Introduction

At Cradlepoint, we are committed to protecting your Personal Data. Our commitment to you applies no matter where you are located and in all ways that we have the opportunity to connect with you — whether you are a visitor to our website, our Customer, prospective Customer, end user, event attendee or recipient of our marketing materials. We have created this Global Privacy Notice (Notice) to provide you with information about our privacy practices and how we collect, use, process, and transfer your Personal Data.

Please note that capitalized terms have definitions that you can review in our Definitions below.

By using our Services, you are agreeing to the practices described in this Notice and if you have any questions at all about these Notices, please do not hesitate to contact us at privacy@cradlepoint.com.

General Overview with List of Privacy Policies

It is our goal to make our Notices as easy to navigate as possible. Please click on each of the following to learn more:

Global Policy Notice

Click here to learn more about how we collect or handle Personal Data as part of our global business operations.

EEA and UK: Click here to learn about how we comply with GDPR

U.S. Privacy: Click here to learn more about how we comply with U.S Privacy Laws including (but not limited to) California, Colorado, Connecticut, Utah and Virginia

(Last updated on January 31, 2024)

 

Cookie Notice

Click here to learn more about how we use cookies and similar technologies when you interact with us through our websites or if you want to review or reset your cookie consent preferences.

(Last updated on May 1, 2023)

 

Job Applicant Privacy Notice

This notice addresses the Personal Data we collect or share about our job applicants as part of our recruitment and talent acquisition efforts.

Global Privacy Notice for Cradlepoint

Your privacy is important to us. Our Global Privacy Notice describes the Personal Data we collect, how we use this information, and with whom it is shared. We also let you know how you can exercise your privacy rights and contact us for any questions or concerns.

Part I: How to Contact Us

Part II: What Data We Collect and How We Collect It

Part III: How We Use Your Personal Data

Part IV: How and With Whom We Share Your Data

Part V: Security and Retention

Part VI: Your Privacy Rights and Choices

Part VII: GDPR and U.S. Privacy Laws

Part VIII: Definitions

Part I: How to Contact Us

We have appointed Data Protection Officers (“DPO”) to oversee compliance with this Notice in the EU, UK and other regions. If you have any questions about this privacy notice or how we handle your Personal Data, please email your DPO at privacy@cradlepoint.com.

We value your opinion. If you have questions or comments about our Privacy Notices or our Privacy practices, please also feel free to contact us at:

Phone: +1 855 813 3385

Address:
Cradlepoint, Inc.
1100 West Idaho Street, Suite 800
Boise, ID 83702
Attn: Privacy Department

Email at: privacy@cradlepoint.com

Part II: What Data We Collect and How We Collect It

When we use the term “Personal Data ,” we mean information that identifies, relates to, describes, is reasonably capable of being associated with, linked, directly or indirectly, to an individual. Also, when we use the term “We” or “Cradlepoint” we mean Cradlepoint and/or the Affiliate with whom you or your company are doing business.

When you visit our websites, request a product, service or register for an event or webinar or reach out to a member of our team or sign up for an account to use our products/Services, we collect certain information, including:

Website or Mobile Apps Visitors:

When you visit our websites to learn more about us, register for an event, or reach out to a member of our team via website chat, or use one of our mobile apps, we collect certain information to help us manage our relationship with you. The following Personal Data may be collected:

  • Log Files: We may gather certain information about your device and store it in log files. This information may include but is not limited to Internet Protocol (IP) addresses, system configuration information, browser type and settings, version number, operating system, URLs of referring pages, and locale or language preferences information about your computer or device, including browser type and settings, version number, time zone setting.
  • Interactions: We may collect your interaction with our websites or mobile apps, including documents downloaded, pages visited, webinar registrations, surveys completed, blogs, comments and feedback on our products.
  • Requests: We may collect your contact information (such as your name, company, job title, address, telephone number or email address), professional information (such as your employer’s name, address, job title, department or job role).
  • Cookies and other tracking technologies: We may use cookies and other information-gathering technologies for a variety of purposes, such as providing us with information about how you interact with our websites and assisting us in our marketing efforts. For more information about the cookies Cradlepoint uses and your privacy choices, please see our Cookie Policy.
  • Chat: We may use the information that you provide us in a chat link on our website which may include contact details and other data that you choose to share with us to learn more about our Services.

Customers and Users:

We collect Personal Data about you to provide the Services to your company, our Customer, pursuant to our terms and conditions and/or end user license agreement.

If you interact with our Services, we may receive your Personal Data. When we use the term “end user”, we mean the following (and as further defined in the Definitions section below):

  • Individuals who are authorized by our Customer to access or use our Customers’ domains, networks, websites, application programming interfaces, and applications;
  • Customers’ employees, Administrative Users, consultants, agents, or contractors, for whom our Customers have purchased a subscription or otherwise provisioned a Service; and
  • Individuals to whom Customers (or when applicable, Cradlepoint at Customer’s request) have provided login credentials.

