Cloudmark is now part of Proofpoint. Learn More

About Proofpoint

Cloudmark Privacy Policy

Last Updated December 12, 2017

Cloudmark, Inc. (“Cloudmark”, “we”, “us”, and “our”) highly values our customer relationships and we want to make sure that Cloudmark’s customers (“you”) understand the details of how our products and services utilize the information you provide to us. Cloudmark has created this privacy policy ("Policy") in order to disclose how we collect, use, and share information collected through the website, located at (the “Site”), and our products and services, other than the Cloudmark Spam Reporting Service product, which is governed by a separate privacy policy (the “Products”). The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged Cloudmark and the uses as detailed in the section entitled “What Information is Collected and How is it Used?” below. This Policy describes:

  • The Personal Information (as defined below) that is collected from you through the Site and Products;
  • How Personal Information is used;
  • With whom Personal Information may be shared;
  • The choices available to you regarding the collection, use and disclosure of Personal Information;
  • The kind of security procedures that are in place to protect the loss, misuse, or alteration of Personal Information under Cloudmark's control; and
  • How you can access and correct any inaccuracies in Personal Information collected from you.

By submitting Personal Information through our Site or Products, you agree to the terms of this Policy and you expressly consent to the collection, use and disclosure of your Personal Information in accordance with this Policy. In addition, you expressly consent to the export, processing, and transfer of your Personal Information to the United States.

TRUSTe Privacy

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Cloudmark participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy shield Framework. Cloudmark is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, respectively, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles.  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at

Cloudmark is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Cloudmark complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Cloudmark is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Cloudmark may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Contact Information

Questions regarding this Policy should be directed to the Cloudmark site coordinator by emailing or writing to us at the following address:

128 King Street
2nd Floor
San Francisco, CA 94107
Attn: Legal Department

If you feel that Cloudmark has not complied with this Policy please submit a report to

Cloudmark Privacy Statement

Cloudmark will only share your Personal Information with others in ways that are described in this Policy, as required by law, or in the good-faith belief that such action is necessary in order to conform to applicable laws or regulations or cooperate with law enforcement agencies.

What Information is Collected and How is it Used?

Purchasing of Subscriptions

An online Cloudmark account is required to purchase certain Products. When you create a Cloudmark account, you may provide certain Personal Information. “Personal Information” as used in this Policy means any information that allows someone to identify you, such as your name, address, or email address, in addition to any other non-public information that is linked with any of the foregoing. We collect the following Personal Information when you create and edit your Cloudmark account:

  • Name and email address;
  • Location information - including zip code, postal code, and country; and
  • Purchase and credit card billing information

Cloudmark may also collect and store your Internet (IP) address and the URL of the website that sent you to our registration page. This information may be used with regard to such purchase, including the provision of Products and support to you, and for analytics purposes, such as to determine the most popular sources of traffic to our Site.

License of Products

We may collect some or all of the following Personal Information when you license our Products (depending on the specific Product being licensed):

  • Name and email address;
  • IP address of both the sender and recipient of an email;
  • IP address, operating system information, and hostname of the system where applications were installed;
  • Email and/or mobile message envelope, header and attachment metadata incorporated in a given message;
  • URLs, domains and keyword patterns contained in an email;
  • Mobile number of the sender and recipient of a mobile message;
  • Content of an email or mobile message reported by a subscriber or Cloudmark customer (i) as spam or containing viruses, phishing attempts or other malicious or unwanted/unsolicited content or (ii) as a legitimate message in the event the message was originally designated as spam, in either case, if a message is voluntarily submitted to Cloudmark for analysis; and
  • In the case that a Cloudmark customer has purchased a Cloudmark-hosted Product, the full content of an email or mobile message may be collected.

This information is used to help Cloudmark determine whether a message, URL and/or IP address is legitimate or otherwise contains viruses, phishing attempts or other malicious or unwanted/unsolicited content. Personal Information is not shared publicly, but other information may be shared on an aggregated basis with other Cloudmark customers, as further described in our license agreement with you.

