Last revised: May 22, 2018
See previous version linked here
pfSense, as a data controller, collects and processes personal data relating to interactions with our websites.
We use your personal data only for the purposes and in the manner set forth below, which describes the steps we take to ensure our processing of your personal data is in compliance with the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) and any implementing legislation (Data Protection Legislation).
PLEASE NOTE THAT YOU HAVE A RIGHT TO OBJECT TO PROCESSING OF YOUR PERSONAL DATA WHERE THAT PROCESSING IS CARRIED OUT FOR OUR LEGITIMATE INTEREST.
Please read the following carefully to understand our use of your personal data:
When you visit or use our Websites in any way, we collect and process different types of information about you:
Marketing and Communications Data includes your preferences in receiving marketing from us and any of our third parties, and your communication preferences.
The provision of your personal data is not a statutory or contractual requirement and you may refuse to disclose same. You can choose not to provide this information; however, you might not be able to gain access to our information, services or products.
Some of our products can be used by our customers to manage and monitor activity on their networks. If you use our products for these purposes it is your responsibility to comply with all applicable laws and your internal policies relating to such monitoring, and providing notices and obtaining any necessary consents from your users.
Our Websites may, from time to time, contain links to third party websites. If you follow a link to any of those third party websites, please note those websites have their own privacy policies and we do not accept any responsibility or liability for those practices. Please check those policies before you submit any personal data to those websites.
Our Websites are not intended for children and we do not knowingly collect data relating to children. If you are under the age of 16, please do not attempt to register with us at our Websites or provide any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 16, we will promptly delete that information. If you believe we have collected personal information from a child under the age of 16, please contact us.
We will only use your personal data for the purposes and legal bases set out in the table below:
|Purpose(s) for Processing||Legal Basis for Processing|
| ||Processing is necessary for the performance of a contract or to enter into such a contract with you.|
| ||Your consent – which you can withdraw at any time.|
| ||The processing is necessary to support our legitimate business interests in managing our business provided such interests are not overridden by your interests and rights. We have carried out a balancing test to ensure that your interests do not override this legitimate business interest of ours. For more information on this balancing test carried out by pfSense please contact us. Please note that you have a right to object to processing of your personal data where that processing is carried on for our legitimate interest. You have the right to object at any time.|
| ||The processing is necessary to comply with legal and regulatory obligations.|
In addition to the purpose for which you submitted your personal data, you may also be given the option (through a check box or otherwise) to have your personal data used for an activity or service different from the primary activity or service that you are requesting.
We may disclose your personal data to any member of our aligned companies from time to time in order to provide you with the services or products requested.
We may disclose your personal data to third parties who provide a service to us, including:
We may also disclose your personal data as follows:
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We have implemented strict internal guidelines to ensure that your privacy is safeguarded at every level of our organization. We will continue to revise policies and implement additional security features as new technologies become available. Where we have given you a password which enables you to access certain parts of our Website, you are responsible for keeping that password confidential. We ask you not to share your password with anyone.
Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website. Any transmission of personal data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access or disclosure.
We store your personal data during the time that you are a customer or end user of pfSense for purposes of providing you the services, and for up to seven years after you cease to be a customer or end-user. If you have never been a customer or registered end-user of pfSense, but have consented to receive marketing inquiries or other information from pfSense, we may store your data for up to two years. We reserve the right to store or delete your personal data earlier or later than set forth herein if required to do so by an applicable law or regulation, including the GDPR and for the exercise or defense of legal claims.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA), for the purposes described above, including to countries such as the United States of America or Russia, which may not provide an adequate level of protection in relation to processing your data. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy and Cookies Policy and the Data Protection Legislation. To the limited extent that it is necessary to transfer your personal data outside of the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such personal data, including European Union Model Clauses under Article 46.2. Please contact us if you wish to obtain information concerning such safeguards (see contact us below).
pfSense is committed to ensuring that you have control of, and visibility to, your personal data. Below is a summary of your rights and additional commitments from pfSense. You may exercise your rights by contacting us.
You can request a copy of the personal data we hold about you.
You have the right to request that we correct any inaccuracies in the personal data we hold about you, and complete any personal data where this is incomplete.
