The depth and scope of NowSecure Platform testing gives customers assurance that their mobile AppSec programs meet the highest industry standard.

Media Announcement
magnifying glass icon

Privacy Policy

View Current Version

NowSecure, Inc. and its subsidiary viaForensics, LLC (together “NowSecure”, or “we”) operate the website including subdomains and online services hosted thereon (“Services”). This Privacy Policy informs you of our policies regarding the collection, use and disclosure of Personal Information (as defined below) when you use our Services and our website.

This Privacy Policy covers NowSecure’s collection and use of information when you access our website and when you use our Services, or when you provide information to us through or regarding support and delivery of the Services.

1. Information We Collect

When you use the website and the Services, NowSecure collects certain information that can be used to contact or identify you including, but not limited to, your email address, name, phone number, postal address, or other information (“Personal Information”). We also collect technical or non-personal information, which independent of your Personal Information cannot identify you.

Personal Information includes:

  • Contact information: When you submit a form to download resources, request information, attend a webinar, respond to a survey, apply to a job opening, or otherwise contact us electronically.
  • Account information: You may register to create an account and provide Personal Information in order to be able to save your profile and the data associated with it.
  • Identity Provider Information: If you authenticate on the Services using an identity provider such as GitHub or Google (the “Identity Provider”), the Identity Provider may send us your registration or profile information on that service and other information that you authorize. This information enables us to authenticate you and improve the Services.

Other information includes:

  • Log and Analytics Data: We may also collect information that your browser sends whenever you visit our Services (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, approximate location, browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages and other statistics.

2. How We Use this Information

We collect Personal Information and other information for these purposes:

  • To deliver, monitor and enhance the Services
  • To identify and communicate with you, respond to your requests/inquiries, provide customer service and fulfill orders
  • To process payments where applicable
  • To control unauthorized use or abuse of the Services, and detect, investigate or prevent activities that may violate our policies or be illegal
  • To analyze trends, administer or optimize the Services, monitor usage or traffic patterns (including to track users’ movements around the Services) and gather demographic information about our user base
  • To market our Services to you, including by sending you newsletters, promotions and special offers or information about new products and services. Your opt-out options for promotional communications are described in Section 8: Your Controls and Choices
  • To deliver advertising, including by managing ads on third party sites and to tailor ads based on your interests and browsing history.

3. Sharing Your Information with Third Parties

We do not sell, trade, share or transfer your personal information to third parties except in the following limited circumstances:

  1. With our parent/subsidiary companies;
  2. With contracted third-party service providers to help us deliver, maintain and improve the Services, or to help us with communications, marketing, advertising, or other usual organization activities, in compliance with our Privacy Policy and appropriate confidentiality and security measures. Third party service providers are provided your Personal Information only to perform specific tasks on our behalf and are obligated not to disclose or use your information for any other purpose.
  3. With legal authorities or our legal advisors when we have a good faith belief that it is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, including as required by the Privacy Shield principles; (b) enforce contractual obligations, including investigation of potential violations thereof, or (c) protect against imminent harm to our rights, property or safety, or that of our users or the public as required or permitted by law;
  4. With organization partners who offer a service to you jointly with us, for example when running a cross-promotion.
  5. In connection with a merger, acquisition, or any form of sale of some or all of our assets; and
  6. With a third party if we have your consent to do so.

We may also share aggregated or anonymized information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information including coarse geolocation, device configurations, and performance metrics related to the use of the Services which we collected through our technology. If we are required under applicable law to treat such information as personal information, then we will only disclose it as described above. Otherwise we may disclose such information for any reason.

4. Use of Cookies, Tracking, Analytics and Behavioral Marketing

We use cookies and other tracking technologies in order to deliver our Services, and also to target our marketing. A cookie is a small text file that is stored in your web browser that allows NowSecure or a third party to recognize you and store small amounts of data. Cookies can either be session cookies, which expire when you close your browser, or persistent cookies, which remain until expiration date or until deleted. Cookies may be delivered directly by NowSecure (first party cookies) or by service providers (third party cookies).

Our Services employ the following types of cookies:

  • Essential Cookies. First party cookies that are necessary to provide the functionality of the Services. Essential cookies help remember your login, settings, and session state information.
  • Functionality Cookies. First party and third party cookies used to remember information you have entered or choices you make, which may not be essential but help tailor the Services to you.
  • Analytics Cookies. First party and third party cookies that track information about how the Services are being used so that we can assess performance and make improvements. They collect information about how visitors use the Services, which site the user came from, the number of each user’s visits, and how long a user stays on the Services.
  • Advertising Cookies. Third party cookies are placed by third party advertising platforms or networks in order to deliver ads, track ad performance, and enable advertising networks to deliver ads that may be relevant to you based upon your activities (this is sometimes called “behavioral” “tracking” or “targeted” advertising). More information about how cookies are used for advertising purposes is explained below in Marketing and Ad Personalization.

