- Knowledge Base
- Terms & Conditions
- Personal data
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
What personal data does Holm Security process?
Business-related data
Holm Security stores information used for common business purposes (like company name, contact person, contact email, and contact phone). This does not require any specific agreement according to GDPR.
Newsletters
Starting from May 2018, newsletters are only sent to existing customers, who thought default terms and conditions, comply with receiving newsletters. To unsubscribe from the newsletter, please use the unsubscribe link at the bottom of the newsletter.
Encrypted data storage
Data storage for personal data is encrypted.
Location of data
Data for customers within Europe is stored in the EEA region.
Subcontractors
Holm Security has no subcontractors that process end customers' personal data.
Holm Security VMP
The following information describes the personal data processed and stored in relation to each product.
Web Application Scanning
The product Web Application Scanning scans for exposed personal data on websites, like personal IDs. Identified personal data is presented in Security Center and stored in the platform. In the scan policy, there's a possibility to exclude tests related to personal data. If the tests are excluded, no personal data will be processed or stored.
Personal data processed and stored for this product when related tests are active:
- Personal IDs
- Credit card numbers
Phishing & Awareness Training
The product Phishing & Awareness Training requires that personal email addresses be imported to Security Center and stored on the platform. These email addresses are used for simulating email attacks. Personal names can be imported or entered manually into Security Center to be used in the simulations. Personal data processed and stored for this product:
- Name
- Email address
- Simulation and awareness training behavior data and statistics
System & Network Scanning
Scanner Appliance and external scanners (cloud scanners)
No personal data is processed when using the product System & Network Scanning with a Scanner Appliance or external scanners (cloud scanners).
Device Agent
When using the product System & Network Scanning with the software endpoint agent Device Agent, the following personal data will be processed and stored:
- Name
- Email address
- Username
- MAC address
- IP address
Cloud Scanning
The product doesn't process any personal data.
API Scanning
The product doesn't process any personal data.