<img height="1" width="1" style="display:none;" alt="" src="https://analytics.twitter.com/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0"> <img height="1" width="1" style="display:none;" alt="" src="//t.co/i/adsct?txn_id=nv7vl&amp;p_id=Twitter&amp;tw_sale_amount=0&amp;tw_order_quantity=0">

Protection Against Web App Vulnerabilities


IMMUN.IO Inc. ("Immun.io", “Immunio,” “we,” “us,” or “our”) recognizes the importance of privacy to our clients and users of this website.  This Privacy Policy sets out the manner in which Immun.io collects, uses, discloses and otherwise manages personal information, including with respect to our web application security services as well as on our website, www.immun.io (the “Website”).


Immun.io provides web application security services to its clients.  Immun.io software is embedded into our clients’ web applications to monitor for potential security threats.  For the purposes of performing the web application security services on behalf of our clients, we may collect and use personal information through our clients’ web applications (such as user names and IP addresses) as well as general web application usage information (such as number of live users and suspicious payloads). We do not collect or use personal information through our clients’ web applications for any purposes other than to provide the services our clients request, including to provide support and answer any questions that our clients may have regarding the services.  For details about the way in which individual web applications treat your personal information, please contact the web application operator directly.

We may otherwise collect and use personal information when you:

  • Register:  You do not have to register in order to browse our Website.  However, in order to use our services, you will need to register and provide a name, email address and a password that you select. We use this information to identify who you are, communicate with you, and otherwise administer your use of our services.
  • Make a Purchase:  If you choose to subscribe to Immun.io services, we may collect your payment information such as your name, address, phone number, email address, billing address, and payment card information. This information is used to process and fulfill your order.
  • Job Applications:  If you apply for a job at Immun.io, you may provide us with certain personal information about yourself (such as that contained in a resume, cover letter, or similar employment-related materials).  We use this information for the purpose of processing and responding to your application for current and future career opportunities.
  • Contact Us:  When you contact us with a comment, question or complaint, you may be asked for information that identifies you (such as your name, address and a telephone number) along with additional information we need to help us promptly answer your question or respond to your comment.  We may retain this information to assist you in the future and to improve our customer service, service offerings, and our Website.


We will not disclose, trade, rent, sell or otherwise transfer personal information, without consent, except as otherwise set out herein or, if applicable, in your Licence Agreement with us.  

We may transfer or disclose personal information as follows:

  • Service Provider Arrangements: In connection with our Website or the services we provide to our clients, we may transfer (or otherwise make available) personal information to third parties who provide services on our behalf.  For example, we may use service providers to process payments, host our website and store information on our behalf.  Personal information may be maintained and processed by third party service providers in the US or Canada and may be accessed by the courts, law enforcement and national security authorities as required under the laws of those jurisdictions. Our service providers are given the information they need to perform their designated functions, and we do not authorize them to use or disclose personal information for their own marketing or other purposes. For more information about the way in which our service providers treat personal information, contact us as set out in the “Contact Us” section below.
  • Sale of Business: Immun.io may transfer personal information as an asset in connection with a merger or sale (including transfers made as part of insolvency or bankruptcy proceeding) involving all or part of Immun.io or as part of a corporate reorganization or other change in corporate control.
  • Legal: Immun.io and our Canadian, US and other affiliates and service providers may provide personal information in response to a search warrant or other legally valid inquiry or order, or to an investigative body in the case of a breach of an agreement or contravention of law, or as otherwise required or permitted by applicable Canadian, US or other law.  Where a disclosure of our clients’ information is required by applicable law, we promptly notify our client prior to complying with such requirements (to the extent we are not prohibited from doing so).

We may also disclose personal information where necessary for the establishment, exercise or defence of legal claims and to investigate or prevent actual or suspected loss or harm to persons or property.


Visiting our Website:  We collect the IP (Internet protocol) addresses of all visitors to our Website and other related information such as page requests, browser type, operating system and average time spent on our Website. We use this information to help us understand our Website activity, and to monitor and improve our Website.

Cookies:  Our Website uses a technology called "cookies". A cookie is a tiny element of data that our Website sends to a user’s browser, which may then be stored on the user’s hard drive so that we can recognize the user when they return.  We use cookies to remember your preferences and to authenticate you. You may set your browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies from our Website, you may not be able to take advantage of all of the Website features. 

Third Party Links:  Our Website may contain links to other websites that Immunio does not own or operate. Also, links to our Website may be featured on third party websites on which we advertise. Except as provided herein, we will not provide personal information to these third parties without consent.  We provide links to third party websites as a convenience to the user.  These links are not intended as an endorsement of or referral to the linked websites.  The linked websites have separate and independent privacy statements, notices and terms of use.  We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat personal information.


We understand that data security is a critical issue for our clients and we are committed to safeguarding the personal information in our custody and under our control.

Immun.io has implemented a comprehensive information security program that includes written policies and procedures, and security controls. We have implemented reasonable administrative, technical and physical safeguards in an effort to protect against unauthorized access, use, modification and disclosure of personal information in our custody and control.  


If we receive a request from an individual to access or update personal information we have collected on behalf of a particular client, we will direct that individual to the relevant client. We will assist our clients wherever possible in responding to individual access requests.

If you submit personal information via our Website or otherwise provide us with your personal information, you may request access, updating or correction of your personal information by submitting a written request to our Privacy Officer (see “Contact Us” below).   We may request certain personal information for the purposes of verifying your identity.


This Privacy Policy may be updated periodically to reflect changes to our personal information practices.  The revised Privacy Policy will be posted on the Website. 


Please contact us if:

  • you have any questions or comments about this Privacy Policy;
  • you wish to access, update, and/or correct inaccuracies in your personal information; or
  • you otherwise have a question or complaint about the manner in which we or our service providers treat your personal information.
Last Updated:  April 2016