Trellix logo
Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Gartner Magic Quadrant for Endpoint Protection Platforms
Gartner MQ (Endpoint)

Download the Magic Quadrant report, which evaluates the 19 vendors based on ability to execute and completeness of vision.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Critical Flaws in Widely Used Building Access Control System
Critical Flaws in Widely Used Building Access Control System

At Hardwear.io 2022, Trellix researchers disclosed 8 zero-day vulnerabilities in HID Global Mercury access control panels, allowing them to remotely unlock and lock doors, modify and configure user accounts and subvert detection from management software.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Trellix Introduction Video
Trellix Introduction

A living security platform with a pulse that is always learning and always adapting.

Privacy Policy

Trellix Privacy Notice
Effective Date: March 17, 2022

This Notice provides information about data we collect, use, and share, and our commitment to using the personal data we collect in a respectful fashion.

We (“Supplier,” “our,” “we” or “us”) care deeply about privacy, security, and online safety, all of which are a significant part of our essential mission: to protect users of our Products and Services (“you” and “your”) from the risks of theft, disruption, and unauthorized access to their online information and activities. This Privacy Notice (“Notice”) is designed to inform you about how we collect, use, and share your personal data through our website (our “Site”), our software, our appliances, our partners, Supplier products, services, support, tools, and web-based and mobile applications (collectively, the “Products and Services”) or when you interact with us.

When you access or use our Products and Services, you acknowledge that you have read this Notice and understand its contents. Your use of our Products and Services and the Site and any dispute over privacy is subject to this Notice, any applicable Terms of Service (including any applicable limitations on damages and the resolution of disputes), Data Processing Agreement, End User License Agreement and Cloud Services Agreement.

As we grow, our business changes, and we may update this Notice at any time we deem appropriate to reflect those changes. If there are any material changes to this Privacy Notice, we will notify you by email, in-product notification, or as otherwise required by applicable law. It is important that you check to make sure that you have reviewed the most current version of this Notice.

This Notice applies to all users of our Products and Services across the world. Some users, including residents of the European Economic Area, may have additional rights depending on where they are located, which are described in this Notice.

What Kinds of Information Do We Collect?

In order to provide our Products and Services, we collect information. Some information you provide directly to us, some we collect automatically through our Products and Services, and some is collected from third parties. In this Notice, “Personal Data” refers to data that can be used, alone or in combination with other data that we have, to identify you as an individual.

We collect information you provide to us. For example, we collect information when you purchase Products and Services, create an account, fill out a form, participate in a contest or promotion, request customer service, or otherwise communicate with us.

Personal Data you may provide includes:

  • Contact information (such as name, email address, mailing address, and phone number);
  • Payment information (including payment card numbers and associated identifiers, billing address, and bank account information); and
  • Account log-in credentials (which for some Products and Services may include social network credentials).

We may also collect other information from or about you, such as information about what products you purchased, your interests, demographic information, photographs and videos, and biometric data such as fingerprints or voice prints, or other data that you may provide.

We may collect information about your interactions with the Products and Services as well as devices on which the Products and Services are installed. In some cases, we automatically collect information about other devices connected to the same network as the device on which the Products and Services are installed.

For example, we may collect and use the following:

  • Information about the Products and Services you looked at or searched for and the Products and Services you used, including time spent and other statistical information;
  • Information collected through our Products and Services and through other methods of web analysis about your computers, devices, applications, and networks, including internet protocol (IP) address, cookie identifiers, mobile carrier, Bluetooth device IDs, mobile device ID, mobile advertising identifiers, MAC address, IMEI, Advertiser IDs, and other device identifiers that are automatically assigned to your computer or device when you access the Internet, browser type and language, language preferences, battery level, on/off status, geo-location information, hardware type, operating system, Internet service provider, pages that you visit before and after using the Products and Services, the date and time of your visit, the amount of time you spend on each page, information about the links you click and pages you view within the Products and Services, and other actions taken through use of the Products and Services such as preferences;
  • When you use our Products and Services to protect your mobile device, we may collect geolocation data of the device on which the product is installed; and
  • Details about your internet, app, or network usage (including URLs or domain names of websites you visit, information about the applications installed on your device, or traffic data); and performance information, crash logs, and other aggregate or statistical information.

In order to provide you our Products and Services, which include the ability to detect and evaluate malware and spam, we may scan, collect, and store data from your files, including emails, attachments, email addresses, metadata, and URLs and traffic data.

We collect this information through our Products and Services and through technologies such as cookies, web beacons or web bugs, and clear GIFs. Please see our Cookie Notice for more information about the cookies and similar technologies that we use and the choices available to you.

We do not limit the ways in which we might use or share non-Personal data because such non-personal information does not identify you.

Information We Collect from Third Parties

We may receive information about you from other sources and combine that information with the information we collect directly. Examples of information we may receive from other sources include updated delivery or payment information used to correct our records; purchase or redemption information; and customer support and enrollment information.

Location Information

Certain Products and Services may request permission to access your location. Where you grant this permission, we will collect information about your location using GPS, wireless, or Bluetooth technology. You can control access to precise location information through your mobile device settings. We also may look up your IP address to determine your general location.

How Do We Use the Information We Collect?

To Help Protect You
When you install or use one of our Products and Services, it will run in the background of your device or environment to help predict threats and better protect you, your devices, and your information. For example, we may use information to:

  • Analyze data sent to/from your device(s) to isolate and identify threats, vulnerabilities, viruses, suspicious activity, spam, and attacks, and communicate with you about potential threats;
  • Participate in threat intelligence networks, conduct research, and adapt Products and Services to help respond to new threats;
  • Encrypt data, lockdown a device, or back-up or recover data;
  • Check for Product and Service updates and create performance reports on our Products and Services, to ensure they are performing properly; and
  • Look for misuses of your data when you use our identity monitoring products.

To Run Our Business
We also use the information we collect for other business purposes, including to:

  • Authenticate your identity and prevent fraud with your biometric data;
  • Analyze your behavior to measure, customize, and improve our Site and Products and Services, including developing new security technologies, databases, products, and services;
  • Notify you of Supplier Products and Services that we think may be of interest to you;
  • Perform transactions, accounting, auditing, license management, billing, reconciliation, and payments, and collection activities;
  • Provide customer support, troubleshoot issues, manage subscriptions, and respond to requests, questions, and comments;
  • Promote and administer special events, programs, surveys, contests, sweepstakes, and other offers and promotions;
  • Conduct market, trend and consumer research and analyses;
  • Administer posting on our blogs, forums, and other public communications;
  • Prevent, detect, identify, investigate, and respond to potential or actual claims, liabilities, prohibited behavior, and criminal activity;
  • Comply with and enforce legal rights, requirements, agreements, and policies; and
  • With your consent.

Third-Party Advertising

We work with third-party advertising companies to display or deliver ads to you while you are on our Site or using some Products and Services. These third-party advertisers may collect data about your interaction with the Site to measure the effectiveness of their ads and to personalize advertising content. See our Cookie Notice to learn more about how we and our advertising partners use tracking technologies like cookies and the choices available to you. As explained below, you can opt out of having your information shared with third parties for those parties' direct marketing purposes by clicking on the unsubscribe link in the email, or click here for our company’s marketing communications page.

Other Uses
We may use Personal Data for which we have a legitimate interest, such as direct marketing, individual or market research, anti-fraud protection, or any other purpose disclosed to you at the time you provide Personal Data or with your consent.

Who Do We Share Personal Data With?

Generally, we disclose the information we collect to provide the Products and Services, to communicate with you, to advertise or promote our Products and Services, to facilitate changes to or transfers of our business, as required by law, or with your consent.

We may share Personal Information in the following ways:

  • With current and future members of our family of companies for the purposes described in this Notice;
  • With service providers who perform services for us (see the list of our sub-processors);
  • If we believe disclosure is necessary and appropriate to prevent physical, financial, or other harm, injury, or loss, including to protect against fraud or credit risk;
  • To legal, governmental, or judicial authorities as instructed or required by those authorities and applicable laws, or in relation to a legal activity, such as in response to a subpoena or investigation of suspected illicit or illegal activities, or where we believe in good faith that users may be engaged in illicit or illegal activities, or where we are bound by contract or law to enable a customer or business partner to comply with applicable laws;
  • In connection with, or during negotiations for, an acquisition, merger, asset sale, or other similar business transfer that involves all or substantially all our assets or functions where Personal Data is transferred or shared as part of the business assets (provided that such party agrees to use or disclose such Personal Data consistent with this Notice or gains your consent for other uses or disclosures);
  • With your consent or at your direction, such as when you choose to share information or publicly post content and reviews (for example, social media posts);
  • With persons of your choosing and at your discretion, should the product you are subscribed to allow that functionality; and
  • With third parties we may also share deidentified or aggregated data that does not identify you.

How Do We Protect Your Data?

We use administrative, organizational, technical, and physical safeguards to protect the Personal Data we collect and process. Our security controls are designed to maintain data confidentiality, integrity, and an appropriate level of availability.

What Choices Do You Have About Your Personal Data?

Accounts
If you register a Supplier Product, you can access and correct the Personal Data in your profile through your Product.

If you have not registered a Supplier Product, but one of our Products is installed on your device, you may stop Supplier collection of Personal Data from your device by uninstalling that product.

Some of our Products give you the ability to control Personal Data sent to us. To terminate your account or for support questions, please contact your account or support representative, or refer to the support documentation for your product.

Marketing Communications
To stop receiving marketing communications, click on the unsubscribe link in the email, or click here for our company’s marketing communications page.

If you choose to no longer receive marketing information, we may still need to communicate with you regarding transactional, legal, or administrative topics, such as security updates, product functionality, and service requests.

Individual Rights in Personal Data
In accordance with applicable law, you may have the right to: (i) request confirmation of whether we are processing your Personal Data; (ii) obtain access to or a copy of your Personal Data; (iii) receive a portable copy of your Personal Data, or ask us to send that information to another organization (the “right of data portability”); (iv) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Data; (v) restrict our processing of your Personal Data; (vi) object to our processing of your Personal Data; and (vii) request erasure of Personal Data held about you by us, subject to certain exceptions prescribed by law.

If you would like to exercise any of these rights, please visit our Individual Data Request Form or contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we may take steps to verify your identity before fulfilling your request. For some requests and where permitted by law, an administrative fee may be charged. We will advise you of any applicable fee prior to performing your request.

How Long Do We Retain Collected Personal Data?

We will keep your Personal Data for the minimum period necessary for the purposes set out in this Notice, namely (i) for as long as you are a registered subscriber or user of our products or (ii) for as long as your Personal Data are necessary in connection with the lawful purposes set out in this Notice, for which we have a valid legal basis or (iii) for as long as is reasonably necessary for business purposes related to provision of the Products and Services, such as internal reporting and reconciliation purposes, warranties or to provide you with feedback or information you might request. Where required by law, we will delete your biometric data within three years of your last interaction with the Products and Services.

In addition, if any relevant legal claims are brought, we may continue to process your Personal Data for such additional periods as are necessary in connection with that claim.

Once the abovementioned periods, each to the extent applicable, have concluded, we will either permanently delete, destroy, or de-identify the relevant Personal Data so that it can no longer reasonably be tied to you.

Data Transfers
Our company is headquartered in the United States, and we have operations, entities, and service providers in the United States and throughout the world. As such, we and our service providers may transfer your Personal Data to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your Personal Data receives an adequate level of protection in the jurisdictions in which we process it.

Residents of the European Economic Area

If you are in the European Economic Area (EEA), the following additional disclosures apply.

Data Controller
Where you purchase a Supplier Products and Services, we act as the Controller of your Personal Data.

Legal Basis for Processing
When we process your Personal Data, we will only do so in the following situations:

  • To perform our rights and responsibilities under our contract with you (including without limitation to process payments and provide Products and Services;
  • Where we have a legitimate interest in processing your Personal Data, including without limitation to provide, secure, and improve our Products and Services, in communicating with you about changes to our Products and Services, and in informing you about new products or services;
  • We have your consent to do so; and
  • To comply with our legal obligations.

EEA Data Transfers
We transfer Personal Data to countries outside of the EEA or Switzerland through a series of intercompany agreements based on the Standard Contractual Clauses in accordance with EU law and applicable EU regulations.

Individual Rights Requests and Withdraw Consent
You may submit a request to exercise your rights in Personal Data using the mechanisms explained under “What Choices Do You Have About Your Personal Data?” above. If you initially consented to our processing of your Personal Data, you may withdraw your consent using those mechanisms or by contacting us using the contact information below.

Enterprise Product Customer End Users
Individual natural persons typically access the Supplier products and services through a business entity/ employer that has purchased the product or service. In these instances, the Supplier acts as a data processor and only processes Personal Data in line with Data Processing Agreement incorporated by reference in End User License Agreement or any other executed agreement. Typically, we limit our processing of Personal Data to the data provided by our customer, who acts as a controller.

Any requests relating to the exercise of individual rights about an end user’s Personal Data in our custody should be made by using the Individual Data Request Form.

Supervisory Authority and Complaints

If you are an EU/EEA Data Subject and have a concern about our practices concerning the processing of Personal Data that we are not able to resolve, you have the right to lodge a complaint with the data protection authority where you reside or in which you work, or in which the alleged infringement occurred, each as applicable, or by contacting the Irish supervisory authority for data protection issues, at https://www.dataprotection.ie/docs/Home/4.htm, or +353 57 868 4800.

Residents of Japan, Argentina, and Canada

If you are a resident of Japan, Argentina, or Canada and you have an inquiry regarding your personal information we hold, including your personal information collected through your use of our products, you may request further information using the Individual Data Request Form.

Residents of California

Your California Privacy Rights - Shine the Light Law
We do not share information that identifies you personally with non-affiliated third parties for their own marketing use without your permission.

California Consumer Privacy Act
If you are a California resident, you may request that we:

  • Disclose to you the following information covering the 12 months preceding your request:
    • the categories and specific pieces of personal information we collected about you (see above) and the categories of personal information we sold (We do not “sell” your Personal Data);
    • the categories of sources from which we collected such personal information (see above);
    • the business or commercial purpose for collecting or selling personal information about you (see above); and
    • the categories of third parties to whom we sold or otherwise disclosed personal information (see above).
  • delete personal information we collected from you (see below); or
  • opt-out of any future sale of personal information about you (see below).

We will respond to your request consistent with applicable law. If you are an authorized agent making an access or deletion request on behalf of a Californian resident, please reach out to us via the inquiry form and indicate that you are an authorized agent. We will provide you with instructions on how to submit a request as an authorized agent on behalf of a Californian resident.

If you are a resident of California, you may submit a request to exercise your rights in Personal Data using the Individual Data Request Form.

We will not deny you goods or services, charge you a different price, or provide a different level or quality of goods or services just because you exercised your rights under the CCPA.

Residents of Nevada

We do not sell information that identifies you personally with non-affiliated third parties. If you would like to make a request that we not sell identifying information about you in the future, you may make a request using the contact information below.

Our Site, and Products and Services may contain links to other websites for your convenience and information. These websites may be operated by companies not affiliated with us. Linked websites may have their own privacy policies or notices, which we you should review when you visit those websites. We are not responsible for the content, privacy practices, or use of any websites that are not affiliated with us.

Contact Us

Click here to contact us regarding this Privacy Notice or other related Privacy issues. If you have any complaints regarding our compliance with this Privacy Policy, please contact us first. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with this Privacy Policy and applicable law.