We may collect and process the following end user personal data to provide the Services:

  • Contact Details: When you register for an account, acquire licenses, purchase hardware or use and access our Services, we collect your contact information. This may include Personal Data such as your name, company name, Customer id, user id and password, you and your account administrator(s) business email address(es) and/or telephone number, and business postal addresses, your country or region and possibly geolocation if your account administrator has configured our product to collect this information.
  • Configuration Data: In addition, when you use our Services, we collect information about how you configure your account and our Services (e.g., collaborator status, geolocation settings). This Personal Data is required to enable your access to your Cradlepoint account and Services purchased by your company, our Customer.
  • Geolocation Data: If our Customer enables geolocation within our Service, we may collect geolocation data of a device and possibly an end user, in order to provide the Services to our Customer.
  • Usage Data: We may collect or process certain data relating to the performance and configuration of the Cradlepoint Services, and our Customers’ and their end-users’ consumption of and interaction and use of such Services (“Usage Data”). Usage Data is generally technical information obtained from product software or systems hosting the Services, devices accessing these Services and/or log files generated during such use. Usage Data does not include any Customer Content (e.g., web traffic) transferred through Cradlepoint Services.
  • General or Sales Inquiry: We may collect or process inquiry and communications information, including information provided in custom messages sent through the forms, in chat messages, to our email addresses, or via phone. This also includes information provided in order to subscribe to any of our newsletters (such as email address) or contact information provided on our Services.
  • Marketing data: You may provide us with your contact information and preferences for receiving our marketing communications.
  • Payment information: We do not require our Customers to have payment information on file with us unless your company selects to pay your NCM subscription renewal within your account. When your company signs up for this Service, our 3rd Party Payment card processor will securely process the payment.
  • Technical Support: When our Services encounter an unexpected error, you may be asked to submit a customer support case, which may contain Personal Data. To assist with service issues, reports from your device about latency, signal strength, speeds, app and service performance, dropped connections and data failures, geolocation information, and device data like serial number and similar device identifiers, settings, language preferences, and software versions may be collected.
  • Audio or Visual Information: We may collect certain information including recordings of customer service or support calls, for quality assurance and internal training purposes.
  • Statistical and performance information: Cradlepoint may derive statistical and performance information relating to our Customer’s use of our Services.
  • Administrative User Activity: We also maintain logs of users’ activity (e.g., actions taken to configure settings in Customers’ account).

In connection with your organization’s deployment of certain Services, Cradlepoint may automatically collect information in relation to your use of the Services. This Personal Data may include:

  • End user Usage Data: We may collect or process certain data relating to IP addresses, traffic routing data, system configuration information, and other information about traffic to and from Customers’ websites, devices, applications, and/or networks for the end user. We share this data with our Customers via a service dashboard or other online interfaces.
  • Metadata: If your company is using the NetCloud Exchange service, Cradlepoint may collect Personal Data relating to end user behavior including IP address, device ID, username, email address (as associated with the Customer account for authentication purposes), as well as end user network access and browsing activity end user with date and time stamps in order to direct traffic, regulate access, and enforce policies created by Customer and solely at Customer’s instruction and direction and as configured by the Administrative User.
  • Content Data: Cradlepoint may collect and process Content Data in order to provision certain Services. This may include web traffic data or files downloaded from the internet. If enabled, Cradlepoint will inspect content data for malicious software, remove any malicious activity from these activities and maintain a log of any infected files.

Customers and their Administrative Users can control the data that is collected, retained and shared with us. We provide information about how our Customers may configure our products to enable Customers to make choices when using our products. Please visit Cradlepoint Connect, our Knowledge Base and Resource Center, for more information.

If you are an individual user of Cradlepoint Services and you require more information regarding our data collection practices for Services deployed by your organization, please contact your IT administrator for the Services.

Event Attendees:

If you register and access one of our events, webinars or conferences, we may collect the following information:

  • Contact Details: We may ask for and collect Personal Data such as your name, company name, address, phone number and email address to register you for an event, webinar or conference; and
  • Image and voice: We may record your voice and/or image during your participation in reviews of products and contests, surveys, webcasts, and events involving our Services, including for the promotion of our Services.

Business Partners:

When you collaborate with us a business partner, such as an authorized reseller, distributor, or systems integrator authorized by Cradlepoint to sell Services or partner with us on general business activities, we may collect the following Personal Data from you in order to provide you with access to the Services and manage our relationship with you and your company:

  • Business Contact Details: Name, email address, signature, address, telephone number;
  • Commercial Information: Billing and transaction information, including related commercial information, such as records and history of Services purchased or considered for order fulfillment; and
  • Business Information: Company details including location, Corporate financials, Business insurance or related information.

Cradlepoint University:

As Customer, Administrative User or Business Partner, you may have access to our organizational learning platform, Cradlepoint University (CPU). To provide you with CPU trainings and certifications, we may collect the following Personal Data:

  • Contact Details: Name, email address, signature, address, telephone number;
  • History of Trainings and Certifications: Types of trainings that you have taken and dates you took them, certifications received; and
  • Analytics: In certain cases, analytics on efficacy and impact of training on Services sold.

Other Ways We May Collect Your Personal Data from Third Parties

Third Party Data: We may also obtain information about you from third party sources unless prohibited by applicable law, such as from public databases, resellers and Channel Partners, marketing partners, social media platforms, event organizers or other publicly available information.

From third-party marketing partners, social media databases and publicly available information – we may receive information such as name, business email address, job role or title, company, business phone number, office location, information about your product or service interests or preferences, page-view information from business partners with which we operate co-branded Services or joint offerings. We may use this information for the purposes set forth in this Notice, such as, for example, improving the accuracy of our records, better understanding you and your preferences, providing relevant marketing and support, and detecting and preventing fraud.

From resellers and/or Channel partners – we may receive information such as name, business email address, job role or title, business phone number, office location, or information about your product preferences, which we use to provide our services to you, such as fulfillment of orders and provisioning of services.

Social Media: When you interact with us through various social media networks, such as Google, Facebook, LinkedIn, Twitter, or other social networks, we may receive some information about you.

The interactions can be:

  • You “like” us on Facebook or
  • You “follow us” on LinkedIn or
  • You “share” our content on Twitter or
  • You “log into” another account via your Social Media account or similar interactions.

