Privacy FAQs

What personal data does Netskope collect and process about me? Does Netskope use cookies? Is Netskope registered as a data controller with the UK national data protection authority? Does Netskope have a procedure for managing data subject requests? Does Netskope have a team dedicated to privacy and data security? How does Netskope ensure the security of data transfers? Has a Data Privacy Impact Assessment (DPIA) been conducted around the Netskope environment? Does Netskope use Sub-Processors to provide Its services? Is Netskope’s privacy policy aligned with industry standards? How does Netskope secure and protect my personal data? How often are Netskope’s privacy and security policies updated? Does Netskope have a record of processing activities in accordance with GDPR's Article 30? If yes, how often is this reviewed and updated? Is Netskope subject to U.S. surveillance laws, such as FISA Section 702? How does Netskope ensure secure data transfers post-Schrems II? How does Netskope comply with other regulations? Where can I contact for more information?

What personal data does Netskope collect and process about me?

For individuals using the website: Netskope collects and processes personal information when you visit or interact with its website. This includes contact and professional data (such as your name, email, phone number, and organization details) when you register for events, download content, or sign up for updates. Netskope also gathers automatically collected data through cookies and related technologies, such as your IP address, device and browser details, pages viewed, and interaction with website content. Additionally, if you engage with Netskope on social media or community forums, they may collect biographical and community data, including your profile details, posts, and feedback. Netskope uses this data to improve its services, personalize your experience, and provide relevant communications or resources based on your interests.

For customers: Netskope collects personal information to support its services and manage the relationship. This includes contact details such as name, job title, position, location, employer, email address, and phone number; technical data such as user IP address, Active Directory (AD) name, and Organizational Unit mapping (if exposed); and activity data such as user actions within cloud applications (related to data exchange interfaces) and AD names or email aliases of data-sharing parties. The information is used to provide and improve services, tailor user experiences, offer technical support, and ensure security

Netskope collects and processes personal information when you visit or interact with its website. This includes contact and professional data (such as your name, email, phone number, and organization details) when you register for events, download content, or sign up for updates.

Does Netskope use cookies?

Yes, Netskope uses cookies and similar technologies, such as web beacons, to collect information and track user interactions on its website. Cookies are small data files stored on your device that enhance site functionality, monitor usage, and enable personalized experiences. Netskope uses both first-party cookies (set by its website) and third-party cookies (set by external providers) for purposes such as analytics, advertising, and content delivery.

Cookies help Netskope provide core website functions, improve site performance, offer insights into user behavior, and personalize ads and content. Social media cookies are also used to facilitate content sharing and support advertising and analytics. You can adjust your cookie preferences; however, disabling certain cookies may impact site functionality. For more details, please refer to Netskope’s Cookies Policy.

Yes, Netskope uses cookies and similar technologies, such as web beacons, to collect information and track user interactions on its website. Yes, Netskope is GDPR compliant. Yes, Netskope includes GDPR and other relevant privacy regulations in its annual security awareness training program for employees.

Is Netskope registered as a data controller with the UK national data protection authority?

Yes. Netskope’s registered as a data controller with the UK national data protection authority.

Yes. Netskope's registered as a data controller with the UK national data protection authority.

Does Netskope have a procedure for managing data subject requests?

Yes, Netskope has a documented process in place for handling data subject requests. These procedures are detailed on our privacy page, and requests can be directed to [email protected]. For further information, please review Netskope’s Exercise Your Rights section.

Does Netskope have a team dedicated to privacy and data security?

Yes, Netskope has a Privacy and Data Protection Team that includes a dedicated Data Privacy Officer and experienced privacy professionals. This team is committed to ensuring compliance with global privacy laws and collaborates closely with senior management to maintain strong data privacy and security standards.

How does Netskope ensure the security of data transfers?

Netskope secures data transfers by complying with Standard Contractual Clauses, the EU-U.S. and UK Data Privacy Frameworks, and implementing strong encryption and data protection measures. Additionally, Netskope provides customers with a pre-signed Data Processing Agreement (DPA). For any questions regarding the DPA, please contact [email protected].

Has a Data Privacy Impact Assessment (DPIA) been conducted around the Netskope environment?

Netskope has performed its own internal Data Privacy Impact Assessment (DPIA) and Data Transfer Impact Assessment (DTIA); however, the results are not shared with external entities due to confidentiality reasons. Netskope can provide customers with a pre-filled DPIA template in order to assist in completing their own DPIA. Netskope has certified its privacy practices aligned to ISO 27001, ISO 27017, and ISO 27018; and can provide Data Protection Agreements as necessary for GDPR and other privacy regulation compliance. The Netskope Data Processing Agreement (DPA) is available and can be signed by both parties that include Standard Contractual Clauses (SCCs). SCCs have been deemed as an adequate alternative requirement for the transfer of personal information from the EU-U.S. by the ECJ in the ruling.

Yes, Netskope’s privacy practices align with internationally recognized standards, including ISO 27001, ISO 27017, and ISO 27018. Netskope is also certified under the EU-U.S., UK extension, and Swiss-U.S. Data Privacy Framework programs, ensuring its commitment to industry best practices.

Does Netskope use Sub-Processors to provide Its services?

Yes, Netskope engages third-party sub-processors and affiliates to process customer personal data as a by-product of providing its services. To ensure compliance with data protection laws, Netskope requires all sub-processors to sign a Data Processing Agreement (DPA) that outlines strict privacy and security obligations. Netskope also provides customers with a 30-day notice of any changes to its list of sub-processors, which is communicated through support channels. The updated list of sub-processors is available here.

Is Netskope’s privacy policy aligned with industry standards?

How does Netskope secure and protect my personal data?

Netskope secures personal data by implementing industry-standard security measures, including encryption in transit and at rest, robust access controls, regular vulnerability assessments, and compliance with data protection regulations. Netskope’s security architecture is designed to prevent unauthorized access, mitigate risks, and ensure data integrity. The company also conducts continuous monitoring, incident response planning, and employee training to safeguard data effectively.

How often are Netskope’s privacy and security policies updated?

Netskope reviews and updates its privacy and security policies at least annually or whenever there are significant changes to its systems, operations, or applicable regulations. This ensures that the policies remain aligned with evolving industry standards and legal requirements.

Does Netskope have a record of processing activities in accordance with GDPR's Article 30? If yes, how often is this reviewed and updated?

Yes. It is reviewed annually.

Is Netskope subject to U.S. surveillance laws, such as FISA Section 702?

As a U.S.-based company, Netskope complies with all applicable laws, including FISA Section 702. If subpoenaed, Netskope works with legal counsel to evaluate requests and seeks to prevent disclosure whenever possible. Customers are notified of such requests when legally permitted.

How does Netskope ensure secure data transfers post-Schrems II?

Post-Schrems II, Netskope relies on the EU-U.S. Data Privacy Framework, UK extension, and Swiss-U.S. Data Privacy Framework for data transfers. It also incorporates Standard Contractual Clauses in its Data Processing Agreements to ensure compliance with European data protection standards and provide safeguards for cross-border data transfers.

How does Netskope comply with other regulations?

Netskope complies with various global data protection and privacy regulations, including GDPR, and CCPA, by implementing privacy-by-design principles, maintaining transparency, and ensuring lawful processing of personal data. Netskope’s compliance measures include robust security controls, data subject rights management, and adherence to international standards such as ISO certifications. For more information on Netskope’s compliance with other regulations, visit Privacy Across Other Regions section.

Where can I contact for more information?

For more information, you can contact us at [email protected].