you use your browser settings to block all Cookies (including essential Cookies) you may not be able to access all or parts of our Services. By using our Services, you consent to our use of Cookies and our processing of Personal Data collected through such Cookies, in accordance with this Privacy Policy. You can withdraw your consent at any time by deleting placed Cookies and disabling Cookies in your browser, or as explained below. You can change your browser settings to block or notify you when you receive a Cookie, delete Cookies, or browse our Services using your browser’s anonymous usage setting. Please refer to your browser instructions or help screen to learn more about how to adjust or modify your browser settings. If you do not agree to our use of Cookies, you should change your browser settings accordingly. You should understand that some features of our Services may not function properly if you do not accept Cookies. Where required by applicable law, you will be asked to consent to certain Cookies before we use or install them on your computer or other device.
3.4 Anonymized data. In addition to the categories of Personal Data described above, Check Point may also process further anonymized information or de-identified and aggregated with other data that is not processed by reference to a specific individual.
3.5 Careers. In order for us to consider your application for a position with us it will be necessary for us to process certain personal data relating to you. We process personal data in accordance with applicable legislation, while considering and balancing the relevant interests of our applicants, ourselves, and other stakeholders.
4.1 We may process your Personal Data for the following purposes (“Permitted Purposes”):
4.2 When we process Personal Data we verify the existence of a lawful ground for such processing activity, including:
4.3 As part of our Services and/or Products, we may utilize artificial intelligence (AI) technologies to enhance our capabilities and provide you with a better experience.
4.4 We will take steps to ensure that your Personal Data is accessed only by such individuals that have a need to do so for the purposes described in this Privacy Policy.
4.5 We do not retain, use, sell or disclose Personal Data for any purpose other than for the specific purpose of performing our Services or as otherwise strictly permitted under this Privacy Policy.
We may share or otherwise disclose the Personal Data we collect from you as described below or otherwise disclosed to you at the time of the collection.
6.1 Check Point is a global business. Our customers and our operations are spread around the world. As a result, we collect and transfer Personal Data on a global basis. That means that we may transfer your Personal Data to locations outside of your country.
6.2 Europe. Where we transfer your Personal Data to another country outside the European Economic Area (“EEA”) or the United Kingdom (“UK”), we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to data being transferred outside of Europe or the UK, for example, this may be done in one of the following ways:
You can obtain more details of the protection given to your Personal Data when it is transferred outside the EEA or the UK (including a copy of the standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in paragraph 13 below.
6.3 China. For residents in the mainland of the People’s Republic of China (“Mainland China”), we may transfer, access or store your Personal Data outside of the Mainland China where we are satisfied that adequate levels of protection are in place to protect the integrity and security of your Personal Data or adequate security measures are adopted and in compliance with the applicable laws, such as contractual arrangements. Where required by applicable laws, we will put in place appropriate measures to ensure that all processing of your Personal Data outside of the Mainland China is safeguarded by the equivalent level of data protection in the Mainland China.
7.1 Marketing Communications. You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us.
7.2 Do Not Track. There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.
If you choose not to provide us with the Personal Data we collect, some features of our Services may not work as intended.
7.3 California Privacy Rights. If you are a California resident, you can review our California Resident Privacy Notice for information about your privacy rights and choices under California law.
7.4 Your European Privacy Rights. If you are located in the EEA or the UK, you have additional rights described below.
You may exercise these rights by contacting us via our online form available here. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain Personal Data for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
8.1. Introduction.
Check Point Software Technologies, Inc. and its subsidiaries, Zone Labs, LLC, Avanan, Inc. and R&M Computer Consultants Inc. (“Check Point US”) complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce (collectively, the “DPF Principles”). To learn more about the Swiss-U.S. DPF please visit here.
Check Point US has certified to the U.S. Department of Commerce that: (i) it adheres to the EU-U.S. Data Privacy Framework Principles with regard to the processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF; (ii) it adheres to the Data Privacy Framework Principles with regard to the processing of Personal Information received from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF; (iii) it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern.
To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit the U.S. Department of Commerce’s Data Privacy Framework website available at https://www.dataprivacyframework.gov/.
