skip to Main Content

Privacy Policy for Signal Sciences

This Privacy Policy was last updated on January 28, 2021.

Welcome to the web site (the “Site”) of Signal Sciences, LLC (“Signal Sciences”, “we”, “us” and/or “our”). This Site is operated by Signal Sciences and has been created to provide information about our company and our web application defense services (together with the Site, the “Services”) to our Services visitors (“you”, “your”). This Privacy Policy sets forth Signal Sciences’ policy with respect to personal data (“Personal Data”) and other information that is collected from visitors to the Services.

We are committed to protecting your privacy, being transparent about the Personal Data and other information being collected, and exceeding information security standards for protecting that data. With our Services, we have worked to build features that give customers more control over their data, like IP anonymization and data redactions. We also are certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks established by the U.S. Department of Commerce regarding the handling of Personal Data transferred from the European Union and Switzerland to the United States, as discussed more below.

Please feel free to contact us if you have any questions about our Privacy Policy or the information practices of the Services. You may contact us at:

By voluntarily providing us with Personal Data or using our Services, you agree to our use of it in accordance with this Privacy Policy. If you do not agree to this Privacy Policy, please do not access or use the Services.

Information we collect and our use of that information

When you interact with us via the Services, we may collect Personal Data and other information from you, as further described below.

Signal Sciences uses the Personal Data you provide in a manner that is consistent with this Privacy Policy. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. Signal Sciences may also use your Personal Data and other information collected through the Services to help us improve the content and functionality of the Site, and to better understand our users and to improve the Services. Signal Sciences may use this information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to “opt-out” of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing lists, please contact us as indicated above. If we intend on using any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected.


When you interact with us through the Services, we automatically receive and store certain information such as your Internet Protocol (“IP”) address, browser type, referring URL, operating system and information on the time and click behavior of the visitor during a browser session. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. We may store such information on our systems or such information may be included in databases owned and maintained by our agents or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors’ Internet service providers, so that we can better understand usage as well as make improvements. We treat this information as Personal Data if it relates to an identified or identifiable individual and is transferred to us by a visitor to the Site or user of the Services in the EU or Switzerland, as applicable.


If you are a customer or prospective customer (or a representative or employee of one of our customers), we collect Personal Data from you when you voluntarily provide such information, such as name, company name, address, phone number, and email address when you contact us with inquiries, respond to one of our surveys, register for access to the Services or use certain Services, and payment and billing information when you pay for our Services. Wherever we collect Personal Data we provide a link to this Privacy Policy. As noted above, we collect Personal Data principally in order to respond to your questions and requests about the Services and improve your experience with them.


In operating the Site, we and our third-party providers set and use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our Site gives to your browser when you access the Site. Our cookies help provide additional functionality to the Site, help us analyze Site usage more accurately, and deliver targeted advertising. Moreover, on the console website accessible by our customers in relation to their use of the Services, we use analytics cookies (namely, Google Analytics), described below.

We also use pixel tags (usually in combination with cookies), from the third parties described below, to get information about your usage of the Services and your interaction with email or other communications. Pixel tags are a technology similar to cookies that can be embedded in online content or within the body of an email for the purpose of tracking activity on websites (for example, to know when content has been shown to you), or to know when you have viewed particular content or a particular email message.

By choosing to use the Services after having been notified of our use of cookies and other technologies in the ways described in this Privacy Policy, and, in applicable jurisdictions, through notice and unambiguous acknowledgement of your consent, you agree to such use.


The Site uses the following technologies:

  • Strictly Necessary Cookies: Used to provide users with the Services and to use some of their features, such as the ability to log-in and access secure areas. These cookies are served by Signal Sciences and are essential for using the Services. Without these cookies, users will not receive the full intended purposes of our service offerings. Because these cookies are strictly necessary to deliver the Services, you cannot refuse them.
  • Analytics/Performance Cookies: We use “analytics” cookies, described below, that allow us to recognize and track visitors to see how visitors move around our Services when they are using them. This helps us to improve the way our Services work, for example by making sure users are finding what they need easily. The collected data provides us only with traffic statistics (like pages viewed, number of visitors, and time spent on each page).
    • Google Analytics, a web analytics service provided by Google Inc. (“Google”). A Google Analytics cookie is also used on the console website accessible by our customers in relation to their use of the Services. The information collected by Google (including your IP address) will be transmitted to and stored by Google on servers in the United States (Google is certified to the Privacy Shield for data transfers). How long a Google Analytics cookie remains on your computer or device depends on what it is and what it is used for. Some Google Analytics cookies expire at the end of your browser session, whilst others can remain for up to two years. You can prevent your data from being collected by Google Analytics on our Site by downloading and installing the Google Analytics Opt-out Browser Add-on for your current web browser. For more information on Google Analytics privacy practices, read here.
    • Crazy Egg and New Relic.  These cookies track users as they navigate the Site.  These cookies only collect your IP address, which is anonymized and not recorded by us.  For more information about the privacy policies and practices for these providers read here and here.
  • Targeting/Advertising Cookies/Pixel. We use cookies and pixel tags from third parties to serve ads to you based on your visit to our Site, as described below:
    • DoubleClick. Enables Google and its partners to serve ads to you based on your visit to our Site. DoubleClick cookies expiration can range from 2 months to 2 years. Learn more about Google’s privacy practices here. You may opt out of personalized advertising by visiting Google’s Ads Settings here. You can also prevent your data from being collected by DoubleClick on our Site by downloading and installing the DoubleClick Opt-out Browser Add-on for your current web browser.
    • HubSpot. Provides us with information on your use of our Site. We may use this information to enable us to provide you with information which we believe will be of interest to you. Some HubSpot cookies expire at the end of your browser session, while others can remain for up to 13 months (for more details, please read here). Learn more about HubSpot’s privacy practices here and, for more details on the types of cookies used by HubSpot, read here.
    • Bing. We use Bing Ads Universal Event Tracking (UET) tracking cookies which allow us to advertise on third party websites through the Bing Ads Advertising network (an advertising service provided by Microsoft, Inc.). These cookies collect information about your online activities once ads have been clicked, including pages you visited and time spent on each. Some cookies expire at the end of your browser session, while others can remain for up to 2 years. Learn more about Bing’s privacy practices here and details on the Universal Event Tracking here. You can opt out of receiving interest-based advertising from Microsoft as described in the Microsoft’s opt-out page.
    • Yahoo/Gemini.  We use Yahoo/Gemini tracking tags, via a single pixel, to advertise on third party websites.  These tags collect information about your online activities once ads have been clicked, including pages you visited and time spent on each.  You can learn more about these tags here.
  • Social Media Cookies. These cookies are used when you engage with our content on or through a social networking website such as Facebook, Twitter, Quora, or LinkedIn. The social network will record that you have done this.

You can manage cookies in your web browser, including accepting, rejecting, or deleting cookies. On most web browsers, you will find a “help” section on the toolbar that can help in that process. Please also refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of some of the Services features.

Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources at and follow the opt-out instructions there or, if you are located in the European Union, visit the European Interactive Digital Advertising Alliance’s Your Online Choices opt-out tool here. If you want to know more about cookies, some resources to get you started include: or


In an ongoing effort to better understand and serve the users of the Services, we often conduct research on our customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate and anonymous basis, and we may share this aggregate and anonymized data with our agents and business partners. We may also disclose aggregated and anonymized user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.


We collect on behalf of our customers very limited data from users of the Services, primarily IP addresses, which is collected along with usage data, in part, via cookies (“Customer Data”). This data is collected for providing our Services to customers, protecting the systems supporting our Services, ensuring all the necessary functions of the Services are working properly, gathering necessary analytics, and ensuring compliance with our contractual agreements, or as may be required by law. Our use of Customer Data is governed by our contract with the specific customer and the customer’s own privacy policies. Signal Sciences will not review, share, distribute, or reference any such Customer Data except as provided in the Signal Sciences Master Customer Agreement (or other contract documents), or as may be required by law.

Our disclosure of your personal data and other information

Signal Sciences is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below.


As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event (collectively a “Transaction”), Personal Data may be part of the transferred assets.


Signal Sciences, like many businesses, sometimes hires other companies to perform certain business-related functions, such as (i) mailing information, (ii) hosting, cloud service providers and other information technology providers, (iii) processing payments, (iv) web analytics providers, (v) providers of digital advertising services and (vi) providers of CRM, marketing and sales software solutions. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function.


Signal Sciences may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation or respond to lawful requests by public authorities, including to meet national security or law enforcement requirements, (ii) protect and defend the rights or property of Signal Sciences, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

Your choices

You can visit the Site without providing any Personal Data and/or disabling cookies. If you choose not to provide any Personal Data or disable cookies, not all of the functions on the Site may be functional. As noted above, you may “opt out” of marking communications by following the instructions contained in all such communications.
To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the Site or Services.

Please read the General Data Protection Regulation (“GDPR”) section below for information on rights granted by the GDPR to users in the EU (and, to the extent applicable, Switzerland).


This Privacy Policy does not apply to any Personal Data collected by Signal Sciences other than Personal Data collected through the Site or Services. Without prejudice to your rights under the GDPR, this Privacy Policy shall not apply to any unsolicited information you provide to us through the Site, Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Site or Services, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and Signal Sciences shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.


Signal Sciences does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to us through the Services, please contact us, and we will endeavor to delete that information from our databases.

Links to other web sites

This Privacy Policy applies only to the Services. The Services may contain links to other web sites not operated or controlled by Signal Sciences (the “Third Party Sites”). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that Signal Sciences endorses or has reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.


Signal Sciences takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Site or Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to us via the Internet.

Data retention

We will keep your Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer

If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and request that we delete information about you in accordance with our policies.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.

