Last updated March 5, 2025
Welcome to the website(s) of Sublime Security, Inc. (“Sublime”, “Company”, “we”, “us” and/or “our”), which includes: https://sublime.security, https://sublimesecurity.com, and any other web properties maintained by Sublime (collectively, the "Site").
If you are unable to access this Policy due to a disability or impairment, please contact us using the contact details in the Contact Sublime Section and we will arrange to supply you with the information you need in an alternative format that you can access. You can also access a printable version of this Policy here.
This Privacy Policy ("Policy") sets forth Sublime’s practices with respect to information including "personal data", "personal information", and "personally identifiable information" as these terms are defined under applicable data protection laws (“Personal Data”), that is collected, used and shared by Sublime in the usual course of business, including when you:
For clarity, our Services are intended for use by our business customers. As a result, for much of the Personal Data we process through the Services, we act as a processor or service provider on behalf of our business customers. For more information, see Section 2 below.
"You" may, depending on the context, be a visitor to our Site or social media pages; a recipient of our communications or online advertisements; a job applicant; or a Service User.
We may provide additional "just-in-time" disclosures or additional information about our data processing practices. These notices may supplement this Policy or clarify Sublime's privacy practices in the circumstances described or may provide you with additional choices about how Sublime processes your Personal Data.
This Policy does not apply to any third-party websites, services or applications, even if they are accessible through or are necessary for the use of our Services.
When you access or use our Services or engage with our Marketing Activities, you acknowledge that you have read this Policy and understand its content. Your use of our Services and interaction through our Marketing Activities and any dispute over privacy is subject to this Policy and the Terms of Service located at sublime.security/terms, or any other applicable service terms (including any applicable limitations on damages and the resolution of disputes).
We recommend that you read this Policy in full to ensure you are fully informed. However, to make it easier for you to review those parts of this Policy which apply to you, we have divided up the document into the following sections:
2. Information We Process on Behalf of our Customers
3. The Personal Data We Collect
4. Our Use of Your Personal Data and Our Legal Basis for Processing
5. Our Disclosure of Your Personal Data
6. Social Media and Technology Integrations
7. Cookie Policy and other Tracking Technologies
8. Security
9. Retention
10. Transfers of Your Personal Data
11. Additional Disclosures for U.S. Residents
12. Your Privacy Rights & Choices
14. Links to Third-Party Web Sites
15. Changes to Sublime's Privacy Policy
16. Contact Sublime
Sublime Security is the adaptive, AI-powered cloud email security platform that combines best-in-class effectiveness with unprecedented visibility and control. The open platform allows security teams to have transparency and flexibility in their email environment to spend less time on email-originated incidents. Advanced teams can customize detections, threat hunt, extend Sublime into their SIEM or SOAR, and collaborate with other teams. You can find out more about Sublime and Deploy Sublime Core for free or Sublime Enterprise at https://sublime.security/start.
Subject to Section 2 below, if you are located in the European Economic Area ("EEA"), United Kingdom ("UK") or Switzerland, the controller (or processor where applicable) of your Personal Data that Sublime processes for the purposes described in this Policy is Sublime Security, Inc.
Our Services are intended for use by our business customers. As a result, for much of the Personal Data we process through the Services, we act as a processor or service provider on behalf of our business customers. This means that our business customers control what Personal Data we collect through the Services and how we use it. Where our activities as a processor or service provider are clear and consistent across our customer base, we have described those activities herein in the interests of transparency. However, if you are a Service User, and have privacy related questions or concerns about the privacy practices of or the choices the relevant business customer has made regarding your information via the Services, you should contact the relevant customer (e.g. your employer) directly or review their privacy notices.
We are not responsible for the privacy or data security practices of our business customers, which may differ from those set forth in this Policy.
The Personal Data we collect depends on the context of your interactions with Sublime and the choices you make (including your privacy and browser settings), the Services you use (including whether you self-host the Services or use Sublime’s cloud hosting), your location and applicable law, but can include the following:
Personal Data That You Provide to Sublime: We collect different types of Personal Data that you voluntarily submit through the Site. We collect Personal Data from you when you voluntarily provide such information, such as when you contact us with inquiries, respond to one of our surveys, register for access to the Services or use certain Services. Wherever Sublime collects Personal Data, we make an effort to provide a link to this Privacy Policy.
The Personal Data we collect may include:
If you communicate directly with us, we may collect and maintain an archive of our communications with you (including their content). We may also record or monitor our telephone or other communications with you, to the extent permitted by applicable law.
Providing your Personal Data is optional, but it may be necessary for certain Services, such as in relation to Services account registration and management data. In such cases, if you do not provide your Personal Data, Sublime may not be able to provide you with the requested Services.
Personal Data we collect automatically: When you use or interact with the Services and Marketing Activities, we automatically collect or receive certain information through our Services (for example in log files) and through other technologies (such as cookies) about your device and usage of the Services. In some countries, including countries in the EU and UK, this information is considered Personal Data.
The categories of Personal Data we automatically collect and have collected in the last 12 months include your device's IP address, the domain name of the website from which your device linked to our Services and Marketing Activities, and your browsing habits on and usage of the Services and Marketing Activities through your device:
We use tracking technologies to collect this information, including cookies, web beacons, pixels and clear gifs. For more information, see Cookies and other Tracking Technologies.
Notice to Service Users: We may collect and process Personal Data about individuals at the direction of our customers. Our processing of such data is governed by the terms of our service agreements with our customers (and any applicable data processing agreements), and not this Privacy Policy. We are not responsible for how our customers treat the Personal Data we collect on their behalf, and we recommend you review their separate privacy policies.
Sublime acknowledges that you may have rights in connection with Customer Data. If your information has been processed by Sublime on behalf of a customer and you wish to exercise any rights you have with such Personal Data, please inquire with our customer directly. If you wish to make your request directly to Sublime, please provide the name of the Sublime customer on whose behalf Sublime processed your information. We will refer your request to that customer and will support them to the extent required by applicable law in responding to your request.
Information From Third-Party Services: We may receive information about you from other sources, including through Third-Party services that you may connect to Sublime (such as API integrations) and organizations that supplement information directly provided by you. For example, if you access our Services through a Third-Party application, such as Google Sign-In, we may collect information about you from that Third-Party application that you have made available. Information we collect through integrations and other connected Third-Party services may include your name, email address, logging information, etc. This information allows us to provide you with the Sublime services and to enhance our ability to provide you with information about our business and products.
Information from Other Sources:
We may obtain Personal Data about you from other sources. The categories of other sources from which we collect and have collected Personal Data from in the last 12 months include:
Aggregated Personal Data: In an ongoing effort to better understand and serve our prospects and Service Users, Sublime often conducts research on its customer demographics, interests and behavior based on Personal Data and other information provided to us. As it relates to our Services, we may also use machine learning and performance metrics for the purposes of providing and improving Sublime’s products and services. This information may be compiled and analyzed on an aggregate basis. This aggregate information does not identify you personally. Sublime may also disclose such aggregated information in order to describe and promote our Services to current and prospective business partners, and to other third parties for other lawful purposes.
We may use your Personal Data, and may have done so over the preceding 12 months, for the following purposes and in reliance on the legal bases described in this Privacy Policy or disclosed explicitly to you in our Services or other contracts:
To communicate, including…
To process job applications, including…
To provide and improve our products and services, including…
To fix problems and protect the Services, you, ourselves, other customers and the public generally and to comply with applicable laws, including…
For other legitimate business purposes in reliance on our legitimate interests, such as to update, expand, and analyze our records, identify new customers, data analysis, to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity, developing new products, enhancing, improving or modifying our Services, identifying usage trends, benchmarking, determining the effectiveness of our promotional campaigns, trials and operating and expanding our business activities.
In carrying out these purposes, we combine data we collect from different contexts or that we obtain from third parties to give you a more seamless, consistent, and personalized experience, to make informed business decisions, and for other legitimate purposes.
If Sublime intends on using any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected.
We may use information that does not identify you (including information that has been de-identified) without obligation to you except as prohibited by applicable law. For information on your rights and choices regarding how we use your information, please see Your Privacy Rights and Choices.
Sublime is not in the business of selling your information for monetary consideration. We consider this information to be a vital part of our relationship with you and we only share it where reasonably necessary to provide our services to you or enhance our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you. The types of entities to whom we disclose and have disclosed information within the last 12 months, include:
Affiliates: We may share all categories of your Personal Data with our affiliates for internal business purposes (e.g. for customer support, marketing, or technical operations).
Third-party service providers: Our service providers may process all categories of your Personal Data in connection with their work on our behalf and are contractually prohibited from retaining, using, or disclosing your information for any purpose other than to provide this assistance, although we may permit them to use aggregate information which does not identify you or de-identified data for other commercial purposes. We may also share your Personal Data with our marketing service providers to help us better market our products and services to you. These marketing service providers may use your Personal Data only for the purpose of helping us to provide relevant products and services information to you and are expressly obligated not to disclose your Personal Data to others. If you do not want us to use your Personal Data for these marketing purposes, you can opt out by contacting us at privacy@sublimesecurity.com.
Vendors, Agents, Consultants and Related Third Parties: Sublime, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases, analytics and marketing or advertising services, and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function.
Partners: Sublime may share business contact information, marketing information, troubleshooting and support data with business partners of ours (including referral partners, resellers, and managed service providers), for the purpose of assisting with sales, marketing and support activities.
Merger or acquisition: We may share or transfer all categories of your information in connection with, or during negotiations of, any proposed or actual merger, purchase, sale, change of control, or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.
Legal Requirements: Sublime may disclose any categories your Personal Data if required to do so by law or in the good faith belief that such action is necessary to: (i) comply with a legal obligation or other legal process, and where required, in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (ii) protect and defend the rights or property of Sublime; (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public; or (iv) protect against legal liability.
Consent: To any other person you have consented to us sharing Personal Data.
Without limiting the foregoing, we may share aggregated information which does not identify you or de-identified information with other parties or affiliates except as prohibited by applicable law. For information on your rights and choices regarding how we share your information, please see Your Privacy Rights and Choices.
Our Services and Marketing Activities contain content from and hyperlinks to websites, locations, platforms, and services operated, owned, and maintained by third parties. In addition, we integrate technologies operated or controlled by other parties. For example, we hyperlink from our Site and Services to websites, social media platforms, and other services not operated or controlled by us. These other parties may use tracking technologies to independently collect information about you and may solicit information from you. Also, if you use one of their features, both we and the applicable other party may have access to and use information associated with your use of that feature. If you publicly reference our Site or Services or Marketing Activities on a social network (e.g., by using a hashtag associated with Sublime in a tweet or post), we may use your reference on or in connection with our Services and Marketing Activities.
The information collected and stored by third parties, whether through our Services and Marketing Activities, or another parties' service or device, remains subject to their own policies and practices, including what information they share with us, your rights and choices on their services and devices, and whether they store information in the U.S. or elsewhere. Sublime is not responsible for and makes no representations regarding the privacy practices of third parties. You should carefully read their own privacy policies before providing any information to such parties.
We may, and we may allow third party service providers to, use cookies or other tracking technologies to automatically collect information from your computer or mobile device about your browsing activities over time and across different websites following your use of the Site, your interaction with our Marketing Activities as well as in connection with the Services.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including necessary cookies) you may not be able to access all or parts of the Site. For more information, and to manage how Sublime collects and stores non-essential cookies, please see our Cookie Manager.