The amount and type of information we may receive about you depends on your privacy settings for the sharing of information with third-parties. We may receive the following information:

  • Your profile information, including but not limited to picture, username, user ID associated with your social media account; and
  • User characteristics, including age range, gender, language, country, and any other information you permit the social network to share with third parties.

You should always review and, if necessary, adjust your privacy settings on third-party websites and social media networks and Services before sharing information and/or linking or connecting them to other Services.

Part III: How We Use Your Personal Data

Cradlepoint uses Personal Data it collects for the following purposes (unless otherwise restricted by applicable law).

  • Facilitate the Delivery of the Services: Cradlepoint may use Personal Data to provide you with the Services, to manage your account, and to communicate with you about your use of our Services. This may include managing software downloads, updates and fixes, and sending other administrative or account-related communications, including release notes.
  • Manage Cradlepoint and its day-to-day business operations.
  • Facilitate and improve website or mobile applications: Cradlepoint may use Personal Data to provide you with online Services, to facilitate your use of the online Services (such as facilitating navigation and the login process, preserving information between sessions and enhancing security), to improve quality, to evaluate page response rates and personalize and determine helpful content.
  • Communicate and Respond to Sales and general Requests: Cradlepoint may use Personal Data to communicate with you, respond to your requests or provide information requested by you, notify you about changes to Cradlepoint’s Services, including via email, chat, social media and/or telephone calls.
  • Improve our Services: Cradlepoint uses Personal Data to better understand our Customers, users and website visitors and the way they use and interact with the Services. Cradlepoint uses this information to provide a personalized experience, to implement the preferences you request, to improve quality and reliability, to diagnose issues with and improve the Services and related user experiences, to make recommendations; and to develop new products to meet our Customers’ changing needs.
  • Provide Technical Support: Cradlepoint uses Personal Data and other data Cradlepoint collects from you, in combination with other data we may have, in order to provide you with support in relation to provide you with the information, products, and Services that you request from Cradlepoint.
  • Post Testimonials: Cradlepoint may use Personal Data to post testimonials on its Online Services. Prior to posting a testimonial, we will obtain your consent to use your name and testimonial. You can request your testimonial be updated or deleted at any time by sending a request with your name, testimonial location and contact information.
  • Marketing: Cradlepoint will use information it obtains from you, your interactions with Cradlepoint over time and across our Services, and from third party sources to provide you with marketing and promotional communications, to deliver targeted and relevant advertising and marketing to you with your consent, to determine the effectiveness of our marketing and promotional campaigns, to better understand you and your preferences, and to position and promote our Services. Our marketing will be conducted in accordance with your advertising / marketing preferences and as permitted by applicable law.
  • Events: To communicate with you about our events or our partner events. To register you for and provide you access to events and webinars.
  • Training and Certifications: To provide trainings and certifications through our organizational learning platform, Cradlepoint University.
  • Security: To help monitor, prevent, and detect fraud, enhance security, monitor and verify identity or access, and combat spam or other malware or security risks.
  • Legal: To enforce our end user license agreement and/or terms and conditions, to resolve disputes, to conduct our legal obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties. To prevent, investigate, or provide notice of fraud or unlawful or criminal activity, including compliance with law enforcement requests.
  • Account Administration: Cradlepoint may also use Personal Data to track entitlements, verify compliance, control access to the Service, and maintain the security and operational integrity of the Cradlepoint IT infrastructure and our Services.
  • Contract Management: To carry out our obligations arising from any contracts entered between you and Cradlepoint.
  • Improve the Accuracy of our Records: We may use the Personal Data we receive from you or third parties to better understand you and/or maintain and improve the accuracy of the records we hold about you.
  • For any other lawful purpose, or other purpose to which you consent.

Automated decision making and machine learning. Cradlepoint may use automated decision in connection with NetCloud Exchange which is derived from records we collect to help monitor, identify, and suspend accounts sending spam or engaging in other abusive or fraudulent activity. Holders of accounts suspended under these circumstances are notified of the suspension and given an opportunity to request human review of the suspension decision.

Part IV: How and With Whom We Share Your Data

We take care to allow your Personal Data only to be accessed by those who really need it in order to perform their tasks and duties, and to share it with others who have a legitimate reason for accessing it. We may share Personal Data with:

Affiliates: We may share your information with our subsidiaries and entities that we directly or indirectly control and our parent company, Ericsson and its affiliates, subsidiaries and/or entities that it directly or indirectly controls or are controlled by. Click here for more information about Ericsson’s Privacy Policy and Binding Corporate Rules. This information may be shared with our Affiliates to provide Services and support, provide recommendations to optimize product and service use, to provide Customers and prospective Customers with information about the range of available Services, and for the purposes otherwise described in this Notice. Please see the Sub-processor List below for a complete list of Affiliates.

Customers: Your Employer/Company: If you interact with our Services through your employer or company, we may disclose your information to your employer or company, including another representative of your employer or company.

Business Partners: We may provide your information to our business partners to fulfill product and information requests, to effectively deliver unified support, and to provide Customers and prospective Customers with information about Cradlepoint and its Services. From time to time we may enter into certain select marketing relationships with advertisers and other business partners that provide products or Services that we believe may be of interest to users of the Services. If you purchase or specifically express interest in a jointly-offered product, promotion, or service, we may share relevant Personal Data with those partners.

Service Providers: Agents, vendors, consultants, and service providers (sub-processors) that act on our behalf to support our Services, such as technology Services (e.g., web hosting, infrastructure provisioning, and operational Services) or payment card Services (e.g., processing Customer payments on our behalf) subject to confidentiality obligations set out in the executed contracts with the service providers. We contractually prohibit our service providers from retaining, using, or disclosing information about you for any purpose other than performing the Services for us. Additional information about the sub-processors we use to support our service delivery can be found below.