You can also write to us as follows:

In the U.S. by registered mail:
Musarubra US LLC
Attn: Legal Department –Privacy
6000 Headquarters Drive, Suite 600
Plano, Texas, 75024
or call us at +1 (888) 847-8766


In the European Economic Area by registered post:
Musarubra Ireland Limited
Attn: Legal Department – Privacy
Building 2000, City Gate
Mahon, Cork, Ireland
or call us at +353 21 467 2000

In Japan by registered mail:
Musarubra Japan KK
Attn. Legal Department – Privacy
Shibuya Mark City West
1-12-1 Dogenzaka, Chibuyaku, Tokyo 150-0043

Sub-Processors

Third-Party Services
Effective Date: March 17, 2022

Name and URL of Website Corporate Location Other Locations Services Provided / Subject Matter Duration
FullStory
https://www.fullstory.com/
United States UK, Australia Web analytics for user interface optimization Duration of the Contract except in case of a legal hold.
ServiceSource International, Inc.
https://www.servicesource.com/
United States Ireland, Bulgaria, UK Sales support Duration of the Contract except in case of a legal hold.
Sutherland Global Services Inc.
https://www.sutherlandglobal.com/
United States UK, India, Bulgaria, Canada, Colombia, Egypt, Jamaica, Malaysia, Philippines, Mexico, Serbia, UAE, Sweden. All EU resident’s personal data is processed locally. Digital transformation and business process services Duration of the Contract except in case of a legal hold.
XO Communications, LLC
https://www.xo.com/
United States None Network services Duration of the Contract except in case of a legal hold.
Zimperium, Inc.
https://www.zimperium.com/
United States None White-labeled mobile threat detection (MTD) solution Duration of the Contract except in case of a legal hold.
McAfee LLC
https://www.mcafee.com/
United States Cybersecurity Services Duration of the Contract except in case of a legal hold.

Hosting and Co-Location

The following companies store and deliver content in association with Our Services.

Name and URL of Website Corporate Location Other Locations Duration
Amazon Web Services, Inc.
https://aws.amazon.com/
United States WW Duration of the Contract except in case of a legal hold.
Amanah Tech
https://www.amanah.com/
Canada None Duration of the Contract except in case of a legal hold.
Atlantic Metro Communications II, Inc
https://www.atlanticmetro.net/
United States None Duration of the Contract except in case of a legal hold.
BrainStorm Network, LLC
http://brainstormnetwork.com/
United States See website Duration of the Contract except in case of a legal hold.
Equinix
http://equinix.com
United States See website Duration of the Contract except in case of a legal hold.
Leaseweb
https://www.leaseweb.com/
Netherlands See website Duration of the Contract except in case of a legal hold.
Microsoft Corporation (Azure)
https://azure.microsoft.com/en-us/
United States See website Duration of the Contract except in case of a legal hold.
SoftLayer (IBM)
https://softlayer.com
United States, Netherlands, Singapore, Japan, Australia, Canada See website Duration of the Contract except in case of a legal hold.
Verizon
https://enterprise.verizon.com/products/network/application-enablement/
United States See website Duration of the Contract except in case of a legal hold.
Oracle Corporation
www.oracle.com/cloud/
United States See website Duration of the Contract except in case of a legal hold.
Hetzner
www.hetzner.com
Germany See website Duration of the Contract except in case of a legal hold.
CoreBackbone
www.core-backbone.com
Germany See website Duration of the Contract except in case of a legal hold.

Mechanism for Receiving Notifications of New Sub-Processors

To receive notifications about new Sub-Processors, subscribe to the Support Notification Service (SNS). On this SNS webpage, click on the Subscription Center URL in the Subscribe to SNS paragraph.

On the Please set a Security Key to continue page, create a 6-character Security Key. Confirm your Security Key and click the Set Key button.

On the Subscriber Information/Your Information Options page, complete your “Subscriber Information”. Under Your Information Options, select a single Product and then “Alerts Only”. Under Special Notices, check Subprocessor/Subcontractor.

Under Subscribe/Update section, click the Subscribe/Update button.

Individual Data Request Form
Effective Date: March 17, 2022

Individual Data Request Form