In addition, we may use session replay technology to identify and resolve customer issues, to monitor and analyze how you use our Site and Services, and to better understand user behavior and improve our Site and Services. By continuing to use the Site or Services, you consent to the use of session replay technology. If you would like to change your settings with respect to session replay technology, you may do so within our Cookie Manager.
Sublime takes reasonable administrative, physical and electronic measures designed to protect your Personal Data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. Therefore, we cannot guarantee the security of your Personal Data. Please keep this in mind when disclosing any Personal Data to Sublime via the Internet.
We may retain your Personal Data for as long as necessary for the purposes it was collected, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary. We determine the appropriate retention period for Personal Data based on the amount, nature and sensitivity of your Personal Data processed, the potential risk of harm from unauthorized use or disclosure of your Personal Data and whether we can achieve the purposes of the processing through other means, as well as applicable legal requirements (such as applicable statutes of limitation). After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of that data. For further information on applicable data retention periods, please see the section entitled Contact Sublime.
Personal Data we collect may be stored and processed in your region, in the United States, Canada, the United Kingdom or any other country where we or our affiliates, subsidiaries or service providers maintain facilities. We maintain primary data hosting centers in the United States (with additional hosting locations in the EU (Ireland), UK, Canada and Australia). We take steps designed to ensure that the data we collect under this Privacy Policy is processed as described hereunder and according to applicable law wherever the data is located.
By visiting the Site or using the Services, you acknowledge that we may transfer Personal Data from the European Economic Area (EEA), UK and Switzerland (collectively, “Europe”) to other countries that may not have the same level of data protection that applies in your jurisdiction, and you authorize Sublime to transfer, store, and process your Personal Data to and in the United States and other countries. In these cases, we use a variety of legal mechanisms to ensure that the recipient of your Personal Data offers an adequate level of protection, including entering into the standard contractual clauses for the transfer of European data approved by the European Commission, pursuant to the Data Privacy Framework(s) discussed below, or where required, we will ask you for your prior consent.
Data Privacy Framework
Sublime complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF (“UK Extension”), and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (EU-U.S. DPF, UK Extension, and the Swiss-U.S. DPF, collectively, the “DPF” or “Data Privacy Framework”) as set forth by the U.S. Department of Commerce regarding the processing of personal data received from the European Union, the United Kingdom (and Gibraltar), and Switzerland in reliance on the DPF. Sublime has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles, the UK Extension Principles, or the Swiss-U.S. DPF Principles (collectively, “DPF Principles”) as applicable with respect to such personal data. If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view Sublime’s certification, please visit https://www.dataprivacyframework.gov/.
The Federal Trade Commission has jurisdiction over Sublime’s compliance with the DPF. Pursuant to the EU-U.S. DPF, the UK-U.S. DPF and the Swiss-U.S. DPF, EU, UK and Swiss individuals have the right to obtain Sublime’s confirmation of whether we maintain Personal Data relating to them in the U.S. Upon request, Sublime will provide EU, UK and Swiss individuals with access to the Personal Data that Sublime holds about them. EU, UK and Swiss individuals may also correct, amend, or delete Personal Data Sublime holds about them where it is inaccurate, or has been processed in violation of the DPF Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy or where the rights of persons other than the individual would be violated. An EU, UK or Swiss individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the U.S. under the DPF should direct their query to privacy@sublimesecurity.com. If requested to remove data, Sublime will respond within a reasonable timeframe. Sublime will provide EU, UK and Swiss individuals with the choice to opt-out from the sharing of their Personal Data with any third parties (other than our agents or those that act on our behalf or under our instruction), or before Sublime uses it for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized. For more information about rights afforded to EU, UK and Swiss individuals, please see Section B of the Your Privacy Rights & Choices section below. In addition to any other disclosures described in this Privacy Policy, in certain situations, Sublime may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In the context of an onward transfer, Sublime has responsibility for the processing of personal data it receives under the DPF Principles including the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, and subsequently transfers to a third party acting as an agent on its behalf. These responsibilities are described in the DPF Principles. Sublime shall remain liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the DPF Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