List of Sub-processors

Sub-processor Purpose Location(s)
Amazon Web Services, Inc. Data Hosting United States, Europe, Australia, & Singapore
DataDog Operational Monitoring United States
Cloudflare, Inc. Content Delivery Network (“CDN”) & DDoS Protection United States
Sumo Logic, Inc. Service Delivery, Fraud Detection & Security United States
Pendo.io, Inc. Product Improvement United States
Twilio/SendGrid NCM Email Notifications United States
Snowflake Customer Data Storage United States
Salesforce Customer Relationship Manager (“CRM”) United States
OwnBackup, Inc. CRM Backup United States
Vonage Holdings Corp. Customer Support Engagement United States
Pager Duty, Inc. Customer Support Engagement United States
Always Answer, Inc. Customer Support Engagement United States
Dynamo DB Service Delivery United States
Kafka Service Delivery United States
Istio ID Service Delivery United States
FluentBit Service Delivery United States
Absorb Service Delivery (Cradlepoint University United States
Impartner Authentication & Partner Portal United States
Microsoft Dynamics Order Processing United States
Microsoft Azure Order Processing Database Hosting United States
Simetric Customer SIM Card Management United States
Sana NCM Marketplace Authentication United States, Sweden, United Kingdom
OneTrust Cookie & Country of Residence Tracking United States
Sentry Application Monitoring United States
Aeris Communications, Inc. Customer SIM Management United States

Depending upon location, Cradlepoint may also use one or more of the following Affiliates as Sub-processors.

Affiliate Entity Purpose Country Location(s)
Cradlepoint Australia Pty. Ltd. Maintenance & Support Australia
Cradlepoint S.R.L. Maintenance & Support Italy
Cradlepoint Canada Inc. Maintenance & Support Canada
Cradlepoint GMBH Maintenance & Support Germany
Cradlepoint B.V. Maintenance & Support Netherlands
Cradlepoint Singapore Pte. Ltd. Maintenance & Support Singapore
Cradlepoint UK, Ltd. Maintenance & Support United Kingdom
Cradlepoint De España SL. Maintenance & Support Spain
Cradlepoint Sweden AB Maintenance & Support Sweden
Cradlepoint France S.A.S Maintenance & Support France
Cradlepoint Mexico Maintenance & Support Mexico
Cradlepoint South Africa Maintenance & Support South Africa
Cradlepoint India Maintenance & Support India
Cradlepoint Japan Maintenance & Support Japan
Cradlepoint Malaysia Maintenance & Support Malaysia
Ericom Software Ltd. Maintenance & Support Israel
Ericom Software UK Ltd. Maintenance & Support United Kingdom
Ericom Software Inc. Maintenance & Support United States
Ericsson A.B. Maintenance & Support Sweden
Ericsson Inc. Maintenance & Support United States

Advertising Partner or Marketing Services (e.g., marketing providers to update you about our Services): We work with third-party ad networks and advertising partners to deliver advertising and personalized content on our Services, on other websites and Services, and across other devices. These parties may collect information directly from a browser or device when an individual visits our Services through cookies or other data collection technologies. This information is used to provide and inform targeted advertising, as well as to provide advertising-related Services such as reporting, attribution, analytics, and market research. Please see our Cookie Notice for more information.

Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization, or similar event. We will inform any buyer that your information shall only be used in accordance with this Privacy Notice.

Legal Requirements: Compliance with laws or any competent law enforcement body, regulatory body, government agency, court or third party: We may disclose information where we believe disclosure is necessary or required (i) by law or regulation, in order to comply with legal process or government requests (including in response to public authorities to meet national security or law enforcement requirements); or (ii) to exercise, establish or defend our legal rights;

Aggregated/De-identified Information: We may aggregate and/or de-identify any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). Aggregate/De-Identified Information may be used to determine the demographic composition of our user base and to distribute statistics and general marketplace information about Cradlepoint. We may use, transfer, or disclose Aggregate/De-Identified Information for any purpose, including to describe the Services to prospective partners and other third parties and for other lawful purposes; and

With your consent: We may disclose personal for any other purpose with your consent. For example, with your consent or direction, we may post your testimonial on our Sites or service-related publications.

Part V: Security and Retention

Security

Cradlepoint maintains (and also requires its service providers to maintain) reasonable and appropriate organizational and technical measures to protect the security and confidentiality of any Personal Data we process. For example, Cradlepoint employs physical access controls, encryption, Internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. Cradlepoint staff who may have access to Personal Data are required to keep that information confidential. However, no security procedures or protocols are ever guaranteed to be 100% secure and so we encourage you to take care when disclosing Personal Data online. You may read more about our security measures at https://cradlepoint.com/about-us/trust/security/.

Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.

Security measures you can take: Cloud services follow a shared responsibility model where the Cloud Service Provider is responsible for the security of the service, while the customer is responsible for the security of their use of the service. Cradlepoint’s Security Best Practices KnowledgeBase article provides recommendations to protect your account, such as enabling two-factor authentication for your account. Additionally, you must keep your account secure with a confidential password and not disclose them publicly or to unauthorized individuals — this includes accidentally distributing them in source code or shared repositories. Please let us know right away if you think your password or account was compromised or misused. For instructions on changing your password, please consult our password reset KnowledgeBase article. For instructions on resetting your Multi-Factor Authentication (MFA) token, please consult our MFA KnowledgeBase article.

