> Why do you think it covers the data collected by the agent?
The agent is not the only concern. Before you even get to install the agent, you have to provide personal information to their website (I believe - I don't now, because I rejected the TOS and don't have access to the non-public part of their website).
The thing is - Drata collects mandatory information from their customers employees and contractors trough their website. The TOS for the website is explicit about how they plan to use that information.
> This is correct. The privacy policy listed here is for the website.
Is that the 100% honest answer?
From my understanding, your website is where you collect my mandatory personal information, if I agree with your TOS. It's not just a glossy brochure for your product - it is your product.
I cannot choose what I share with you. But you can choose with whom you share what information I provide. And from your websites TOS, you seem very eager to share it.
illud_tempus|4 years ago
The agent is not the only concern. Before you even get to install the agent, you have to provide personal information to their website (I believe - I don't now, because I rejected the TOS and don't have access to the non-public part of their website).
The thing is - Drata collects mandatory information from their customers employees and contractors trough their website. The TOS for the website is explicit about how they plan to use that information.
neonnomad|4 years ago
Source: I am the Drata CISO
illud_tempus|4 years ago
Is that the 100% honest answer?
From my understanding, your website is where you collect my mandatory personal information, if I agree with your TOS. It's not just a glossy brochure for your product - it is your product.
I cannot choose what I share with you. But you can choose with whom you share what information I provide. And from your websites TOS, you seem very eager to share it.
unknown|4 years ago
[deleted]