Sublime commits to resolve DPF Principles-related complaints about our collection or use of your Personal Data in compliance with the DPF. If you have any questions, complaints and/or other concerns regarding our collection and use of your Personal Data received in reliance on the DPF, please contact us at privacy@sublimesecurity.com. In compliance with the DPF, Sublime will refer unresolved complaints concerning the handling of personal data received in reliance on the DPF to JAMS, an alternative dispute resolution provider based in the U.S. If you are an EU, UK, or Swiss individual and you do not receive timely acknowledgment of your DPF-related complaint from Sublime, or if we have not addressed your DPF-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you. If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms as set forth in Annex 1 of the Data Privacy Framework Principles. You may also lodge a complaint with your local data protection authority, with the Data Protection Authority in Ireland, namely the Data Protection Commission, at dpo@dataprotection.ie, the UK Information Commissioner’s Office (ICO), at https://ico.org.uk/, or Swiss Federal Data Protection and Information Commissioner (FDPIC) at https://www.edoeb.admin.ch/edoeb/en/home.html.
This section describes how Sublime collects, uses and discloses your Personal Data pursuant to the following, and any similar, U.S. state privacy laws:
This section applies only if you live in the US states of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Virginia, Utah or any other US state that has enacted similar privacy laws and only to the extent such laws apply to you and/or Sublime (collectively, “US Privacy Laws”). This section also describes the rights you have with regard to your Personal Data, which apply when these laws take effect in these states. This section does not apply to any of our employees, owners, directors, officers, or contractors.
Since the rules and regulations implementing some of these laws have not yet been finalized, we will continue to update our processes and disclosures as well as this section once these implementing rules and regulations are finalized. Certain terms used herein have the meanings given to them in the respective state privacy laws.
Categories, Sources, and Use of Personal Data we collect:
The categories of Personal Data we collect and the sources from which we collect it are described in detail in the section entitled The Personal Data We Collect. The business and commercial purposes for which we collect this information are described in the section entitled Our Use of Your Personal Data.
In addition, and specifically with respect to job applicants, Sublime may collect Personal Data:
We collect sensitive Personal Data in relation to job applicants for various purposes, including:
As defined by applicable US Privacy Laws, sensitive Personal Data shall be treated as Personal Data, except where it is collected or processed for “the purpose of inferring characteristics about a consumer.” We do not collect or process sensitive Personal Data for the purpose of inferring characteristics about individuals.
Sale or Disclosure of Personal Data
This section only applies where Sublime is acting as a business, and not a service provider, under applicable US Privacy Laws. The categories of third parties to whom we "disclose" your Personal Data, and the categories of information disclosed for a business purpose are described in the section entitled Our Disclosure of Your Personal Data.
When we disclose Personal Data for a Business Purpose, we enter into a contract that describes the purpose and requires the recipient to keep that Personal Data confidential and use it only for the purposes specified in the contract, and not for any other purpose. We share or make your information available, including any Personal Data, in the circumstances described below.
While Sublime does not sell Personal Data in exchange for any monetary consideration, we may share Personal Data for cross-context behavioral advertising purposes and for other benefits as defined by certain US Privacy Laws, such as the CCPA under Cal. Civ. Code 1798.140(ad)(2). Some of our processing activities may also constitute “targeted advertising” as that term is defined under certain US Privacy Laws.
We have shared, in the preceding 12 months, Personal Data as necessary for business purposes, as defined by Cal. Civ. Code 1798.140. This includes sharing personal identifiers, commercial information, and internet or other electronic network activity with customer relationship management, consulting, email, product feedback, helpdesk services, advertising networks and website analytics companies.