Similarly, if you provision an API Key, you should keep your secret, well… secret. You should store your API Key, Account SID, and secret in a secure location. Information on provisioning and revoking API Keys can be found here.

How we use Personal Data for security purposes

We may collect and use Customer Data or Customer Usage Data to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and Services. In addition, we also use records containing end user Personal Data to debug, troubleshoot, or investigate security incidents; to detect and prevent spam or fraudulent activity; and to detect and prevent network exploits and abuse. We may anonymize Personal Data and use it for our legitimate business needs.

Retention

We keep your Personal Data to enable your continued use of Cradlepoint Services, for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, or as may be required by law (including for tax and accounting purposes), or as otherwise communicated to you. How long we retain specific Personal Data varies depending on the purpose for its use, and we will delete your Personal Data in accordance with applicable law.

If you have any questions about the security of your Personal Data or our retention practices, please contact us.

Part VI: Your Privacy Rights and Choices

At Cradlepoint, we believe that you have choices about the information that pertains to you or your business. We give you choices to manage the privacy of your Personal Data that is under our control, wherever you are located. You can update your preferences or request the following:

  • Data Access: In certain instances, to request that we provide you with a copy of the Personal Data we hold about you.
  • Data Deletion/Right to be forgotten: In certain instances, to request that we delete or remove Personal Data.
  • Data Correction: In certain instances, to correct incomplete or inaccurate data we hold about you.
  • Object to processing: In certain instances, to object to our processing if you feel it impacts your fundamental rights and freedoms in cases we rely on our legitimate interest (or those of a third party).
  • Data Portability: In certain instances, to request the transfer of your Personal Data to you or to a third party in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided with your consent for us to use or where we used the information to perform a contract with you.
  • Consent for sensitive data: As our potential Customer, a consumer, we only process your sensitive data after you have given us your free, specific, informed and unambiguous consent.
  • Withdraw your Consent: Where we previously obtained your consent, to withdraw consent for continued processing of your Personal Data. However, this will not affect the lawfulness of any processing completed before you withdraw your consent.
  • Opt-out of sales or sharing: To request that we do not “sell” or “share” your Personal Data as “sell” and “share” are explicitly defined under relevant U.S. state law as further discussed in the U.S. Privacy Law Notice below.
  • Cookies and other tracking technologies: To opt out of interest-based advertising and profiling by selecting only necessary cookies in our cookie banner and as further discussed in the U.S. Privacy Law Notice below.
  • Do not track: To opt out of targeted advertising with your browser’s “Do Not Track” settings concerning targeted advertising. Cradlepoint supports the Global Privacy Control setting.
  • Marketing preferences: To update your marketing communication preferences including opt-out of all marketing communication, you can go to the manage my preferences You may also click unsubscribe at the bottom of the marketing emails.
  • Email Communications Preferences: To stop receiving promotional email communications from us, please click on the “unsubscribe” link provided in such communications. You may not opt-out of Services-related communications (e.g., account verification, transactional communications, changes/updates to features of the Services, technical and security notices).
  • Push Notifications: To stop receiving push notifications from us, please change your preferences in the iOS or Android notifications settings menu.

Nondiscrimination: You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you our Services; increasing the price/rate of the Services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.

Requests if we are the Controller of your Personal Data: If we are the Controller of your personal data (for example, you are a prospective customer or visitor to our website) and wish to exercise these rights, please submit an email to privacy@cradlepoint.com with the following information:

  1. Full Name
  2. Request Type (Access, Deletion, Correct/Update, Stop Processing Data or Other Privacy Inquiry)
  3. In what capacity you have interacted with us (i.e., Customer, Employee, Marketing Contact, etc.)
  4. Country of Residence
  5. Any additional request details that you wish to provide.

If Cradlepoint acts as the Data Controller, we may need to verify your identity and authority to make the request and confirm the Personal Data relates to you and/or your household (as applicable) before responding to your Privacy Rights request. Please also be aware that Cradlepoint may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so.

Requests if we are a Processor of Your Personal Data. If we are a Processor of your personal data with respect to provision of Services (for example, you are an end user of our products or employee of our Customer), we do not have control over your personal data and you will need to reach out to our Customer (the Controller, which could be your employer) to exercise your privacy rights.

Right to Appeal. If we do not take action on your Privacy Rights request within the legally required response period, we will inform you in writing of the reasons for not taking action, as well as provide an explanation of any rights you have to appeal the decision.

File a complaint. You have the right to file a complaint about our collection and processing of your Personal Data with your country’s supervisory authority or with your U.S. State Attorney General.

If you have a complaint, we would appreciate the chance to deal with your concerns. Please contact us first.

Part VII: GDPR and U.S. Privacy Law

You should be aware that data privacy laws can vary in different jurisdictions where Cradlepoint operates and has employees. Our intent is to comply with all local laws, but where local laws are stricter or different than described in this Notice, we have adopted the privacy practices to satisfy those stricter requirements. Where local laws are less strict than this Notice, the terms described in this Notice will apply. Additional notices may apply to you based upon the regulations that apply to your country or U.S. state of residence.

If you are a resident of the European Economic Area (EEA) or the United Kingdom (UK):
This Privacy Statement applies to Personal Data collected and/or used by Cradlepoint while acting in the capacity of a Data Controller, as defined in the European Union’s (EU) General Data Protection Regulation 2016/679, the “EU GDPR” or, where applicable, the “United Kingdom (UK) GDPR” (as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018), as amended and supplemented from time to time (together, herein referred to as the “GDPR”):

Data Controller and Data Processor
Certain data protection laws, including the GDPR, differentiate between “controllers” and “processors” of personal data. A Data Controller decides why and how to process personal information. A Data Processor does not make decisions about personal data and only processes personal information on behalf of a controller based on the controller’s instructions.