NowSecure uses cookies to uniquely identify you, display appropriate content, process your transactions and requests, gather aggregate and statistical information about user activity, track users’ navigation around the Services, and display advertising on third-party sites. These technologies may provide us with personal data, information about devices and networks you utilize to access our Services, and other information regarding your interactions with our Services.

Web beacons. These are tiny graphics (clear GIFs or pixel tags) with a unique identifier, similar in function to cookies. Unlike cookies, beacons are not stored on your computer. We use beacons to track activities of users on the Services, manage content, and to compile statistics about usage. We (and our third party service providers) also use beacons in HTML emails to track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Third-Party Analytics. We use automated devices and applications, such as Google Analytics (more info here) and Optimizely (more info here) to evaluate use of our Services. We use these tools to gather non-personal data about users to help us improve our Services and user experiences. These analytics providers may use cookies and other technologies to perform their services, and may combine the information they collect about you on our Sites with other information they have collected for their own purposes. This Policy does not cover such uses of data by third parties.

Marketing and Ad Personalization. We use advertising platforms to display ads as part of our marketing campaigns. As a result, our ads may be displayed to you on other websites after visiting our site. Our advertising partners use cookies and other technologies to collect information about your activities on our Services and other sites to provide you personalized advertising based upon your interests.

Opting Out of Ad Networks. If you wish to not have cross-site information used for the purpose of serving you personalized ads, you may opt-out of many ad networks by visiting, or if you are located in the European Union, by visiting You will continue to see ads on the sites you visit, but the ad networks from which you have opted out will no longer personalize ads to you based upon your activities on other sites. These opt-out mechanisms are cookie based, so if you delete cookies, block cookies or use another device, your opt-out will no longer be effective. For more information, go to

Do Not Track. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Currently, our systems do not recognize browser “do-not-track” requests. You can use your browser to prevent your computer from accepting cookies, or only block third party cookies, as described in the following section. If you disable cookies, be aware that some features of our Services may not function.

How to Disable Cookies. The “Help” feature on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. If you disable cookies, be aware that some features of our Services may not function. To learn more about how to control cookie settings through your browser:

  • Click here to learn more about the “Private Browsing” setting and managing cookie settings in Firefox.
  • Click here to learn more about “Incognito” and managing cookie settings in Chrome.
  • Click here to learn more about “InPrivate” and managing cookie settings in Internet Explorer.
  • Click here to learn more about “Private Browsing” and managing cookie settings in Safari.

5. Our Service Providers

Google Analytics: We use Google Analytics to collect, monitor and analyze Log and Analytics Data in order to monitor and improve the Services. You can learn more about the privacy practices and policies of Google by visiting their Privacy Policy page:

Marketo: We use Marketo to collect and process contact requests, sign-ups, event registrations and similar online communications. Marketo is registered with Privacy Shield and you can read their privacy policy here:

Intercom: We use Intercom’s service to communicate with and support users, and help understand their usage of the Services. If you register and log in, we provide a limited amount of your information (such as your email address and sign-up date) to Intercom, Inc. (“Intercom”) and utilize Intercom’s system to collect data for analytics purposes when you use the Services. Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit Intercom’s services are governed by Intercom’s terms of use which can be found at If you would like to opt out of having this information collected by or submitted to Intercom, please contact us using the information specified below.

Google: We use Google advertising (Adwords, Doubleclick) for marketing and ad personalization. You can opt out of AdWords personalization here: and review the privacy policy here:

Twitter: We use Twitter to enable social sharing and for marketing and ad personalization. You can opt out of ad personalization as described here: and review the privacy policy here:

AdRoll: We use AdRoll for marketing and personalization. You can opt out of ad personalization via preferences page here: and review the privacy policy here:

LinkedIn: We use LinkedIn for marketing and ad personalization. You can opt out of ad personalization via preferences here: and review the privacy policy here:

6. Privacy Shield Framework

NowSecure complies with the U.S. – E.U. and U.S. – Swiss Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the E.U. or Switzerland to the United States. The Federal Trade Commission (FTC) has jurisdiction over NowSecure’s compliance with the Privacy Shield. To learn more about the Privacy Shield program please visit

If there is any conflict between this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. Our accountability for personal information that we receive under the Privacy Shield and subsequently transfer to a third party is described in the Privacy Shield Principles.

If you have a dispute with us about our adherence to the Privacy Shield Principles, we will seek to resolve it through our internal complaint resolution process, or if necessary through an independent dispute resolution body. NowSecure has selected JAMS as our designated independent arbitrator, which can be contacted here: In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.

