Our Commitment to Privacy

Bromium, Inc. (“we” or “us”) is a US-headquartered company that provides virtualization-based security software and services. We focus on virtualization-based security to protect enterprises from cyberattacks and to eliminate endpoint computer threats like malware, ransomware, spear-phishing and advanced persistent threats.

We are committed to protecting and respecting your privacy. We are therefore providing this privacy policy to explain our practices regarding the collection, use and disclosure of personal information that we receive when you use our website (www.bromium.com) and its subdomains (“Website”), or when you use our products and services (“Services”).

What personal information we collect

We may collect the following types of personal information when you visit or use our Website or Services:

  • Information you provide to us on the Website: In general, you can visit our Website without telling us who you are or revealing any personal information about yourself. However, you may provide us with personal information through our Website, for example, when you make enquiries about our Services through an email link or “Contact Us” link, provide us with your contact information for the purpose of sending you white papers, reports, or access to our events or webinars, and when you sign up to our mailing list. When you communicate with us, we will keep copies of any communications that you send us.
  • Information we collect automatically through the Website: We may also collect certain information through our Website by automated means, such as IP addresses, browser type and operating system, information about your visit including the URL clickstream to, through and from our Website, download errors, number of Website visits, and other page interactions. We collect this information automatically through the use of various technologies such as cookies and web beacons. For further information about the cookies that we use on our Website and how to exercise your cookie preferences, see the “How we use cookies and similar technologies” section further below.
  • Information we collect when you use our Services: As our virtualization solutions are primarily installed on-site at customer premises, most of the personal information processed through our Services will remain on customer infrastructure. However, there are certain cases where personal information may be transferred to Bromium in the course of using the Services:
    • When you make a request for support: when you contact our customer support team, you will provide us with information about your account, your support request and your contact details. In some cases, you may need to send us copies of any affected files, logs, user IDs, navigation histories or other information to enable us to assist you with your request. In such cases, we will only use such information for the purposes of responding to and troubleshooting your support request.   Where you are sending us personal information relating to a third party end-user, you must ensure that you have notified the individual about this and obtained any necessary consents or authorizations to do so.  If you cannot ensure that these requirements are met, please do not provide us with the information.
    • When you use the Bromium Customer Portal: When you user our Customer Portal, you provide us with registration information to set up an account, as well as information about any software, documentation, knowledge base articles, or training programs you download through the portal.
    • When you opt in to send information to Bromium’s Threat Cloud: You can choose, on an opt-in basis, to share certain files and log reports with Bromium about any threats or attack incidents you experience (including untrusted URLs, problem reports, threat summaries, activity/event logs etc.). We will consolidate and analyze such information to provide real time attack visualization and threat intelligence to our customer community.
  • Information we collect when you do business with us: We also collect information from our vendors, suppliers, consultants, professional advisers and other third parties for the purposes of managing and operating our business. For example, we will collect business contact information, financial information and other information necessary to engage our suppliers and other business partners and to evaluate their performance. Also, if you are a customer or potential customer, we will collect information such as names, job titles and contact details for customer relationship and business management purposes.We collect your resume or C.V. when you apply for a job with us.
  • We sometimes obtain information from other sources, such as mergers and acquisitions, data brokers, or commercial lists, and merge this with information we have previously collected.

How we use your personal information

We may use the information we collect above for the following purposes:

  • To provide, operate, optimize and maintain the Website and Services;
  • To administer your use of the Services and to provide customer service and support;
  • To send you communications such as account information, service updates and marketing information;
  • To deal with enquiries through our Website or to provide you with information and access to resources that you have requested from us;
  • To improve the navigation and content of our Website and Services or to analyze use of the Website and Services to expand features and functionality;
  • To analyze the use of our Website and Services for trend monitoring, marketing and advertising purposes;
  • For network security and administration;
  • To create aggregated information which does not identify you personally;
  • To evaluate you as a candidate for employment;
  • To investigate and prevent fraud, spam, malware, identity theft or other unauthorized access to or unlawful activity; and
  • For other legitimate business purposes and any other purposes about which we notify you or obtain your consent.

We use also use data for analytics and measurement to understand how our Services are used. For example, we analyze data about your visits to our websites to do things like optimize product design.  We use a variety of tools to do this, including Google Analytics. When you visit sites that use Google Analytics, we and Google may link information about your activity from that site with activity from other sites that use our Google Analytics services.

How we share personal information with third parties

We may share and disclose personal information that we have collected from you in the following ways:

  • Information we share with our group companies: We may share your personal information with other members of the Bromium group of companies for purposes consistent with this Privacy Policy.
  • Information we share with our service providers: We may also engage certain trusted third-party service providers and vendors to assist us in the provision of the Website and Services, including cloud hosting services and customer relationship management services. We will only share your personal information with third parties to the extent necessary to perform such functions and in accordance with the purposes set out in this privacy policy and applicable laws.
  • Information disclosed in connection with business transfers:  In the event of a corporate sale, merger, reorganization, acquisition, dissolution, financing or other similar event, your personal information may be shared or transferred in connection with, or during negotiations of, such event or transaction.
  • Information disclosed for legal purposes and the protection of others: We may disclose personal information to a third party where we are legally required to do so in order to comply with any applicable laws, regulations, legal process or government requests. We will also disclose personal data to the extent we believe necessary or appropriate: (i) to respond to claims, judicial orders, subpoenas, warrants or other process issued by a court of competent jurisdiction; (ii) to protect the vital interests of any person; (iii) to exercise, establish or defend our legal rights; and (iii) to stop any activity we consider illegal, unethical or legally actionable.