Cradlepoint is the Data Controller and responsible for the Personal Data it collects and processes in the role of the Data Controller. For instance, Cradlepoint is the Data Controller for its Marketing data, Customer contact information, and its employee and contractor data. Cradlepoint may also be a Controller when developing products and new features and providing customer support and fraud prevention. For purposes of the GDPR, the Data Controller is Cradlepoint, Inc. and its affiliates, 1100 West Idaho Street, Suite 800, Boise, ID 83702.

Our Customers are the Data Controllers for any Personal Data related to them and the parties they allow to use our Services.

Generally, Cradlepoint is the Data Processor for the Services it performs for its Customers. For instance, Cradlepoint is the Processor of Personal Data processed for provision of NetCloud Manager, NetCloud Exchange Services and NetCloud Private Networks. When acting as a Data Processor, we only process personal data at the instruction of our Customers.

If you are an end user of a Cradlepoint customer, this Privacy Notice does not apply to the services that our customers provide to their end users. Our customers have their own policies regarding the collection, use, and disclosure of the personal information of their end users. If you are an end user of one of our customers and want to learn about how that customer handles your personal information, we encourage you to read the customer’s privacy policy. Only the customer can assist you with requests for access or deletion.

International Transfers
Cradlepoint is a U.S. based, global company owned by Ericsson, a Swedish-based company. We primarily store your information in the United States, the European Economic Area and Australia. To facilitate our global operations, we may transfer and access such information from around the world, including from other countries in which Cradlepoint or its parent company has operations for the purposes described in this Policy.

Your Personal Data, including information collected in the European Economic Area (“EEA”), the United Kingdom or Switzerland, may be transferred, stored and processed by us and our Services providers, partners and Affiliates in the United States and potentially other countries whose data protection laws may be different to the laws of your country. Some of these countries are not deemed ‘adequate’ by the European Commission and/or the UK Government. We will protect your Personal Data in accordance with this Privacy Notice wherever it is processed and will take appropriate contractual or other steps to protect the relevant Personal Data in accordance with applicable laws. We enter into appropriate data transfer agreements based on so-called Standard Contractual Clauses approved from time-to-time under GDPR Art. 46 by the European Commission, the UK Information Commissioner’s Office or UK Government (as and where applicable); or rely on other appropriate means permitted by GDPR Chapter V, which establish that such recipients will provide an adequate level of data protection and that appropriate technical and organizational security measures are in place to protect Personal Data against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing, including the:

  • Data Privacy Framework
    Cradlepoint complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Cradlepoint has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Cradlepoint has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
  • Transfers to third parties/controllers/processors
    Cradlepoint has set out above where we may transfer personal data to third-party controllers and processors. In those cases, we ensure that there is a contract in place that sets out that personal data may only be processed for limited and specified purposes and that the recipient will provide the same level of protection as the DPF Principles and that they will notify Cradlepoint if it can no longer meet that obligation. Cradlepoint remains liable under the DPF Principles if the receiving organization (processor/agent) processes in a manner which is inconsistent with the DPF Principles unless that organization can prove that it is not responsible for the event giving rise to the damage.We may need to disclose your personal data in response to lawful requests by public authorities including to meet national security or law enforcement requirements.
  • Independent Dispute Resolution
    In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Cradlepoint commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. Individuals have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. See Annex I of the DPF Principles for additional information: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.We are also subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) who have jurisdiction over Cradlepoint’s compliance with the EU-US DPF, the UK extension to the EU-US DPF and the Swiss-US Data Privacy Framework (Swiss US DPF).

If you have any questions about or need further information concerning the appropriate safeguards Cradlepoint has in place to protect your Personal Data, please contact us.

Legal basis for processing Personal Data
Under the EU and UK GDPR, as a Data Controller, we may process your Personal Data with one or more of the following legal bases:

Performance of a Contract. When it is necessary for the performance of a contract to which you are party, or to take steps at your request prior to agreeing a contract. This applies to any processing where you sign a contract with us, for example when you become our Customer, participate in our Affiliate or Channel Partner program, or deliver Services to us as a vendor or contractor. To detect, prevent, or otherwise address fraud, security or technical issues, including by monitoring and enforcing compliance with our terms of use, appropriate use policies, and privacy policies.

For our Legitimate Interest: As part of running our business we have a legitimate interest in processing Personal Data where such interest is not overridden by your interests or fundamental rights and freedoms. This includes, but is not limited to, the following processing activities:

  • Communications: To manage our relationship with Customers and business partners, such as responding to product or service inquiries, providing Customer service and, notifications about changes in our terms or privacy policy;
  • Use our Services: To debug, optimize and evaluate how our Services and products can be improved;
  • Marketing to existing Customers (apart from scenarios where you have consented to marketing): To find, customize, and offer Services we hope you find useful and relevant, i.e., provide you with excellent Customer service;
  • Marketing to prospective B2B Customers: Understand our customers and their needs for our services. We try to learn how our customers use our products and how we could improve our products to better meet our Customers’ needs;
  • Sharing Personal Data with our service providers (i.e., processors): To run our business efficiently and securely;
  • Fraud: To prevent fraud, danger or other unlawful conduct, and to defend our legal interests; and
  • Corporate data: To run our corporation we process data within our internal departments, including accounting and tax filing, managing our workforce and complying with regulatory obligations.