8.2. Redressal Mechanisms.
If you have a question or complaint related to participation by Check Point US in the DPF Frameworks, we encourage you to contact us. For any complaints related to the DPF Frameworks that Check Point US cannot resolve directly, we have chosen to cooperate with the relevant EU Data Protection Authority, or a panel established by the European data protection authorities, for resolving disputes with EU individuals, the UK Information Commissioner (for UK individuals), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) for resolving disputes with Swiss individuals. Please contact us if you’d like us to direct you to your data protection authority contacts. As further explained in the DPF Principles, binding arbitration is available to address residual complaints not resolved by other means. Check Point US is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
8.3. Onward Transfers.
Check Point US remains responsible for the processing of Personal Information it receives and subsequently transfers to a third party acting on our behalf, in accordance with the DPF Principles. Check Point US will remain liable under the DPF Principles if such third-party processes such Personal Information in a manner inconsistent with the DPF Principles (subject to the limits and exclusions of liability), unless we prove that we are not responsible for the event giving rise to the damage.
8.4. Additional Rights Under the DPF Principles.
Check Point US acknowledges the right of EU, EEA, U.K. (and Gibraltar), and Swiss individuals to request access to their data while it is in the U.S. and to correct, amend, and supplement inaccurate or incomplete data. Said individuals also have the right to request erasure of personal information that has been handled in violation of the DPF Principles.
In addition to the rights granted to you under applicable laws as set out under section 7 above, and to the extent applicable, under the DPF Principles you also have the Right to Opt-Out of Check Point US’s disclosure of Personal Information to certain third parties and from the collection of Sensitive Personal Information (i.e., personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual), although no Sensitive Personal Information is expected to be collected by Check Point.
Accordingly, individuals to which those rights are applicable, may contact us here and request: (i) To opt-out of the disclosure of relevant Personal Information to third parties; (ii) To opt-out of our processing of Personal Information for materially different purposes from those which it was originally collected for.
Please note that these rights are not absolute and may be subject to regulatory requirements or other law enforcement order.
9.1. We have extensive controls in place to maintain the security of our information and information systems. Files are protected with safeguards according to the sensitivity of the relevant information. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorized employees. In addition, our Incident Response Team plays a critical role in our commitment to safeguard your information, as they are responsible for promptly and effectively responding to data security threats. If you have a suspicion of any data breach, security incident or if you wish to report a vulnerability, please contact our team here.
9.2 As a condition of employment, Check Point employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive Personal Data is limited to those employees who need it to perform their roles. Unauthorized use or disclosure of confidential information by a Check Point employee is prohibited and may result in disciplinary measures.
9.3 Check Point requires its worldwide employees and contractors that have access to its internal systems to complete annual trainings on data protection and security. Such trainings are aimed to make sure that Check Point’s personnel understand and follow Check Point’s privacy policies and guidelines when handling Personal Data.
9.4 When you contact a Check Point representative, you may be asked for some Personal Data. This type of safeguard is designed to ensure that only you, or someone authorized by you, has access to your file.
9.5. For more information on the security measures taken by Check Point in order to protect your Personal Data, please see our Security Measures Policy.
Our Services may contain links to other websites, products, or services that we do not own or operate (“Third-Party Services”). We are not responsible for the privacy practices, policies, or other content of these Third-Party Services. Please be aware that this Privacy Policy does not apply to your activities on these Third-Party Services or any information you disclose to these Third-Party Services. If you have any questions about how these other sites use your Personal Data, you should contact them directly. We encourage you to read their privacy policies before providing any information to them.
We will retain your information for as long as necessary to achieve the purposes described in this Privacy Policy, unless a longer retention period is required by the applicable laws and regulations. To ensure security and business continuity for the activities outlined in this Privacy Policy, we create backups of certain data, which may be retained beyond the retention period of the original data.
We do not knowingly collect, maintain, or use Personal Data from children under 16 years of age (“Minors”), and no parts of our Services are directed at children. If you learn that a Minor has provided us with Personal Data in violation of this Privacy Policy, please alert us at privacy_inquiries@checkpoint.com.
If you have any questions or concerns about Check Point’s handling of your Personal Data, or about this Policy, please contact our Privacy Officer using the following contact information:
Address: | Check Point Software Technologies Ltd., 5 Shlomo Kaplan Street, Tel Aviv 67897, Israel Attention: Legal Department |
Address in the EU: | Check Point Software Technologies GmbH, Oskar-Messter-Str. 13, 85737, Ismaning Germany |
Adress in the US: | Check Point Software Technologies, Inc. 100 Oracle Parkway, Suite 800 Redwood City CA 94065 |
Email Address: | privacy_inquiries@checkpoint.com |
We are typically able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from our Privacy Officer, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, Check Point’s Data Protection Officer will provide you with the contact information for that regulator.
We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted.
You can view our Data Processing Agreement (DPA) online – Customers; Distributors and Resellers. If you need a signed copy of the DPA, you can download it, send a signed copy to privacy_inquiries@checkpoint.com and we will provide you a countersigned copy.