CSI IP Reputation Remediation Portal

If you request a reset of the reputation of an IP on the CSI IP Reputation Remediation Portal, then Cloudmark requires that you provide the following information:

  • Name, title, company name, email address, contact phone number;
  • IP address for which you are requesting the reputation be reset, and the domain name that IP represents; and
  • Exact SMTP 5xx error string received

This information is used to help Cloudmark determine the legitimacy of your request for the reputation of the IP to be reset. This information is not shared publicly, but may be shared with Cloudmark customers and trusted Cloudmark partners when it pertains to the reputation of the IP address that you have requested to be reset. No Personal Information collected on this portal will be sold or rented to any organization.

In order to prevent the malicious use of the CSI Remediation Service, Cloudmark may record your Internet (IP) address that connects to our web server, and information about your site usage, including browser details. These details will not be shared with any other organization.

Cloudmark Community Forum

The Cloudmark Community Forum permits users of our Products to seek help with questions regarding our Products. You may voluntarily login and provide your name, email address and other Personal Information. This information is not private and is available to all people who visit the forum. As with all public forums, Cloudmark community members should carefully consider Personal Information that is disclosed.

Sales Inquiry, Request Help, and Content Registration Forms

The Sales Inquiry Form allows anyone to submit a request for information from the Cloudmark sales team. Request Help is used to submit requests for technical support for Cloudmark solutions with the exception of Cloudmark DesktopOne. The completion of a registration form may also be required to access certain content on our Site. Through these forms, Cloudmark collects Personal Information such as name, email and phone number. This information will be used to follow up with you. We will contact you regarding our Products and subsequent contacts will be based upon the outcome of the initial contact. No Personal Information collected in these forms will be sold or rented to any organization.

Other Uses

In addition to the uses identified elsewhere in this Policy, we may use your Personal Information to:

  • Improve your browsing experience by personalizing the Site;
  • Send information (other than marketing communications) to you which we think may be of interest to you; and
  • Send you marketing communications relating to our business which we think may be of interest to you, when you have specifically agreed to this, by email.

As described in the Privacy Shield Principles, Cloudmark is accountable for Personal Information received under Privacy Shield that it receives and subsequently transfers to third parties. If third parties that process Personal Information received under Privacy Shield on our behalf do so in a manner that does not comply with the Privacy Shield Principles, we are accountable, unless we prove that we are not responsible for the event giving rise to the damage.

Use of Cookies and Website Logs

Like other major websites, we use cookies or similar technologies to provide you with a tailored experience in visiting our Site and using our Products. Cookies are small pieces of information that a Site sends to your computer’s hard drive while you are viewing the Site. We also use cookies to understand traffic patterns on the Site, recognize returning visitors, and make the Site easier to navigate. We treat any Personal Information that may be contained in cookies with the same level of confidentiality as any other information you provide to us.

We use Google Analytics, which uses cookies, to help analyze how users use the Site, such as how often users visit the Site, what pages they visit, and what other sites they used prior to coming to our Site. We use this information solely to improve our Site and Products.

Cloudmark does not require that you accept cookies, however, some functionality on our Site, our product purchase check-out process, and Products may be disabled if you decline to accept cookies. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it.

The Site logs IP addresses and browser types for systems administration purposes. These logs will be analyzed to improve the value of the materials available on the Site and Products. The Site may associate your IP address with Personal Information that you supply us in the act of filling out a registration form.

We do not currently respond to “Do Not Track” signals from web browsers.

Cloudmark also works with third parties to serve ads on sites owned or operated by other companies. Cloudmark and our partners use cookies or similar technologies in order to identify your browser as you navigate on the internet and to present you with information and advertising based on your apparent interests. Some ad companies, such as ad networks, may combine anonymous information obtained in connection with activity on the Site with information obtained from other sources and/or websites. If you wish to opt out of interest-based advertising click here or if located in the European Union click here. Please note you will continue to receive generic ads.

About Cloudmark

We use email links located on the "Contact" page and other areas of the Site to allow you to contact us directly with any questions or comments you may have. We read every message sent and try to reply promptly to each request. This information is used to respond directly to your questions or comments. We may file your comments to improve the Site and Products, or review and discard the information.

