Password Defense Privacy Policy

Last updated: May 10,  2024

At Intersections, LLC  (“Pango”, “we”, “us”, or “our”), a Pango Group company, we believe it’s important that everyone, regardless of their situation, can obtain secure and private access to the internet. We always aim to provide this access without compromising the privacy of our customers.

This Privacy Policy describes the privacy practices associated with our Password Defense service which includes web browser and/or mobile application software, as well as any affiliated products described in this privacy policy (we refer to these collectively as our “services”).

See the Contact Us section below for more information about Pango and contact details.

By accessing and using our Services, you freely and expressly consent to the collection, use, processing, storage, and disclosure of your personal data as set out in this Privacy Policy.

Key Assurances

Pango does not collect or use any of the personal information collected through our Password Defense  service for third party advertising or marketing purposes. Each of the Pango online security products and services are designed to protect you. While some of these security features are provided by third parties with whom we contract, these companies are prohibited from using any user-specific information for anything other than providing and/or improving the products and services. 

1. When We Collect Personal Data 

We may collect personal data that you provide when you:

  • Register for our Services.
  • Update or otherwise use your account, including billing information (when applicable).
  • Engage with the services
  • Interact with us including through our newsletter or through customer support.
  • Contact us.

2. Types Of Information We Do and Do Not Collect

Information we DO NOT collect

Pango does not store or otherwise associate the websites you visit, accounts you store, or other information referenced with the Password Defense software for any purposes other than to support your use of our products and services.  This may include related Pango products or releases such as ‘dark web monitoring’ where we may associate your password-related information with potentially exposed data security incidents from third parties.  

Information we DO collect

When you register for an account, we collect:

  • Account registration information such as a username and password and the timestamp the account was created and updated. 
  • Email address and phone number for billing purposes (when applicable). 
  • Payment information such as credit or debit card (when applicable). 
  • Information you provide when you contact us including any information you provide when you inquire about our services or interact with our customer service team or chat tools which may include your contact information such as name and email address. 

When you use our services, we collect: 

  • Usernames or other login credentials and associated passwords used to auto-populate your designated websites or apps on-demand.  This information is encrypted immediately upon entry, or stored locally on your device.  
  • Metadata associated with your website and/or mobile app usage such as IP address, date/time of use, pages visited, duration of time spent, and other device or browser-specific information.  

3. How We Use Your Personal Data 

We use the personal data we collect for the following purposes:

  • To operate and improve our Services.
  • To process payments securely (when applicable).
  • For customer support.
  • To communicate with you, including via our newsletter. 
  • For marketing and advertising.
  • For other business and legal purposes, such as to detect and prevent fraud, to collect amounts owing to us, and to maintain business records.
  • With your consent.

How We Use Your Login Credentials 

Even though you may enter the name of the website associated with your stored login credentials, Pango does not collect, store or track the websites or mobile apps you visit in order to enter the stored credentials. In the interest of transparency, we do collect and use the following information associated with your account:

  • Whether biometric authentication is enabled or not
  • Whether account auto-save is enabled or not
  • Whether your preferences are set for autofill  

4. How We Disclose Your Personal Data

We may disclose your personal information with your express consent, such as if we introduce a partnership or co-marketing opportunity to you. We may also share your personal data under the following circumstances; 

  • To corporate affiliates of Intersections LLC or Pango GmbH, including other companies within the Pango Group family of companies. 
  • Vendors or service providers who operate as personal data ‘processors’ on our behalf and have no independent rights to use your information for their own benefit. For example, we may disclose your name and email address to email service providers who help us provide our email newsletters.
  • We use vendors to help us manage and optimize our Website, which may include the use of pixel tags to collect anonymous website metrics. See the Cookies and Pixel Tags section below for more information about these uses. 
  • Help us provide our chatbot. This may include disclosure of the communications with our service provider. The contents of the communications will not be used for any purpose other than to support us, but will be subject to the chatbot provider’s applicable terms of use, privacy and security policies. 

In addition, we may share your personal data:

  • In order to:
    • Protect the legal rights of our company, our employees, our agents, and our affiliates.
    • Protect the safety and security of our customers.
    • Detect and protect against fraud.
    • Comply with law or legal process.
  • As part of a business transition.
    • We may also share your personal data with prospective purchasers in a confidential method exclusively to evaluate the proposed transaction.
    • We may also share your personal data with another company that buys the assets or stock in us. That company may use and disclose personal data for purposes similar to those described in this Privacy Policy.

We may share aggregate or anonymous information for any purpose. This means that the information we share does not identify specific individuals, or is combined with other data to protect your privacy.

5. Your Privacy Choices

You have the right to exercise the following choices with our use of your personal data:

  • Access the personal data we maintain about you. 
  • Delete the personal data we maintain about you. 
  • Correct inaccurate personal data we maintain about you
  • Opt out of certain uses of your personal data, notably:
  • Email marketing. You can unsubscribe to our email list by clicking the unsubscribe link at the bottom of marketing emails.

