Security Control Areas
Our security controls are split into 5 main groups: Privacy, Operating System, Network, Google Chrome, and Adobe. These comprise a comprehensive overview of the most common areas for malicious attacks and weaknesses. More detailed information about specific security controls can be found in the User Manual.
Privacy Checks
Privacy checks involve unauthorized usage or access to your account, particularly in the realm of identification. Our privacy controls check for potential unauthorized access to your computer locally, as well as protecting personal data. Oftentimes, your personal information can be compromised by settings that allow for data collection without your knowledge. By enabling or disabling certain privacy controls, you can retain control over your personal data as well as ensure that your local accounts have sufficient protection.
Privacy security controls:
Location Tracking - P001
WiFi Sense - P002
Camera Access - P003
Control LAN Manager Password Hash - P004
Prevent Password-less Accounts - P005
Operating System Checks
Operating system controls involve Windows settings that affect required access levels as well as other actions to install and run applications. These security controls help regulate who can make system-altering decisions, such as installing and running software. By ensuring that every software installation is reviewed and risk-minimizing procedures are taken, chances of running and installing malicious software decreases drastically.
Operating System checks:
Windows SmartScreen - O001
Windows Installer Privileges - O002
Windows Installer Scripts - O003Windows Remote Management - O004
Data Execution Prevention - O005
Network Security Checks
Network security checks involve Windows settings that affect what connections your computer comes into contact with. By ensuring that you have the proper network security controls set up, you can regulate what external connections your computer comes into contact with, as well as what information is provided to networks. Firewalls are one example of essential network security controls that help you regulate contact with potentially malicious sources.
Network Security checks:
Private Profile - N001
Private Block - N002
Private Outbound Connections - N003
Public Unsolicited Inbound Connections - N004
Security Account Manager Remote Call - N005
Google Chrome Checks
Google Chrome checks involve Chrome browser settings that affect certain characteristics of your browsing experience. Google Chrome controls and browser controls help ensure sites that you browse are safe and are verified, lessening your exposure to malware. Additionally, Google Chrome gathers information about yourself to improve its services, and certain security controls reduces risk of exposing personal and sensitive information.
Google Chrome checks:
Block Outdated Plugins - C001
Chrome Automatic Updates - C002
Disable Firewall Traversal - C003
Enforce Certification Revocation Checks - C004
Disable Network Prediction - C005
Adobe Reader and Acrobat Security Checks
Adobe security checks primarily involve settings that expose you to risk through mediums such as PDFs. While not as well-known, PDFs can and do pose a threat to computers by having PDFs carry malicious attachments or run malicious scripts to damage your computer. By enforcing certain security controls, you can be notified of any suspicious activity performing from files, lessening your risk to unknown or malicious sources.
Adobe checks:
Enhanced Security for Adobe Reader DC (Application) - A001
Enhanced Security for Adobe Reader DC (Web Browser) - A002
Enable Protected Mode - A003
Prevent Adobe Flash - A004
Prevent Attachments - A005
Privacy Policy
Effective on: 2020-09-02
Introduction and Scope
Hoplite Technology Limited ("Hoplite," "we," "us," "our") takes the protection of personal data very seriously. Hoplite Technology is the developer of Anti-Phishing Bot. This Privacy Notice (the "Notice") addresses data subjects whose personal data we may receive in our Anti-Phishing Bot software application (the "Service"). This Notice does not apply to personal data we collect by other means, such as personal data that we receive directly through Hoplite's own publicly accessible website.
What Information does Hoplite Collect?
We receive and store any information you knowingly provide to us. When you create a new Hoplite or Anti-Phishing Bot account, we will solicit your consent to connect your Gmail, Google Suite, Microsoft 365 or Outlook account to your Hoplite APIs, thereby providing us with access to your email headers and meta data. We access and store a subset of data from your Gmail, Google Suite, O365 or Outlook account to provide you with our Services.
Additional Limits on Use of Your Gmail, Google Suite, Microsoft 365 or Outlook User Data: Not withstanding anything else in this Privacy Policy, if you provide the add-ins access to the following types of your Gmail, Google Suite, Microsoft 365 data, the add-in's use of that data will be subject to these additional restrictions:
The App will only use access to read, write, modify, or control Gmail, Google Suite, Microsoft 365 or Outlook message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail, Google Suite, Microsoft 365 or Outlook data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets.
