PORTSWIGGER LTD ("We") are committed to protecting and respecting
This policy (together with our Licence Agreements and any other documents referred to in them) set out
the basis on which any personal data we collect from you, or that you
provide to us, will be processed by us. Please read the following
carefully to understand our views and practices regarding your personal
data and how we will treat it. By visiting portswigger.net or its
subdomains you are
accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 1998 (the Act), the data
controller is PortSwigger Ltd of 2 Regent Street, Knutsford, WA16 6GR
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information you give us. You may give us information about you
by filling in forms on our site portswigger.net and its subdomains (our site) or by
corresponding with us by phone, e-mail or otherwise. This includes
information you provide when you register to use our site, subscribe
to our service, search for a product, place an order on our site,
participate in discussion boards or other social media functions on
our site or enter a competition, promotion or survey and when you
report a problem with our site or our software. The information you
give us may include your name, address, e-mail address and phone
number, financial and credit card information, personal description
- Information we collect about you. With regard to each of your
visits to our site we may automatically collect the following
- technical information, including the Internet protocol (IP)
address used to connect your computer to the Internet, your login
information, browser type and version, time zone setting, browser
plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform
Resource Locators (URL) clickstream to, through and from our site
(including date and time); products you viewed or searched for; page
response times, download errors, length of visits to certain pages,
page interaction information (such as scrolling, clicks, and
mouse-overs), and methods used to browse away from the page.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
- Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts
entered into between you and us and to provide you with the
information, products and services that you request from us;
- to provide you with information about other goods and services
we offer that are similar to those that you have already purchased
or enquired about;
- to provide you with information about goods or services we
feel may interest you. We will only
contact you by electronic means (e-mail or SMS) with information
about goods and services similar to those which were the subject of
a previous sale or negotiations of a sale to you, or an enquiry from
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most
effective manner for you and for your computer.
- Information we collect about you. We will use this
- to administer our site and for internal operations, including
troubleshooting, data analysis, testing, research, statistical and
- to improve our site to ensure that content is presented in the
most effective manner for you and for your computer;
- to allow you to participate in interactive features of our
service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we
serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users
of our site about goods or services that may interest you or them.
- Information we receive from other sources. We may combine this
information with information you give to us and information we
collect about you. We may use this information and the combined
information for the purposes set out above (depending on the types
of information we receive).
DISCLOSURE OF YOUR INFORMATION
We may share your personal information with any member of our group,
which means our subsidiaries, our ultimate holding company and its
subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
- Business partners and suppliers for the performance of any
contract we enter into with you.
- Analytics and search engine providers that assist us in the
improvement and optimisation of our site.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in
which case we may disclose your personal data to the prospective
seller or buyer of such business or assets.
- If PortSwigger Ltd or substantially all of its assets are
acquired by a third party, in which case personal data held by it
about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data
in order to comply with any legal obligation, or in order to enforce
property, or safety of PortSwigger Ltd, our customers, or others.
This includes exchanging information with other companies and
organisations for the purposes of fraud protection.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you may be transferred to, and stored
at, a destination outside the European Economic Area ("EEA"). It may
also be processed by staff operating outside the EEA who work for us or
for one of our suppliers. Such staff may be engaged in, among other
things, the fulfilment of your order, the processing of your payment
details and the provision of support services. By submitting your
personal data, you agree to this transfer, storing or processing. We
will take all steps reasonably necessary to ensure that your data is
All information you provide to us is stored on our secure servers.
Any payment transactions will be encrypted. Where
we have given you (or where you have chosen) a password which enables
you to access certain parts of our site, you are responsible for keeping
this password confidential. We ask you not to share a password with
Unfortunately, the transmission of information via the internet is
not completely secure. Although we will do our best to protect your
personal data, we cannot guarantee the security of your data transmitted
to our site; any transmission is at your own risk. Once we have received
your information, we will use strict procedures and security features to
try to prevent unauthorised access.
You have the right to ask us not to process your personal data for
marketing purposes. You can exercise the right at
any time by contacting us at firstname.lastname@example.org.
Our site may, from time to time, contain links to and from the
websites of third parties. If you follow a link to any of these
websites, please note that these websites have their own privacy
policies and that we do not accept any responsibility or liability for
these policies. Please check these policies before you submit any
personal data to these websites.
ACCESS TO INFORMATION
The Act gives you the right to access information held about you.
Your right of access can be exercised in accordance with the Act. Any
access request may be subject to a fee of £10 to meet our costs in
providing you with details of the information we hold about you.
posted on this page and, where appropriate, notified to you by e-mail.
Please check back frequently to see any updates or changes to our
welcomed and should be addressed to email@example.com.