With your consent: Wherever you consent to the processing, for example when you sign up for our newsletters or events, request a demo, start a free trial or a download, or submit a survey. We also rely on your consent for using cookies and other technologies on our website when you explicitly agree to these. Note that your default setting depends on your location (country), as the rules for using such technologies vary across jurisdictions.

Legal Obligations: We are subject to certain legal obligations. We may process your Personal Data for any processing where we need to comply with laws and regulations related to bookkeeping, accounting, taxation, employment, and other business activities (e.g., a legal requirement to maintain certain business records for a set amount of time).

Your GDPR Privacy Rights and Choices
See the Cradlepoint Global Privacy Notice, Part VI: Your Privacy Rights and Choices.

If you reside (and depending on where you reside) in the United States, you may also have additional legal rights with respect to your Personal Data. This Notice provides a way to exercise such rights for residents of California, Virginia, Colorado and Connecticut. For information about what categories of Personal Data we collect, the purposes for collecting and using that information, and what types of service providers we may share that information with, please click here. For purposes of this section, “Personal Data” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (or household, as applicable), each as defined by the relevant U.S. state law.

The laws of California, Virginia, Colorado and Connecticut grant some or all of the following rights to consumers who reside in those states:

  • The right to request information about Personal Data that we have collected in the 12 months preceding a request – including the categories of information collected, the source of that information, the business purpose of that collection, the categories of third parties with whom that information is shared, and the specific Personal Data collected about that particular Customer which information is provided in the table below;
  • The right to receive requested information in a readily-usable format if provided electronically;
  • The right to request that we delete any Personal Data about the consumer that we have collected (although we may be entitled to retain some information for certain purposes);
  • The right to opt-out of “sales” of personal information to third parties, the sharing of Personal Data with third parties for targeted advertising purposes, and/or the processing of Personal Data for targeted advertising purposes;
  • The right to update or correct any Personal Data which is out of date or incorrect; and
  • The right to be free from discrimination based on your exercise of your privacy rights.

To exercise your Privacy Rights under this Notice, please see the Cradlepoint Global Privacy Notice, Part VI: Your Privacy Rights and Choices or email us at privacy@cradlepoint.com.

Notice to Residents of California

Pursuant to the California Consumer Privacy Act (2018), as amended by the California Privacy Rights Act (2020) (collectively, “CA Privacy Laws”), Cradlepoint is a service provider in its provision of services to our Customers. We do not “sell” personal information in the ordinary sense of that term. That is, we don’t provide your personally identifiable information to third parties in exchange for money. But under California Privacy Laws, sharing information with third parties for targeted advertising purposes may be considered a “sale” of personal information. California residents have the right to opt out of such sharing. Please click here for instructions on how to opt out of such sharing.

If you are a former California employee and would like to exercise your rights with respect to Personal Data we collected in the course of your employment, please send an email with the subject line “California Former Employee Data Request” to privacy@cradlepoint.com.

For more information about how you can exercise your Privacy Rights, please see the Cradlepoint Global Privacy Notice, Part VI: Your Privacy Rights and Choices.

For ease of reference, please note that in the last 12 months, we have collected the following categories of Personal Data:

Category of Personal Data (corresponds to categories listed in California Consumer Privacy Act §1798.140(o)(1)) Examples
Category A: Identifiers Name, postal address, unique personal identifier, online identifier, Internet Protocol address, device ID, email address or other similar identifiers.
Category B: Personal Data listed in § 1798.80 of the California Customer Records statute A name, signature, address, telephone number, education, employment, billing and transactions information.
Category C: Characteristics of protected classifications under California or federal law Age, ethnicity, race, languages spoken, or gender. To the extent these characteristics are voluntarily disclosed to us or contained in any content transmitted across or stored on our networks.
Category D: Commercial Information Records and history of products or Services purchased or considered.
Category F: Internet or other electronic network activity information Interaction with our Web sites, applications, or advertisement, such as browsing history, search history, and related information.
Category G: Geolocation data Approximate physical location (derived from an Internet Protocol address)
Category H: Audio, electronic, visual, thermal, olfactory, or similar information Recordings of any phone or video calls between you and Cradlepoint
Category I: Professional or employment-related information Job title, employer name.

We may have disclosed this Personal Data to Affiliates, Business Partners and our service providers.

Annual Reporting of Requests

The data below reflects all requests received from individuals in the U.S. as well as certain requests from individuals outside of the U.S. in the past 12 months.

Requests Received Requests Completed* Requests Not Completed** Average Day to Complete
Data Access 2 2 0 13
Data Deletion 37 35 2 20.5
Do Not Sell My Personal Information 1 1 0 <1

* Requests partially or completely addressed
**Requests may not be completed due to various factors including because a request was not verifiable, was a duplicative request, where Cradlepoint was not the Data Controller or where we did not have any Personal Data associated with the requester.

Personal Data Sources

See the Cradlepoint Global Privacy Notice, Part II: What Information We Collect & How We Collect It.

Purposes for Which Personal Data is Used

See the Cradlepoint Global Privacy Notice, Part III: How We Use the Information.

Data About Children

We do not knowingly permit children (under the age of eighteen (18) to sign up for a Cradlepoint account. If you are under 18, please do not attempt to register for the Services or send any Personal Data to us. If we learn that we have collected any Personal Data from a child, we will take reasonable steps to delete that information as soon as possible. If you believe that a child may have provided us their information, please contact us at privacy@cradlepoint.com.

Other Regions

If you are in another region, we have not forgotten about you! There are just some specific requirements those regions ask us to put in our Privacy Notice. If you have questions regarding compliance with your country’s privacy or data protection laws, please reach out to us at privacy@cradlepoint.com.