It is your responsibility to ensure that any information you have provided to us is accurate and up to date. If any of the information you have provided to us changes, please login to our system to change user-controlled information. Otherwise send us an email entitled ‘CHANGE OF DETAILS’ to privacy@pfSense.com.
You have the right to request that your personal data be deleted in certain circumstances including:
However, this right does not apply where, for example, the processing is necessary:
You can ask that we restrict your personal data, i.e., keep but not use, where:
We can continue to use your personal data:
Where you have provided personal data to us, you have a right to receive such personal data back in a structured, commonly-used and machine-readable format, and to have those data transmitted to a third-party data controller without hindrance but in each case only where:
You have a right to object to the processing of your personal data in those cases where we are processing your personal data in reliance on our legitimate interests. In such a case we will stop processing your personal data unless we can demonstrate compelling legitimate interests which override your interests and you have a right to request information on the balancing test we have carried out. You also have the right to object where we are processing your personal data for direct marketing purposes.
If you do not want to receive newsletters, announcements, or other communications and/or services from pfSense, please do not opt-in for those communications or services at the time of registration. If you have opted-in and, at a later time, wish to opt-out, please follow the instructions in the communication to opt-out: Along with every email communication sent to you, we provide you the opportunity to discontinue receiving future communications, i.e., unsubscribe. Simply follow the unsubscribe process or directions provided at the bottom of the email.
You have a right not to be subjected to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affects you other than where the decision is:
Where we base a decision solely on automated decision-making, you will always be entitled to have a person review the decision so that you can contest it and put your point of view and circumstances forward.
You have the right to lodge a complaint with the Data Protection Authority, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you are unhappy with how we are processing your personal data.
We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than one month after receipt of your request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request. We may request proof of identification to verify your request. All requests should be addressed to our contact us information.
Cookies are small data files that may be stored in your web browser on your computer, tablet or smartphone (each a “Device”) when you visit a website. Cookies serve a number of purposes like letting you navigate between pages efficiently, remembering your preferences, interests or log in details, and generally improving your experience.
|Categories of Use||Description|
|Preferences, Features, and Services||Cookies can tell us which language you prefer and what your communication preferences are. They can help you fill out forms on pfSense.com more easily. They also provide you with features, insights, and personalized content based on other content you’ve engaged with on the Website.|
|Performance, Analytics, and Research||Cookies help us learn how well our Website performs in different locations, on different devices, and at different times of day.|
|Type||Purpose||Who Provides the Cookie?||Settings and Opt out|
|Optional||Advertising and Social Media||https://twitter.com/personalization|
|Optional||Advertising and Social Media||https://www.linkedin.com/psettings/advertising/actions-that-showed-interest|
|Optional||Advertising and Social Media||https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen|
For instructions on blocking and deleting cookies, see the privacy and help documentation of your specific browser’s website. If you use more Devices and/or browsers you will need to disable cookies on each Device and on each browser separately. Here are the locations of the cookie settings for all major web browsers:
If you limit the ability of our Websites to set cookies, this may prevent you from using certain features of our Websites properly and your user experience – which will no longer be personalized for you – may deteriorate. You may also be able to opt-out from certain cookies through third party cookie management sites. Disabling cookies may prevent you from using certain parts of our Website. If you delete your cookies from the browser, you may need to remember to re-install opt-out cookies.
You can find more information about cookies by visiting the following information websites:
We may place cookies on partner websites to advertise our brands and/or services. These cookies are mainly used to display content tailored to your interests and to evaluate our content (including advertising). Our cookies may also used by third party sites in order to provide advertising that is relevant. This relevance is based on a profile built form your previous visits to our Websites, including the services you have visited.
We belong to ad networks that may use your browsing history across participating websites to show you interest based advertisements on those websites. For example, cookies can be used in the selection of the advertisements that appear on a Google search results page, or at a website in the Google Display Network (that is, ad content might be based on which pages you viewed during past visits to the pfSense Websites). You can set preferences for how Google advertises to you on their Ads Settings page. You can opt out of interest-based advertising by changing cookie settings in your browser or by using a browser plug in. We do not control cookies used by these advertising networks. To learn more about interest based advertisements and your opt out rights and options, the following websites are helpful: