Skip to content
Catch the Censys Threat Busters at RSA | Complete a Demo for a Chance to Win a Meta Quest 3 | Summon a Demo

Privacy Policy

Effective Date of Privacy Policy: November 21, 2018

The team at Censys, Inc. (“we”, “our” or “us”) values your privacy, and we appreciate that many of your interactions with Censys products and services on https://censys.io (the “Site”) (collectively with the Site, “Censys”) involve sensitive data, including personally identifiable information (“Personal Information”). We are committed to being transparent about our privacy practices. This privacy policy broadly describes the Personal Information we collect and what we do with this data. When you use Censys, you’re consenting to the collection and use of your information as described in this privacy policy, so please make sure you review its terms carefully.

This privacy policy doesn’t apply to the practices of third parties (“Third Party Services”) that you opt to access through Censys. While we try to facilitate access only to those Third Party Services that share our respect for your privacy, we are in no way responsible for Third Party Services and encourage you to carefully review the privacy policies of any Third Party Services you access.

What information do we collect?

When you use Censys, we collect information about you and your actions on the Site. This includes:

  1. Your IP address: we automatically receive and record information from your web browser when you interact with Censys, including your IP address. This information is used to prevent abuse and also to facilitate collection of data concerning your interaction with Censys (e.g., what links you have clicked on). We may collect some device-specific information if you access Censys using a mobile device. Device information may include but is not limited to unique device identifiers, network information, and hardware model, as well as information about how the device interacts with Censys.
  2. Personal Information: by creating an Account and providing Personal Information to us, such as the name and contact information you provide when you establish a Censys account (“Account”), you allow us to identify you and therefore may not be anonymous. To make things easier for our users, you may be able to use your account credentials with Third Party Services (e.g. Google) to sign in to Censys. By doing so, you acknowledge that some third party account information may be transmitted into your Account with us, and that such third party account information transmitted to Censys is covered by this privacy policy. The Third Party Service may be collecting information about your browser or online activity through its own tracking technologies and subject to its own privacy policy.
  3. Logs of your search queries and other interactions with our servers: all content submitted by you to Censys may be retained by us indefinitely. Please note that if you terminate your Account, any association between your Account and information we store will no longer be accessible through your Account but may remain stored on our servers. We may continue to disclose such content to third parties in a manner that does not reveal Personal Information, as described in this privacy policy.
  4. Cookies: When you use the Site, we set a first-party cookie to uniquely identify your browser software over time on our site, and this cookie is recorded in our logs. Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. We strongly recommend that you leave cookies active; turning off the cookie feature may stop you from using some Censys products and services. This privacy policy covers our use of cookies only and does not cover the use of cookies by third parties. We don’t control when or how third parties place cookies on your computer. For example, third party websites to which a link on the Site points may set cookies on your computer.
  5. Email communications: We may receive a confirmation when you open an email from us. We use this confirmation to improve our service.
  6. Location information: Some of our Services may include features based on users’ actual locations and may report on users’ current locations (“Location-Based Services”). To the extent you voluntarily opt to use any Location-Based Services, we may collect and store information about your location at the time you use those Location-Based Services. This information can come from a variety of sources depending on the client you use to access the Services; for example, a mobile phone may report its GPS location at the time Location-Based Services are used.

In addition, we use third-party service providers and hosting providers who collect data on our behalf:

  1. We use a variety of third-party analytics services, including, but not limited to, Segment, Intercom, and Google Analytics, to measure user engagement with our products. These services record data about how you use our services, and Intercom reports to us when you open messages we send.
  2. We use Google Cloud to host parts of our servers. Google Cloud maintains additional logs of your computer’s interaction with its servers.
  3. We use Stripe to process payments. However, we do not receive your credit card information; use and storage of that information is governed by Stripe’s terms of service and privacy policy located at https://stripe.com/us/checkout/legal.

Your interactions with these third-party service providers will be governed by their privacy policies. Your participation and interaction with Censys on third-party social media sites will be governed by the relevant vendors’ privacy policies.

What We Share

We use the information we collect (either ourselves or through third-party services) to improve our service offerings, troubleshoot system issues, prevent abuse, and develop new features. We will sometimes use your contact information to send you information about our products and services, but we will not sell it to third parties for marketing.

We may share information we collect with our authorized third-party vendors, consultants, and service providers who perform services for Censys. These third-parties may only use or disclose information about you to perform services on Censys’s behalf, to comply with legal obligations, or as described in their privacy policies.

If we, or substantially all of our assets, are acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.

We reserve the right to access, read, preserve and disclose any information about you if we reasonably believe it is necessary:

  1. to comply with any applicable law, regulation, governmental request or legal process, to establish or exercise our legal rights or defend against legal claims, or as may be required for the purposes of national security;
  2. to protect our rights or property, or to prevent physical, mental, financial or other harm, injury or loss to us, our users or the public;
  3. to detect, investigate, prevent, or otherwise address suspect or actual illegal or inappropriate activity or exposure to liability, including fraud, security or technical issues (which includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention);
  4. to enforce this privacy policy and our Terms of Service and any other agreements between us, including investigation of potential violations of the same, or
  5. to respond to user support requests.

We reserve the right, solely at our discretion, to object to certain information disclosure requests that we believe to be improper.

California Privacy Right: Under California Civil Code sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal customer information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to the following address: 116 ½ S Main St Ann Arbor, MI 48103.

Information Security

We seek to protect Account information to ensure that it is kept private; however, we cannot guarantee the security of any Account information. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. We otherwise store all of our information, including your IP address information, using industry-standard techniques. We do not guarantee or warrant that such techniques will prevent unauthorized access to information about you that we store, Personal Information or otherwise.

Changes to Our Privacy Policy

We may need to revise our privacy policy from time to time. If we make changes, we will post the most-up-to-date version at https://censys.io/privacy. To facilitate easier review, we will update the policy version and effective date on that page. If we make major changes, we will notify registered users by email. Your continued use of Censys after the effective date of such changes constitutes your acceptance of such changes.

Contact Us

If you have any questions regarding our privacy policy, please contact us by email at legal@censys.io.

EU Users

If you are located in the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data (as defined in the GDPR). We are the controller of your Personal Data except where we process Personal Data of our customers’ end users and employees in connection with our provision of services to these customers, making us the processor of such Personal Data and those customers the controllers of the Personal Data. For questions about cases where we are the controller of your Personal Data, or to inquire about your rights in such cases where applicable, please contact us at legal@censys.io. For more information about potential rights under the GDPR in cases where we are the processor, and to exercise such rights where applicable, please contact the controller party in the first instance. To the extent we are a controller of Personal Data, we process data where we have a legitimate interest in doing so, to comply with our legal obligations or otherwise only with your consent, and in each case, in accordance with this Privacy Policy.

Where we are a controller of Personal Data, you have certain rights with respect to your Personal Data, including those set forth below. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

  1. Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by emailing us at legal@censys.io.
  2. Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. Erasure: You can request that we erase some or all of your Personal Data from our systems.
  3. Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
  4. Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
  5. Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
  6. Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
  7. Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Attack Surface Management Solutions
Learn more