Last Updated: January 1, 2024

In order to ensure transparency and give you more control over your personal data, this privacy policy (“Privacy Policy”) governs how we, Rotate Inc. (“Rotate”, “we”, “our” or “us”) use, collect and store personal data that we collect or receive from or about you (“you”) in connection with (“Website) and the services provided to our customers (“Customer”) (“Services”).

We greatly respect your privacy, which is why we make every effort to provide a Platform that would live up to the highest user privacy standards. Please read this Privacy Policy carefully, so you can fully understand our practices in relation to personal data.

Important note: Nothing in this Privacy Policy is intended to limit in any way your statutory rights, including your rights to a remedy or other means of enforcement.

Table of Contents:

  1. What personal data we collect, why we collect it, and how it is used
  2. Customer information
  3. How we protect and retain your personal data
  4. How we share your personal data
  5. Your privacy rights
  6. International transfers of personal data
  7. Use by children
  8. Interaction with third-party products
  9. Analytic tools/Cookies
  10. Specific provisions applicable under California privacy law
  11. Contact us

Rotate is a B2B company. At Rotate, our goal is to make cybersecurity accessible and manageable for small to medium-sized businesses. We offer end-to-end services that are both affordable and easy to use.

This Privacy Policy can be updated from time to time and, therefore, we ask you to check back periodically for the latest version of this Privacy Policy. If we implement material changes in the way we use your information, in a manner that is different from that stated at the time of collection, we will notify you by posting a notice on our Website or by other means and take any additional steps as required by applicable law.


(i) We Process the Following Personal Data:

  • a. Personal Data provided via the Services. We collect personal data that you (as our Customer or the Customer user) voluntary provide us, such as your full name, email address, log-in details, your company’s domain, type, industry, as well as any other data that you decide to provide us. In addition, we collect some information via cookies, pixels, tracking technologies and similar identifiers, including IP address, device details, usage pattern of the Services. We also collect the contact and billing information of our Customers.
  • b. Data provided through the Website. When you use the Website, we collect and process full name, email address, phone number, your comments and/or messages when you interact with the Website, for example, when you send us a request for a demo or contact us.
  • c. Data automatically collected via the Website. We automatically collect certain information through your use of Rotate's Website, such as cookies, pixels, tracking technologies and similar identifiers, your Internet protocol (IP) address, and other device identifiers that are automatically assigned to your device.
  • d. Data you provide to us in person. For example, when you visit one of our exhibition booths or attend one of our events, provide us with your contact details. We will use this information to answer your enquiries or provide additional information to you.
  • e. Data we collect from other online interactions. For example, if you attend a webinar, contact us via social media or otherwise interact with our business, including as a representative of a current/prospective Customer, supplier, or partner, we track and make a record of those interactions, which may contain your contact details, such as full name, email address, messages, and any other information that you decide to provide us with.

(ii) We process information for the following purposes:

