Capitalized terms not defined herein shall have the meaning ascribed to them in the associated underlying agreement between you and BitSight Technologies, Inc.
Last Updated: December 16, 2024
By clicking “Submit,” you acknowledge and agree, on behalf of the entity you represent, to the Bitsight Generative AI Feature Terms of Use.
Last Updated: July 7, 2022
By clicking “Continue,” you acknowledge and agree, on behalf of the entity you represent (“Customer”) that you (a) agree to the Bitsight Badge Publishing Terms (“Terms”); (b) that you have the authority to bind the Customer to these Terms, and (c) that this Terms supplement the underlying agreement by and between Customer and BitSight Technologies, Inc. (“Bitsight”), for use of the Bitsight Services, which remains in full force and effect.
Last Updated: August 4, 2023
By clicking “Continue,” you acknowledge and agree, on behalf of the entity you have the authority to represent (“Customer”), that you (a) have requested that Bitsight enhance Customer’s profile within the Bitsight Service to include “cloud infrastructure” information that will be dynamically updated, (b) have requested that BitSight retrieve information from Customer’s cloud service provider instance (“Infrastructure Data”) in order to include it into the Bitsight Services for the purpose of creating, correcting or updating its rated IP addresses or domains, (c) that you have agreed to enable Bitsight to access Infrastructure Data and have all rights, title and consents necessary to provide Bitsight access to the Infrastructure Data, (d) agree that your use of enhanced “cloud infrastructure” features and provision of Infrastructure Data will remain subject to the underlying agreement between Customer and Bitsight, and (e) have the authority to bind the Customer to these additional terms and conditions. In addition to the foregoing, you hereby agree to remove Bitsight access to Customer’s cloud service provider instance if Customer determines it no longer wishes to use the “cloud infrastructure” feature or is no longer accessing the Bitsight products and services. Any continued access to Customer’s Infrastructure Data is in Customer’s sole control and Bitsight will not be liable for any continued access after Customer is no longer accessing the Bitsight products and services or if Customer discontinues use of the “cloud infrastructure” features.
Last Updated: October 24, 2024
By using the Bulk Monitor feature, you acknowledge and agree that you have all consents and permissions necessary to upload the asset data in the CSV file. Data added may only include corporate assets (IPs and Domains) of third party organizations; personal IP addresses and Domain information may not be provided. Bitsight will use the data provided in order to identify matching assets within the Bitsight service. Monitoring the assets will not affect your organization’s ratings. Bitsight does not store or retain the CSV file or its contents, which will be deleted once the asset matching process has been completed.
Last Updated April 9, 2020
Dark Web communications are mentions of organizations in selected mediums by potential threat actors. Bitsight cannot confirm the identities of the comment authors, and does not represent that such statements constitute actual intent to do harm. By clicking "Continue", (i) you acknowledge that Bitsight is not responsible for the contents of such messages and will have no liability to you or any third party with respect to such information and (ii) agree that the information is made available to you solely for your internal business purposes related to third-party risk assessment of actual and potential business partners, benchmarking of your own risk assessment and, to the extent you are an insurance carrier, reinsurer or broker, identifying and measuring risk associated with underwriting cyber liability, and any other restrictions on use set forth in any other agreement you have with us. If the communications include personal data of your employees, please ensure you notify them regarding the fact that this data is being shared by threat actors.
Last Updated: May 17, 2023
By clicking “Continue,” you acknowledge and agree, on behalf of the entity you represent (“Customer”): (a) that you have requested that Bitsight enable you to download “exposed credentials” information relating to the Customer that Bitsight obtained from a third party in response to your request; (b) that the Customer agrees to the terms of the Bitsight Third Party Data Access Agreement – Exposed Credentials; and (c) that you have the authority to bind the Customer to this agreement.