We make Personal Data available to the following categories of third parties:
You have a right to direct Sublime not to sell or share your Personal Data. We do not have actual knowledge that we have sold or shared Personal Data of individuals under the age of 16 for targeted advertising or cross-context behavioral advertising purposes.
Sublime provides ways for you to access and delete your Personal Data as well as exercise other rights that give you certain control over your Personal Data.
A. All Users
B. EEA, UK and Switzerland Residents and Visitors
If you are a resident of or visitor from the EEA, UK or Switzerland, where we are acting as a data controller, you may have the following rights with regard to the Personal Data we control about you:
C. US Privacy Rights
Subject to certain limitations (as defined under applicable law), you have the rights listed below with respect to the Personal Data that we collect about you when Sublime is acting as a business under applicable US Privacy Laws.
Right to Know
You have the right to request access to, or a copy of the Personal Data we have collected, used, disclosed and sold about you, including:
You also have a right to know if we have sold or shared your Personal Data for a business purpose and, if so, the categories of Personal Data sold or disclosed and the categories of third parties to whom such information was sold or disclosed, along with the business or commercial purpose for which such information was sold or disclosed.
Right of Access
You may request a copy of the Personal Data we have collected about you.
Right to Delete
You have the right to request that we delete the Personal Data we have collected from you (and direct our service providers to do the same) and retained, subject to certain limitations under applicable law.
Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Data from our records, unless an exception applies.
Right to Correct
You have the right to correct inaccurate Personal Data that we maintain about you. We will take into account the nature of the Personal Data and the purposes for which we process it. We may require documentation from you in order to process your request, including your name, email address, phone number, and request details.
Right to Opt-Out of Sale/Sharing
You may also have the right to opt out of the sale or sharing of your Personal Data. You can request to opt out of such “sale” or "sharing" of your Personal Data by submitting a request to us by sending us an email at privacy@sublimesecurity.com.
If you decide to opt-out, we will stop selling or sharing your information with third parties. However, please note that for example your use of our Website may still be tracked by us and our service providers to perform functions that are necessary for our business such as hosting our Website, ensuring there is no fraud, etc. These entities are contractually obligated to keep this information confidential and will not use it for any purpose other than for the services they provide to our business.
You may change your mind and opt back in at any time by sending us an email at privacy@sublimesecurity.com. We will only use Personal Data provided in an opt-out request to review and comply with the request.
Right to Limit the Use of Sensitive Personal Data
Sublime does not knowingly collect, use or disclose any sensitive personal information, as defined by applicable US Privacy Laws, for the purpose of inferring characteristics about you. Accordingly, submitting a request to limit the use of your sensitive Personal Information is not required.
Right to Not Receive Discriminatory Treatment
You have the right to not receive discriminatory treatment for exercising your US Privacy Laws privacy rights. We do not use the fact that you have exercised or requested to exercise any rights under applicable US Privacy Laws for any purpose other than facilitating a response to your request.
You can contact us with your request through one of the contact methods described under the Contact Sublime section below.
We may ask you to provide information that will enable us to verify your identity in order to comply with your request to exercise your privacy rights. Consumers in some states may also authorize an agent to make requests on their behalf. In particular, if you are a California resident, or if you are an authorized agent wishing to exercise CCPA rights on behalf of someone else, please contact us via email at privacy@sublimesecurity.com. Please include your full name and email address along with why you are writing so that we can process your request in a timely manner. In some instances, we may decline to honor your request if an exception applies under applicable law. We will respond to your request in accordance with the requirements of applicable law.
Please note that if your information has been processed by Sublime on behalf of a customer and you wish to exercise any rights you have with such Personal Data, please inquire with our customer directly. If you wish to make your request directly to Sublime, please provide the name of the Sublime customer on whose behalf Sublime processed your information. We will refer your request to that customer and will support them to the extent required by applicable law in responding to your request.
Please note that to protect your Personal Data, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent (as applicable) have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your Personal Data.