  • a. To provide our Customers (or you directly) with the Services. We will use the data, including, without limitation, for the following purposes: (i) allow you to create an account; (ii) fulfill any instruction and/or request made by you in the context of the Services; (v) send you emails and notifications regarding your account or certain features of the Services, including updates pertaining to your subscription, and related to the services we provide you with; (vi) to personalize your experience with our Services; (vii) to allow you to create more users and administrate your users; (viii) to generally administer and improve the Services; (ix) send you security alerts regarding your organization and other team members or employees; and (x) scan public resources in the internet and dark net regarding you, your organization, and other employees.
  • b. To allow you to make use of our Website. We will use your personal data to allow you to make use of our Website, including, (i) if you request a demo, we will use your personal data to process and answer your request for a demo; (ii) to answer your questions and to allow you to communicate with us; (iii) to analyze your use of our Website and to improve our Website; and (iv) to customize your experience.
  • c. For Administrative Purposes. Rotate use your information (i) to respond to your questions, comments, and other requests for Customer support, or information, including information about potential or future services; (ii) to provide you with the Rotate’s Services; (iii) for internal quality control purposes; (iv) to establish a business relationship; and (v) to generally administer the Rotate Services.
  • d. To Market our Website and Services. Rotate uses personal data to market its Services. Such use includes (i) notifying you about offers and services that may be of interest to you; (ii) developing and marketing new products and services; (iii) other purposes disclosed at the time you provide information; and (vi) as you otherwise consent.
  • e. Internal Security purposes. Some of the above mentioned data will be used for detecting, taking steps to prevent and prosecuting fraud or other illegal activity; to identify and repair errors; to conduct audits; and for our security purposes. Data may also be used to comply with applicable laws, investigations performed by the relevant authorities, law enforcement purposes, and/or to exercise or defend legal claims.
  • f. De-identified and Aggregated Data Use. In certain cases, we may or will anonymize or de-identify your Information and further use it for internal and external purposes, including, without limitation, to analyze and improve Rotate services (including through the use of artificial intelligence) and for research purposes. We will use this anonymous or de-identified information and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them and/or to develop new product features and improve existing offerings).
  • g. Cookies and Similar Technologies. We, as well as third parties that provide content, advertising, or other functionality on the Rotate Website and Services, use Technologies to automatically collect information through the Website and Services. We use Technologies that are essentially small data files placed

On your device that allow us to record certain pieces of information whenever you visit or interact with the Website and Services. If you would like to opt out of the cookies and similar technologies we employ on the Website and Services, you may do so by blocking, deleting, or disabling them as your browser or device permits.


  • a. Rotate is processing Customer information on behalf of the Customer. Therefore, the Customer is the responsible party for the security, integrity, and authorized usage of Customer information in the context of the Services and also for obtaining consents, permissions and providing any required data subject rights and fair processing notices required for the collection and usage of such Customer information.
  • b. Customer information is not regulated by this privacy policy, and this paragraph is provided only for transparency purposes. Customer and Rotate shall execute an agreement to regulate the provision of the Services.
  • c. If you are a Customer user and you have any questions related to the Customer information practices and/or the Services, please contact the Customer directly.
  • d. In order to provide our Services, our Customers should give us access to their environments and platforms (e.g., via Google APIs such as Gmail API, Admin SDK API, Google Workspace Marketplace SDK) for Rotate to scan it and find security risks, vulnerabilities, misconfigurations, and real-time attacks. Generally speaking, we do not control the categories of data that we access, since it depends on the data that the Customer has on its environment and platforms, and to which data the Customer will allow us access to. This access is limited to privileges the Customer will give us such as access to see and extract data. Without derogating the above, we will make efforts to minimize our access to personal data and make sure, to the extent possible, that no human shall access such data directly unless it is necessary to provide our cybersecurity services.
  • e. In the course of providing our Services, we will share data or meta data with our Customers that may include personal information (e.g., when we identify an account is sending malware).


  • 3.1. Security: We have implemented and maintain reasonable technical, organizational, and security measures designed to protect your information. However, please note that we cannot guarantee that the information will not be compromised as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device, or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.
  • 3.2. Retention of your data: Your data will be stored until we delete our records, and we proactively delete it, or if you or our Customers send a valid deletion request. Please note that in some circumstances we store your data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, and/or (iii) if we reasonably believe there is a prospect of litigation relating to your data or dealings.


  • 4.1. The data Rotate gathers is shared with our partners and other third parties.
  • 4.2. We also share data with our affiliated companies about you.
  • 4.3. We use third-party service providers to process your information for the purposes outlined above, including, without limitation:
  • 4.3.1. With cloud service providers for hosting purposes;
  • 4.3.2. With websites and web content creation platforms to help us manage our Website;
  • 4.3.3. With email providers, marketing, CRM, and other similar tool providers;
  • 4.3.4. With analytic companies to help us understand and analyze data we collect in accordance with this policy; and
  • 4.4. To the extent necessary, with regulators, courts, banks, or competent authorities, to comply with applicable laws, regulations, and rules (including, without limitation, federal, state, or local laws), and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order, as well as for internal compliance procedures and to protect the safety, security, and integrity of Rotate, our Services, Customers, employees, property, and the public.
  • 4.5. If, in the future, we sell or transfer, or we consider selling or transferring, some or all of our business, shares, or assets to a third party, we will disclose your data to such third party (whether actual or potential) in connection with the foregoing events (including, without limitation, our current or potential investors). In the event that we are acquired by, or merged with, a third-party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your data in connection with the foregoing events.
  • 4.6. Where you have otherwise provided your consent to us for sharing or transferring your data.