Last Updated: April 30, 2020
You, as an authorized representative of the entity owning this Bitsight account/portal (the “Company”), agree on the Company’s behalf that Company (1) will only will request access to the IP or other data of third parties (the “Third Party Forensic Data”) where it has some sort of permission to access this information from the applicable monitored entities (which could include express consent or the right to assess or audit these vendors) or agreement to cooperate with on-going monitoring and oversight or diligence, (2) will keep the Third Party Forensic Data confidential pursuant to the terms of the subscription agreement it has in place with Bitsight (although it may use the data to reach out to the particular rated entity with questions and to assist it or as part of a diligence exercise), (3) will only use the information for security purposes (and under no circumstances to compromise the security of a third party) or for diligence purposes, (4) has a program in place where it can use the Third Party Forensic Data to protect itself or is using it as part of a diligence exercise, and (5) will delete the Third Party Forensic Data and update its access rights to such data (either via tools made available to you in the Bitsight portal or email notification to [email protected]) if it no longer has the rights described in (1) above. Company acknowledges that Bitsight may stop providing the Third Party Forensic Data at any time (in bulk or on any individual entity) and may, in its sole discretion, notify rated entities that it has provided this information to Company and allow the applicable third party to object (and if they object, Bitsight will no longer provide access to that data).
Last Updated: July 9, 2024
BitSight Technologies, Inc. (“Bitsight”) Trust Management Hub ("TMH") Free Access Additional Terms and Conditions (“Additional Terms”)
By clicking “Continue,” you acknowledge and agree, on behalf of the entity you have the authority to represent and bind (“Company”), that: (i) Company will be given access to the TMH service and as part of that access will receive a number of "Connections" designated by Bitsight, which will allow Company to share its cybersecurity risk profile with its current and prospective client network; (ii) Company will have the opportunity to upload questionnaires, security/compliance documents, and other non-public information with its current and prospective clients; (iii) Company is responsible for providing all information reasonably necessary to complete Connections and warrants it has all legal rights necessary to upload the information including the business contact information of third parties to enable direct Connections within the TMH service; (iv) Company acknowledges that the products and services provided are not intended to process sensitive or special categories of personal data, including but not limited to, personal health information or social security numbers, and Company agrees it will not provide or upload such information into the products and services; (v) Company agrees that Bitsight may aggregate and/or anonymize the information added to the TMH service for research and product improvement and, to the extent it is aggregated and/or anonymized, such information may be used for external use (e.g., overall industry benchmarking); (vi) Company hereby grants to Bitsight a nonexclusive license right to store, host and display its information within the TMH service in order for Bitsight to share with users via Customer established Connections; (vii) Bitsight may remove free access to the TMH service at any time without notice; and (viii) as a condition of use Company agrees to these Additional Terms, which shall govern its use along with its underlying agreement with Bitsight for use of the Bitsight products and services.
Last Updated: May 29, 2020
By clicking “Accept Terms” below or uploading IP addresses into the Bitsight portal as part of the "Work From Home - Remote Office" product, you represent, warrant and covenant that: (1) you will only provide IP addresses (the "Home Office IP Addresses") where you have complied with applicable data protection laws, including ensuring (a) you have a legal basis to provide us, and enable us to process, the Home Office IP Addresses data to provide the service (including the Insights Service described below), and (b) you have notified your employees, contractors or other individuals to whom the Home Office IP Addresses relate that you will be processing their IP addresses and other data, including by using Bitsight as a data processor for security monitoring and risk assessment purposes, and that Bitsight will aggregate and anonymize their data and use it to provide the Insights Service, for security trends, benchmarking or marketing data and to improve our products and services as a controller on the basis set out in our Privacy Policy, (2) you will only use the information for security and risk purposes, and (3) you have full right, power and authority to enter into and perform this agreement on behalf of your company.
Bitsight will delete the Home Office IP Addresses 60 days after you last use them in connection with the service, but may continue to use any aggregated, non-identifiable analytical data to provide you and others with insights and analysis (the “Insight Service”) for internal use, for security trends, benchmarking and marketing purposes, which may be shared publicly and with customers and other third parties, unless you opt out of the Insight Service (in which case you will no longer have access to these features). Please see our WFH Privacy Notice for further details on how to opt-out of the Insights Service and for more information of our data processing practices.