Changes to the privacy policy

The Site, Services and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Privacy Policy. Signal Sciences reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. However, should we make a substantive change, we will notify you by prominently posting notice of the changes on our website. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.

Your California privacy rights

If you are a California resident, please click here to learn more about your privacy rights.

Online Tracking and Do not track

We and our third party service providers may use cookies or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site. Signal Sciences currently does not respond to “Do Not Track” signals and operates as described in this Privacy Policy whether or not a “Do Not Track” signal is received.

The Privacy Shield Program

Signal Sciences is compliant with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks established by the U.S. Department of Commerce regarding the handling of Personal Data transferred from the European Union and Switzerland to the United States. Pursuant to that program, we have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. In the event there is a conflict between the Privacy Shield Principles and this Privacy Policy, the Privacy Shield Principles would control. To learn more about the Privacy Shield program, and to view Signal Sciences’ certification, please visit

We may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer onward to third-party service providers (as described in the “Our Disclosure Of Your Personal Data And Other Information” section above) if they process Personal Data in a manner inconsistent with the Privacy Shield Principles and we are responsible if they do so and for the harm caused.

You have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. You can contact us as described in the “Contact Us” section below. We will respond to your request within a reasonable timeframe. Please see the “General Data Protection Regulation (“GDPR”) section below for more information on the rights of individuals in the EU and, as applicable, Switzerland. When we process Customer Data on behalf of our customers, we will process such requests pursuant to our contract with the applicable customer.

Pursuant to the Privacy Shield Principles, Signal Sciences is dedicated to resolving any concerns or complaints about our collection or use of your Personal Data. Individuals in the EU and Switzerland that have questions or complaints regarding our Privacy Shield policy should start by contacting us at: If your complaint cannot be resolved through our internal processes, please contact our U.S.-based third party dispute resolution provider JAMS (free of charge) at Signal Sciences will cooperate with JAMS pursuant to the JAMS International Mediation Rules, available on the JAMS website at The mediator, or you, also may refer the matter to the U.S. Federal Trade Commission, which has Privacy Shield investigatory and enforcement powers over Signal Sciences.

If your complaint is not resolved through these channels, under certain circumstances, you may be able to invoke binding arbitration before a Privacy Shield Panel to address complaints about Signal Sciences’ compliance with the Privacy Shield Principles. For additional information, please visit:

The General Data Protection Regulation (“GDPR”)


Signal Sciences is the data controller for processing Personal Data provided by our Services visitors, but we act as data processor on behalf of our customers for Customer Data that we process on behalf of customers through the Services. You can find our contact details under the “Contact Us” section below.


We rely on the following legal bases for the processing of Personal Data we collect or process about you:

  • Processing of our customers’ Personal Data for the purpose of fulfilling our customer contract, including accepting payments and providing relevant customer support, is necessary to perform our contract with the applicable customer or, as applicable, to take steps at the request of the data subject before entering into a contract.
  • We process Personal Data as necessary for certain legitimate interests, as follows:
    • To respond to your inquiries and fulfill your requests for products and services;
    • To customize our Services for you. For example, we use information on your use of Services features, including information that we obtain through cookies and other technologies, to better understand your needs and interests in order to personalize your experience with our Services by presenting content or functionalities tailored to your interests;
    • To send administrative information to you, for example, information regarding the Site, and changes to our terms, conditions, and policies;
    • To provide, maintain and improve the content and functionality of the Services. For example, we regularly fix bugs or user experience issues that may be tied to particular user accounts. We use cookies and other technologies to analyze how users interact with our Services and that analysis can help us build better Services;
    • If you ask us to delete your data and we are required to fulfil your request, to keep basic data to identify you and prevent further unwanted processing;
    • To prevent fraud or criminal activity, misuse of our products or services, and ensure the security of our IT systems, architecture and networks; and
    • To comply with legal obligations and legal process and to protect and defend our rights, privacy, safety or property, and/or that of our customers or other third parties.
  • Marketing. We rely on your consent to contact you to tell you about services we believe will be of interest to you. You may opt out of receiving such emails at any time by following the instructions contained in each promotional email we send you. In addition, if at any time you do not wish to receive future marketing communications, please contact us as described below.


Subject to applicable EU law (and, to the extent applicable, Swiss law), you have the following rights in relation to your Personal Data that we hold about you:

  • Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of all Personal Data you are lawfully entitled to receive along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it.
  • Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw your consent, where applicable.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by us by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format.
  • Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:
    • If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing or
    • If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above);
  • Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
  • Right to lodge a complaint with the data protection authority: you have the right to lodge a complaint to the data protection authority that is authorized to hear those concerns if you believe Signal Sciences has not complied with the requirements of the GDPR regarding your Personal Data.

You may exercise your rights by contacting us as indicated under “Contact Us” section below.

Contact Us

Signal Sciences, LLC
600 Corporate Pointe, Suite 1200
Culver City, CA 90230
001 424.319.7257
Data Protection Officer: Lindsey Lowe
001 424.319.7257

Back To Top