  • 5.1. The following rights (which may be subject to certain exemptions or derogations) shall apply to certain individuals (some of which only apply to individuals protected by specific laws):
  • i. You have the right to withdraw consent to the processing, where consent is the basis of processing.
  • ii. You have the right to access the personal data that we hold and request further details about how we process it, under certain conditions.
  • iii. You have the right to demand rectification of inaccurate personal data about you. We will promptly correct any information found to be incorrect.
  • iv. You have the right to object to unlawful data processing under certain conditions.
  • v. You have the right to the erasure of past data about you (your “right to be forgotten”) under certain conditions.
  • vi. You have the right to demand that we restrict the processing of your personal data, under certain conditions, if you believe we have exceeded the legitimate basis for processing, the processing is no longer necessary, or if you believe your personal data is inaccurate.
  • vii. You have the right to data portability of personal data concerning you that you provided us in a structured, commonly used, and machine-readable format, subject to certain conditions.
  • viii. The personal data we collect is not used for automated decision-making and profiling, except for automated processes in the context of marketing. As stated above, you can opt out of direct marketing by Rotate by contacting Rotate directly or by following the instructions through the unsubscribe options in our email messages.
  • 5.2. You can exercise your rights by contacting us at +972-54-7246810. You may use an authorized agent to submit a request on your behalf if you provide the authorized agent with written permission signed by you. To protect your privacy, we may take steps to verify your identity before fulfilling your request. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes before processing and/or honoring your request. We reserve the right to charge a fee permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.
  • 5.3 Deleting your account: Should you ever decide to delete your account, you may do so by emailing If you terminate your account, any association between your account and personal data we store will no longer be accessible through your account. However, given the nature of sharing on certain services, any public activity on your account prior to deletion will remain stored on our servers and will remain accessible to the public.
  • 5.4 Marketing emails – opt-out: You may choose not to receive marketing email of this type by sending a single email with the subject "BLOCK" to Please note that the email must come from the email account you wish to block OR if you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails, and we will process your request within a reasonable time after receipt.


  • a) In order to run our business and provide our Website and Services to you, we transfer personal data to certain countries around the world, including to our affiliates and service providers, many of whom are located outside of your jurisdiction. Therefore, your personal data may be processed in countries with privacy laws that are different from privacy laws in your country. Whenever we make such transfers, we will use commercially reasonable efforts to implement an appropriate level of protection to your personal data by implementing at least one of the following safeguards:
    • making sure the destination country has been deemed to provide an adequate level of protection for personal data; and/or
    • by executing implement data onward transfer instruments such as data processing and protection agreements.


  • We do not offer our products or services for use by children and, therefore, we do not knowingly collect information from, and/or about children under the age of 18. If you are under the age of 18, do not provide any information to us without the involvement of a parent or a guardian. In the event that we become aware that you provide information in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us at


  • We enable you to interact with third party websites, mobile software applications and products or services that are not owned, or controlled, by us (each, a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect information from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.
  • We reserve the right to remove or add new analytic tools, cookies, pixels, and other tracking technologies.
  • 10.1 California Privacy Rights: California Civil Code Section 1798.83 permits our Customers who are California residents to request certain information regarding our disclosure of information to third parties for their direct marketing purposes. To make such a request, please send an email to Please note that we are only required to respond to one request per Customer each year.
  • 10.2 California Do Not Track Notice:
    • Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
  • If you have any questions, concerns, or complaints regarding our compliance with this notice and the data protection laws, or if you wish to exercise your rights, we encourage you to first contact us at