Part VIII: Definitions

“Affiliate” means any entity that directly or indirectly controls, is controlled by, or is under common control with the subject entity. “Control,” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.

Applicant Notice” refers to our Privacy notice that explains our data processing as part of the recruitment and talent acquisition process. Affiliate means, among other entities, Cradlepoint’s parent company, Ericsson, Inc. and its affiliates. Affiliate means, among other entities, Cradlepoint’s parent company, Ericsson, Inc. and its affiliates.

Confidential Information” means any information or data, regardless of whether it is in tangible form, disclosed by either party (“Disclosing Party”) to the other party (“Receiving Party”) that is marked or otherwise designated as confidential or proprietary or that should otherwise be reasonably understood to be confidential given the nature of the information and the circumstances surrounding disclosure. Confidential Information of Customer includes Customer Data; Confidential Information of Cradlepoint includes the Services, Evaluation Services, and the terms and conditions of this Agreement. Confidential Information of each party includes business and marketing plans and strategies, technology and technical information, security reports and attestations, product plans and designs, and business processes disclosed by such party. Confidential Information does not include any information that (1) is or becomes generally known to the public without breach of any obligation owed to the Disclosing Party, (2) was known to the Receiving Party prior to its disclosure by the Disclosing Party without breach of any obligation owed to the Disclosing Party, (3) is received from a third party without knowledge of any breach of any obligation owed to the Disclosing Party, or (4) was independently developed by the Receiving Party without use of any Confidential Information of the Disclosing Party.

Channel Partner” means a Cradlepoint-authorized reseller, distributor, or systems integrator authorized by Cradlepoint to sell Services.

Cradlepoint” means Cradlepoint, Inc. or the Cradlepoint company otherwise specified in an order form or contract.

Customer” means the company or other legal entity accepting an Agreement as defined in the terms and conditions with Cradlepoint (or represented by the individual accepting an Agreement) or that is using or accessing the Services.

Customer Content” means all electronic data and information transmitted by or on behalf of the customer or its end users through use of the Services.

Customer Data” means all electronic data and information submitted by Customer for setup and provisioning of the Services, such as contact details for Customer’s end users. Customer Data does not include Customer Content.

Cradlepoint Data” means all information created, generated, collected, or compiled regarding Customer’s use of the Services and related to the provision, performance, and operation of the Services, in an aggregate and anonymous manner that does not identify Customer or Customer’s Confidential Information.

Data Controller” The data controller is the company or person who has the power to determine what happens to your data. Generally our Customer acknowledges that it is the data controller, as defined under applicable privacy laws.

Data Processor” The data processor only processes Personal Data on behalf and with the instruction of the data controller. We are generally the Data Processor for our Customers.

Documentation” means the applicable Service’s documentation, usage materials, and policies specifying the functionality of each Service, as updated from time to time, accessible via https://Customer.cradlepoint.com/s/ or login to the applicable Service.

End User” means an individual: (1) who is authorized by Customer to use a Service, (2) for whom Customer has purchased a subscription or otherwise provisions a Service, and (3) to whom Customer (or, when applicable, Cradlepoint at Customer’s request) has provided login credentials. end users may include employees, consultants, contractors and agents of Customer and its Affiliates.

Global Privacy Notice”, also called “Notice”. To provide you with reader-friendly information about our privacy practices and how we collect, use, process, and transfer your Personal Data.

Inquiry and Communications Information” Any information that you provide to us as part of a service request or request for communication or as part of using our Services.

Managed Service” means a combination of Channel Partner products or Services with the Cradlepoint Services that Channel Partner delivers to Channel Partner’s end Customers, which is (1) Channel Partner-branded in a manner that differentiates the Managed Service from the Cradlepoint Services and (2) supported by Channel Partner.

Personal Data” is anything that can directly or indirectly identify a living individual, or as how personal data is defined in any privacy law in the jurisdiction where you live. That can be your contact information, but also online identifiers such as your IP address, your geolocation, or your biometric or health data. Depending on your location, this data may also be called personal information.

Services” means (1) the products, Software, and services that are ordered by Customer under an Order Form, (2) services or features ordered online through use of the Services, (3) Evaluation Services, or (4) mobile applications made available by Cradlepoint. Services may be hosted on servers under control or direction of Cradlepoint or its third-party providers. Services exclude third party applications, products, or services not provided by Cradlepoint.

Sensitive Personal Data” refers to all Personal Data that is of confidential nature and may cause harm to an individual if it is misused. Because of the potential for harm, countries around the globe have created laws and regulations for it. For instance, the General Data Protection Regulation has defined a set of Sensitive Personal Data that is known as “special category data” that can only be used in limited circumstances. In the US, especially payment card data and medical data is considered as Sensitive Personal Data.

“Usage Data”: We may collect or process certain data relating to the performance and configuration of the Cradlepoint Services, and our Customers’ and their end-users’ consumption of and interaction and use of such Services.

Changes to our Privacy Notice

We may change this Notice from time to time, and if we do, the most current version will be available at Cradlepoint.com/privacy with the date indicating when it was last updated. These changes might be minor, such as updating an address or fixing a typo, or they might be material, such as making a change that affects your rights. If we make changes that affect your rights, we will provide advance notice to you, such as by posting a message in the NetCloud Manager portal or on our website, or we’ll send an email via the address we have on file for you. We will comply with applicable law with respect to any changes we make to this notice and seek your consent to any material changes if this is required by applicable law.

To see the prior version of the Privacy Notice, please click here.

Explore how Cradlepoint can help you unlock the power of LTE and 5G cellular for your network.

NETCLOUD HOW TO BUY