Our security

We will use appropriate security measures to help protect your personal information. These measures include technical, administrative, physical and organizational measures to protect your data from misuse, unauthorized access or disclosure, loss, alteration or destruction. This includes measures consistent with international information security practices such as controlled access to facilities, secure destruction of media, anti-virus and end point protection software, encryption, system monitoring and privacy and security training and awareness programs for our employees.

Please be aware however that no service is completely secure. Although we will do our best to protect your personal information, you should only access the Website and Services within a secure environment. You should always ensure that your login credentials and password are kept safe at all times. You should notify us as soon as possible if you become aware of any misuse of your account.

International transfers

If you are visiting our Website or using our Services from outside the United States (US), including in the European Economic Area, please be aware that your personal information may be transferred to the US and potentially other countries whose data protection laws may not be as protective as those in your country of residence. However, our collection, storage and use of your personal information will at all times be in accordance with this privacy policy and applicable laws wherever it is processed.

How we use cookies and similar technologies

“Cookies” are small text files that are placed on your computer when you visit our Website or other internet-enabled technologies. They are widely used in order to make websites work, or work more efficiently, as well as to provide business and marketing information to the website owners. Cookies also enable a website to tailor information presented to you based on your browsing preferences, such as language and geographical region.

We may use cookies to personalize web pages during your visit to our Website, to remember you for easy navigation and access during return visits, provide you with relevant offers of our products and services, to monitor web traffic routing and aggregate usage, and to customize and improve our Website and Services.  If you have or use an account on our Website, we will combine the information gathered from our cookies with any information you have provided to us or that is stored in your account for the purposes set out in this Privacy Policy.

If you do not want us to deploy cookies on your browser, you can set your browser to reject cookies. You can find information on popular browsers and how to adjust your cookie preferences at the following websites:

Please note, however, that if you don’t accept cookies, you may not be able to access all portions or features of the Website or Services.

“Web Beacons” (also known as single pixel or clear gifs) are tiny graphics with a unique identifier that may be included on our Website and marketing emails to analyse traffic patterns, such as the frequency of use of particular parts of the Website, and to monitor the effectiveness of our advertising. The data helps us to learn what information is of most interest to our customers and what offers our customers would most like to see. If you do not want to provide us with this information, you can opt out by disabling JavaScript on your computer. If you disable JavaScript, some of the features on our Website may not work.

While we do not use Flash or Flash Local Shared Objects (LSOs) on our Website, third parties with whom we partner may use Flash LSOs to store your audio control preferences. Cookie management tools provided by your browser will not remove Flash LSOs. To learn how to manage these, click here.

Many Internet browsers allow users to send a “Do Not Track” signal to websites they visit. Currently, there is no consensus on the meaning of “Do Not Track” or similar signals, and the Website and Services have no mechanism to respond to such a signal.

Links to other sites

Our Website or Services may contain links to other websites and services. Our Privacy Policy does not apply to such websites or services and we’re not responsible for the content, privacy or security practices and policies of those websites or services. To protect your information we recommend that you carefully review the privacy policies of other websites and services that you access.


Our Services are not directed to individuals under the age of 18.  We do not knowingly collect personal information from such individuals.  If you become aware that a child has provided us with information, please contact us at the contact details further below.  If we become aware that a child under the age of 18 has provided us with personal information, we will take steps to delete such information.

Your privacy rights

If you are from certain territories (such as the European Union) you may have certain rights in relation to your personal information, such as the right to access, correct, amend or delete any personal information we hold about you. If you wish to exercise such rights, or you have any questions or comments concerning your personal information, please contact us at privacy@bromium.com. We will consider and respond to your request in accordance with any applicable laws.

We offer European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our customers that operate in the European Union, and other international transfers of Customer Data. To request a copy of our data processing addendum incorporating the Standard Contractual Clauses, please contact us at privacy@bromium.com.

If you wish to be removed from our mailing list, you can do so my clicking “unsubscribe” in any email communications we send you, or by emailing us at the address above.

Changes to our privacy policy

If we change our privacy policy, we will post those changes here in addition to updating the “Last Updated” date at the top of this page. If we make any material changes to the privacy practices relating to our Services, we will notify customers more directly – for example by posting a notification or sending a message through your account or by email. We encourage you to review this page frequently to stay informed of the latest modifications.

How to contact us

If you have any questions, comments or concerns about this privacy policy, then please contact us via privacy@bromium.com or at the following mailing address:

ATTN: Legal Department
Bromium, Inc.
20883 Stevens Creek Boulevard, Suite 100
Cupertino, CA 95104 USA