You can exercise these rights by contacting us at privacy@pango.co

6. Cookies and Other Tracking Technologies

Pango uses various technologies in our services to help us collect website or app user information. These technologies include:

  • Cookies. Cookies enable Pango or third parties that we allow to set cookies on your device to recognize visitors to our websites. For more information on how we use cookies, please review the cookie notice associated with each product website indicated below.  We use cookies:
    • To provide our services. Some cookies are essential for the proper operation of our services. For example, cookies allow us to authenticate who you are and whether you’re authorized to access a resource.
    • To store your preferences. Cookies can store your preferences, such as language preferences or whether to pre-fill your username on sign in forms. We may also use them to optimize the content that we show to you.
    • For analytics. Cookies are used to inform us how users interact with our services so we can, as a legitimate interest, improve how they work (such as what screens or webpages you access, and whether our advertising is effective).
    • For security. Cookies can enable us and our payment processors to detect certain kinds of fraud.
    • For Pango’s advertising-related purposes. We advertise our services online with the help of third parties who show ads and marketing about us on sites around the internet.  
  • Pixel Tags / Page Tags / Web Beacons / Tracking Links.  These tools allow us to determine if you perform a specific action on a web page or email message. When you access a page, ad, or email, or click a link, these items let us know that you have accessed that page, opened an email, or clicked a link. They may also indicate your Internet Protocol (IP) address, which enables Pango to determine your approximate geographic location as assigned by your Internet Service Provider. 
  • Software Development Kits (SDKs). This mobile app software is provided by our business partners that let our mobile apps interact with the services those partners provide. 

7. Security

Pango employs a range of administrative, organizational, technical, and physical safeguards designed to protect your data against unauthorized access, loss, or modification. Passwords are protected through Pango’s security infrastructure, including with Transport Layer Security (TLS) and Advanced Encryption Standard (AES) 256 encryption. In addition, access to your Pango Account Information and Services Information is restricted to our employees who require such access to perform their job functions. While our controls are strong, no data security measures can guarantee 100% protection.

8. Retention

We will retain your account and payment information (when applicable), as well as any login credentials you enter into the Password Defense service for as long as your account is active or as needed to provide you with the Services, and for a reasonable time thereafter in accordance with our standard procedures or as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements. As previously mentioned, Pango does not retain any information about your website visits or mobile apps utilized in conjunction with the Password Defense service. 

Even if we delete some or all of your personal data, we may continue to retain and use aggregate or anonymous data previously collected and/or anonymize or aggregate your personal data. 

9. U.S. State-Specific Disclosure

Some U.S. states have enacted comprehensive privacy laws that require businesses to offer an opt out of the “sale” or “share” of your personal data for targeted advertising. We do not sell or share your personal data for targeted advertising purposes as defined by any state law. 

The Password  Defense service collects and stores login credentials, which some states define as ‘sensitive personal information’. As noted above, Pango will retain this information as long as your account is active, and you can control the use of this information at any time through your access to the Service. 

10. UK/EEA Residents Notice  

Residents of the United Kingdom (“UK”) and European Economic Area (“EEA”) are provided certain privacy rights under the UK and EU General Data Protection Regulations (“GDPR”).

Legal Basis

Under the GDPR, we process ‘Personal Data’ (as defined in the GDPR) under the following legal basis.

Processing ActivityLegal Basis under GDPR
Use of our Password Manager services Contract fulfillment
Placement of cookies through our WebsiteConsent
Implementing our customer support toolsContract fulfillment 
Improving our Website and ServicesLegitimate Interest
Product, Marketing, or Service-Related Communications Legitimate Interest

Controller Designation

Under the GDPR, we are designated as a ‘Controller.’

Cross-Border Data Transfers

Our services are currently operated in the EU, but we reserve the right to transfer account-related information to servers in the United States or another location of our choosing.  If you are a resident of the EEA, UK, or Switzerland, we may transfer to, and store the data we collect about you, to countries other than the country in which the data was originally collected, including the United States. Those countries may not have equivalent data protection laws as the country in which you provided the data. When we transfer your data to other countries, we will protect the data as described in this Privacy Policy and comply with applicable legal requirements providing adequate protection for the transfer of data to countries outside the EEA, UK, and Switzerland. We rely on Standard Contractual Clauses (“SCCs”) for the transfer of personal data to countries that have not received an applicable adequacy decision, as well as the UK’s ‘International Data Transfer Addendum’ to the SCCs.

For more information on cross-border transfers of your Personal Data or the appropriate safeguards in place, please contact us at privacy@pango.co

Data Protection Officer

We have appointed a Data Privacy Officer to oversee compliance with this Privacy Notice. If you have any questions about this Privacy Notice or how we handle your Personal Data, or would like to request access to your Personal Data, please contact our Data Protection Officer at DPO.pango@twobirds.com.  

Additional Rights for UK or European Economic Area Residents

In addition to the rights granted above, if you are a UK or EEA resident, the GDPR grants you the right to lodge a complaint against us with your local data protection authority. You can find your data protection authority at https://edpb.europa.eu/about-edpb/about-edpb/members_en

11. Children’s Privacy

We do not intentionally collect any personal data from children under the age of 16. If you are under the age of 16, please ask a parent or guardian for help in using our Website or Services. If you believe we have obtained personal data associated with children under the age of 16, please contact us at privacy@pango.co and we will delete it.  

Our Services may contain links to other websites or services. We do not exercise control over the information you provide, or is collected by these third party websites. We encourage you to read the privacy policies or statements of the other websites you visit.

13. Changes To This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated Privacy Policy on this page with a “Last Updated” effective date of the revisions. We encourage you to look for updates and changes to this Privacy Policy by checking this page when you access our Services. 

14. Contact Us

If you have any questions about our privacy or security practices, or if you would like to request access to or correction of your personal data, you can contact us by email at at privacy@pango.co or at:

Intersections, LLC

250 Northern Ave.

3rd Floor

Boston, MA 02210