Security of Personal and Payment Information

Protecting your privacy and Personal Information is a top priority at Cloudmark. We have taken careful measures to prevent the loss, misuse, and alteration of your Personal Information. Cloudmark maintains the following controls to protect the security of information you provide us, including credit card and billing details collected during the purchase process:

  • Use of secure connections using the standard secure socket layer technology to safeguard information when transmitted from your Web browser to Cloudmark;
  • Security controls to restrict access to databases housing Personal Information;
  • Use of encryption for sensitive Personal Information, such as credit card numbers and user names; and
  • Restricting employees with access to databases containing Personal Information to those employees who need it in order to perform their jobs.

When you enter sensitive information (such as login credentials) we encrypt the transmission of that information using secure socket layer technology (SSL) with a minimum of 128-bit encryption. We support up to 256-bit encryption if a user's browser requests it. In addition, customer usernames and passwords are stored in an encrypted fashion, and passwords must adhere to a minimum password complexity policy.

We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once we receive it. Customer data is stored on protected networks that are separate from the systems that present the data, and all systems are protected by industry standard firewalls and routers with strict access policies. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Site or Products, you can contact

No Error Free Performance

We customarily release alpha and beta versions of our Products, which are further refined before the release of the final "Gold" version. Because these Products are still in a test phase, we may not always catch an unintended privacy issue, despite our efforts to do so. As such, we welcome feedback on any privacy concerns you may have, and on how to improve our Products generally, in all stages of release. Cloudmark does not guarantee error-free performance under this Policy. We will use reasonable efforts to comply with this Policy and will take prompt corrective action when we learn of any failure to comply with our Policy. Cloudmark shall not be liable for any incidental, consequential or punitive damages relating to this Policy.

Cloudmark may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to (a) conform to the edicts of the law or comply with legal process served on Cloudmark; (b) protect and defend the rights or property of Cloudmark and its Products, or (c) act in urgent circumstances to protect the personal safety of users of our Products or the public at large. This Policy shall be governed by the laws of the United States.

Third Party Service Providers

Cloudmark contracts with one or more third parties to assist us in managing our Site and/or providing the Products. Third party service providers are contractually prohibited from using the information received from Cloudmark for any purpose other than those authorized by Cloudmark. These companies are authorized to use your personal information only as necessary to provide these services to us.

These services may include:

  • Sending marketing communications
  • Fulfilling subscription services
  • Conducting research and analysis
  • Providing cloud computing infrastructure

Business Transfers

As Cloudmark continues to develop its business, we might sell or buy technology, subsidiaries, or business units. In such transactions, your Personal Information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Policy (unless, the customer consents otherwise). Also, in the event that Cloudmark, or substantially all of its assets are acquired, Personal Information will be one of the transferred assets.

Access and Choice

Upon request Cloudmark will provide you with information about whether we hold any of your personal information. If your Personal Information changes, you may update it, or if you no longer desire our service, you may delete or deactivate it, by emailing us at or by contacting us by postal mail at the contact information listed above. We will respond to your request to access within a reasonable timeframe.

Cloudmark acknowledges that you have the right to access your personal information.  Cloudmark has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to the Cloudmark Client (the data controller). If requested to remove data we will respond within a reasonable timeframe.

We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.

We will periodically send you free newsletters and e-mails that directly promote the use of our Site and Products. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information above). Despite your indicated e-mail preferences, we may send you service-related communications, including notices of any updates to this Policy or Terms of Use.


We do not intentionally gather Personal Information from visitors of our Site who are under the age of 13. If a child under 13 submits Personal Information to Cloudmark on our Site and we learn that the Personal Information is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any Personal Information from a child under 13, please contact us at

Notification of Changes

Cloudmark may revise this Policy from time to time by posting a new version on our Site. Revised versions of this Policy are effective immediately upon posting. Accordingly, users of the Site or Products should read any Cloudmark announcements they receive and regularly visit the Site to review the posted Policy.

Site Map  •  Privacy Policy  •  ©2002–2018 Cloudmark, Inc.