All NowSecure employees or contractors who handle personal information from Europe and Switzerland are required to comply with this Statement.

7. Users in the European Economic Area (EEA)

As required by the General Data Privacy Regulation (GDPR) we collect personal data from EU subjects with the following legal basis: (a) with your consent, or (b) for legitimate organization purposes. Individuals in the EEA have the following rights with respect to their personal data, as defined in Chapter 3, Article 18 []:

  • Access. You can ask us whether we are processing your personal data, request information about how we use, protect and share it, and request a copy of the data.
    Rectification. You can ask us to rectify inaccurate information.
  • Erasure. You can ask us to erase your personal data, where (a) it is no longer needed for the purposes for which it was collected, (b) you object to our legitimate interest basis, or (c) you withdraw your consent. There are some circumstances in which we are not required to comply with your erasure request, such as a legal obligation, but we will always respond to erasure requests and comply where we can.
  • Restriction. You can ask us to restrict (i.e. store but not use) your personal data, when (a) its accuracy is contested, to allow us to verify its accuracy, (b) the processing is unlawful, but you do not want it erased, (c) it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise, or defend legal claims, or (d) you have exercised the right to object, and verification of overriding grounds is pending.
  • Objection. You can object to our processing of your personal data based on our ‘legitimate interests’ legal basis, and you can object to the processing of your personal data for direct marketing purposes.
  • Portability. You can ask us to provide your personal data to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another Data Controller, but only where our processing is based on your consent and the processing is carried out by automated means.
  • Withdrawal of Consent. You can withdraw your consent in respect of any processing of personal data which is based upon a consent which you have previously provided.

To exercise any of your rights as an EU subject, contact us as specified in Section 14.

8. Your Controls and Choices

Promotional Email: We may use your Personal Information to contact you with newsletters, marketing and promotional materials and other information that may be of interest to you. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included on such communications or in the Services. (Please note that you may be unable to opt-out of certain service-related communications while you have an active account.)

Blocking Cookies: You can view and receive notifications on cookie activity, and remove or block certain cookies, using the settings in your internet browser (see Section 4 for more information). Be advised that the Services may cease to function properly if you block cookies.

Do Not Track: Do Not Track is a preference you can set in your web browser. Our Services do not change behavior based on a web browser’s Do Not Track signal.

Access Your Data: Individuals may request information on which personal information we have collected by emailing privacy [at] Please allow up to 21 days processing time to respond to your request. Identity verification may be required before we furnish actual personal information.

9. Data Retention

We keep your personal data for as long as reasonably necessary for the purposes set out in Section 2 above. Except as noted below, we will retain your account profile data as necessary for our legitimate organization purposes or to comply with our legal obligations (such as record keeping, accounting, fraud prevention and other organization administrative purposes). Generally we will anonymize or delete personal data from the Services within 180 days after an account is deleted. However, we will maintain certain personal information longer for legitimate purposes including (a) accounting purposes, (b) to be able to defend or raise a claim, (c) direct communications regarding past organization transactions, (d) marketing (where you have not opted-out), and (e) maintaining complete organization records of services rendered. Any data so retained is controlled and protected per this Policy. Where your information is no longer required, we will ensure it is disposed of in a secure manner.

10. Protecting Your Information

The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. Be advised that no system of transmission over the internet, or method of electronic storage is perfectly secure, and we are unable to guarantee the absolute security of any Personal Information we have collected from you.

11. International Transfer

Your information, including Personal Information, may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside United States and choose to provide information to us, be advised that we transfer the information, including Personal Information, to the United States and process it there.

12. Children’s Privacy

Our services are not intended for use by anyone under the age of 13 (“Child” or “Children”). We do not knowingly collect personally identifiable information from Children. If you are a parent or guardian and you learn that your Child has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a Child without verification of parental consent, we take steps to remove that information from our servers.

13. Changes To This Privacy Policy

We may change this policy by posting a new version of this policy on this Website. When we do change the policy, we will also revise the “Last updated” date at the top of this page and may notify you of any material changes or post a message on the Website. Your continued use of this Website and the Services following such changes constitutes your acceptance of the revised policy.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us by email to privacy [at] or by mail to:
ATTN: NowSecure Privacy Officer
141 W. Jackson Blvd. Suite 2502,
Chicago, IL 60604
United States

Effective Date: May 25, 2018

Update History

2018-05-25 — Updated for clarity and to provide more information for EEA/GDPR subjects
2017-12-15 — Updated to revise structure, include new Privacy Shield information (replacing Safe Harbor) and remove references to Sensors.
2014-12-02 — Company name change, added usage and mobile intelligence data info
2014-08-20 — Clarifications, added disclaimer
2014-04-30 — Clarifications and simplified wording
2013-10-01 — Initial Privacy Policy (Public Beta)