Hoplite acts as an agent, also known as a data processor, for the PII we process for our customers through the Service. This means that Hoplite’s customers determine the type of PII they provide to the Service for Hoplite to process on their behalf. Hoplite generally has no direct relationship with the individuals whose PII it receives from its customers and Hoplite’s customers are responsible for providing notice to the individuals whose PII will be collected and provided to Hoplite.
Purpose of Processing PII
We process PII submitted by our customers for the purposes of providing the Service to our customers, which typically involves our anti-phishing program.
Basis of Processing
Within the scope of this Notice, we process PII based on the documented instructions of our customers.
Data Retention
We delete the PII submitted to us by customers and business partners within 90 days of receiving a request to delete from our customers or the data subject unless applicable law requires a different retention period.
Sharing PII with Third Parties
We share PII with our corporate affiliates and our service providers, who process PII on behalf of Hoplite, and who agree to use the PII only to perform the Services for us or as required by law. Our service providers include businesses that provide:
internet hosting and infrastructure services;
office management services; cloud storage services; and customer service software.
Our service providers may be located within or outside of the United States; however, we will require that those third parties maintain at least the same level of confidentiality that we maintain for such PII.
Other Disclosure of PII
We may also disclose PII: to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, provided that in such instances we may not be able to ensure that such recipients of your PII will maintain the privacy or security of your PII;
if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change; or to our subsidiaries or affiliates only if necessary for business and operational purposes.
We use and may transfer, sell, and share aggregated, anonymous data, which does not include any PII, about our Service for any legal business purpose, such as analyzing usage trends and seeking compatible business opportunities.
Cookies
A “cookie” is a small file stored on your device that contains information about your device. We may use cookies to provide Service functionality, authentication (session management), usage analytics (web analytics), and generally improve our websites and Services.
We use session and persistent cookies. Session cookies are deleted when you close your browser. Persistent cookies may remain even after you close your browser, but always have an expiration date. Most of the cookies placed on your device through our Services are first-party cookies, since they are placed directly by us. Other parties, such as Microsoft, may also set their own (third-party) cookies through our Services. Please refer to the policies of these third parties to learn more about the way in which they collect and process information about you.
Data Integrity & Security
Hoplite has implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect PII from unauthorized processing such as unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure.
Access, Review & Deletion
If we store PII about you, you may have a right to request access to, and the opportunity to update, correct, or delete, such PII. You may also have the right to opt out of having your PII shared with third parties and to revoke your consent that you have previously provided for your PII to be shared with third parties, except as required by law. You also have the right to opt out if your PII is used for any purpose that is materially different from, but nevertheless compatible with the purpose(s) for which it was originally collected or subsequently authorized by you. Requests should be sent to the Hoplite customer who provided your PII to Hoplite, or to Hoplite directly at privacy@hoplite-tech.com. Hoplite has limited rights to access PII our customers submit to our Service. Therefore, if you contact us with such a request, please provide the name of the Hoplite customer who submitted your PII to our Service. We will forward your request to that customer and provide assistance to our customers, as needed, as they respond to your request.
Inquiries or Complaints
In compliance with the Privacy Shield Principles, Hoplite commits to resolve complaints about our collection or use of personal data. For inquiries or complaints regarding our Privacy Shield policy, you may contact us by emailing security@hoplite-tech.com. Hoplite representatives will respond within 24 days.
Regulatory Oversight
Hoplite Technology Limited is subject to the investigatory and enforcement powers of the Hong Kong SAR Law.
Changes to this Notice
If we make any material change to this Notice, we will post the revised Notice to this web page and update the "Effective" date above to reflect the date on which the new Notice became effective.
Contact Us
If you have any questions about this Notice or our processing of your PII, please write to our privacy contact at privacy@hoplite-tech.com or by postal mail at:
Hoplite Technology Limited.
Unit 538 , 19W , Hong Kong Science and Technology Park
Please allow up to four weeks for us to reply.