We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Data provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
You may have the right to appeal our decisions made with respect to your request. To appeal our decision on your request, you may contact us through one of the contact methods described under the section titled Contact Sublime. Please enclose a copy of, or otherwise specifically reference, our decision on your request, so that we may adequately address your appeal. We will respond to your appeal in accordance with applicable law.
You may also request information about our practices related to our disclosure of your Personal Data to certain third parties for their direct marketing purposes. You may be able to opt out of our sharing of your Personal Data with unaffiliated third parties for the third parties’ direct marketing purposes in certain circumstances. You can contact us with your request through one of the contact methods described under the section titled Contact Sublime.
California’s Shine the Light law
If you are a California resident, you are entitled once a year, free of charge, to request and obtain certain information regarding our disclosure, if any, of certain categories of Personal Data to third parties for their direct marketing purposes in the preceding calendar year. To request the above information, please email us at privacy@sublimesecurity.com or write to us at 712 H St NE, PMB 14, Washington, DC 20002 with a reference to "CA Disclosure Information" and include your name, street address, city, state, and ZIP code. In your request, please attest to the fact that you are a California resident and provide a current California address. We will reply to valid requests by sending a response to the email address or physical address from which you submitted your request. Please note that Sublime is not required to respond to requests made by means other than through the provided email address or mail address. Please note that not all information sharing is covered by the “Shine the Light” requirements and only information on covered sharing and the relevant details required by the Shine the Light law will be included in our response.
Our Services and Marketing Activities are not intended for users under the age of 16, and Sublime does not knowingly collect Personal Data from children under the age of 16 in a manner that is not permitted by the U.S. Children's Privacy Protection Act ("COPPA") or other applicable laws. If you are under the age of 16, please do not use or submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data without their permission. If you have reason to believe that a child under the age of 16 has provided Personal Data to Sublime through the Services, please contact us at privacy@sublimesecurity.com or send us a letter to the mailing address in the section entitled "Contact Sublime" below.
We do not knowingly "sell" or “share” as those terms are defined under US Privacy Laws, the Personal Data of minors under 16 years old who are U.S. residents.
The Site and Services may contain links to other web sites, resources or services not operated or controlled by Sublime (the “Third Party Sites”). The policies and procedures we described here do not apply to the Third Party Sites. The privacy practices of these websites and services will be governed by their own policies.
We make no representation or warranty as to the privacy policies of any third parties, including the providers of third party applications. If you are submitting information to any such third party through our Sites or Services, you should review and understand that party’s applicable policies, including their privacy policy, before providing your information to the third party. For example, it is possible that your payment information (such as credit card or debit card information) may be collected and stored by third party payment vendors. We suggest contacting those third parties directly for information on their privacy policies or if you have any questions or concerns about their privacy policies and practices.
The Services and our business may change from time to time. As a result, at times it may be necessary for Sublime to make changes to this Privacy Policy. Sublime reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you use our Sites or our Services or engage with our Marketing Activities. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy. We encourage you to review this Policy frequently to be informed of how Sublime is protecting your Personal Data.
Please feel free to contact us if you have any questions or concerns about Sublime’s Privacy Policy or our privacy practices, including if you need to access this Policy in an alternative format, or if you wish to lodge a complaint about our privacy practices.
You may contact us as follows: privacy@sublimesecurity.com, by using the Your Privacy Choices Form, or by registered mail at 712 H St NE, PMB 14, Washington, DC 20002.
Sublime’s GDPR Article 27 local representatives are:
Country: EEA
Osano International Compliance Services Limited
ATTN: 9MW63 Dublin Landings
North Wall Quay
Dublin 1
D01C4E0
Country: United Kingdom
Osano UK Compliance LTD
ATTN: 9MW6
42-46 Fountain Street
Belfast
Antrim
BT1 - 5EF
Experience Sublime’s adaptable email security platform and take control of your email environment today.