SonicWall and GDPR
SonicWall works hard to ensure compliance with data privacy requirements including, without limitation, GDPR (by which we mean both the EU’s original version and the version in effect in the UK after Brexit, which is substantively the same).
SonicWall takes data protection and information security seriously and has implemented policies and procedures for safeguarding personal data that is stored, processed and/or transferred by SonicWall. For instance, SonicWall has implemented physical and logical access restrictions, access rights restrictions, credentialing programs, and training programs to ensure staff are made aware of our and their responsibilities to comply with data protection law. SonicWall also works to ensure it has the necessary network security for its product offers that operate in a hosted environment.
To learn more about how SonicWall collects, uses, and shares the personal data that we collect through our website and the use of our products and services, please review the SonicWall Privacy Statement.
How do data privacy requirements apply to SonicWall products?
For the most part, SonicWall does not access, collect, or use the personal data of individuals via our products. Rather, SonicWall products help customers enable security in their networks and to better comply with the various data privacy regulations, including GDPR.
However, SonicWall may be subject to certain aspects of data privacy regulations where, for example, SonicWall hosts a customer solution that allows a customer to process, access or use personal data in that hosted environment. In those cases, SonicWall must ensure that adequate security is in place to protect that personal data.
For instance, data privacy regulations do not apply to SonicWall firewall hardware appliances without a subscription to the SonicWall Capture Advanced Threat Protection sandbox service. Privacy regulations may apply to the SonicWall Capture Cloud Platform and SonicWall’s Cloud Edge Secure Access to the extent it enables end-user designated personnel to access their network data in an environment hosted by SonicWall.
SonicWall hosted solutions
SonicWall maintains systems used for its hosted solutions and also leverages third parties, such as Amazon Web Services (AWS). SonicWall uses a number of technological and operational approaches in its physical security program to mitigate security risks to the extent reasonably practicable. In addition, SonicWall works to ensure that it and its third-party providers have the appropriate safeguards in place to protect personal data as required by applicable privacy regulations.
Our team works to determine the appropriate measures to be used to prevent unauthorized persons from gaining access to systems within which data is processed and continually monitors any changes to our physical infrastructure, business and known threats.
SonicWall also considers best practice measures used by others in the industry while balancing its approach toward security by considering elements of control that include architecture, operations and systems.
SonicWall customers are given the opportunity to choose the location of their primary data center where their information will be hosted. However, limited data may be transferred to other SonicWall locations for the purpose of providing services to our customers.
Can SonicWall help companies become compliant with privacy regulations?
SonicWall acts as a provider of network security and content-based security solutions, and security of data is a key aspect in achieving data privacy principles.
We assist companies to secure their data in a smarter way. In the wake of burgeoning legislation and increased hacker intelligence, it is vital for organizations to secure their networks. Using high-performance Deep Packet Inspection, SonicWall can spot ransomware and other nefarious traffic and behavior from among encrypted files, further safeguarding an organization.
SonicWall provides industry-leading machine learning technology to detect and block ‘never-before-seen’ malware and protect against zero-day vulnerabilities.
How can I find a copy of the data processing agreement applicable to my use of SonicWall’s products?
You may download and sign our Data Processing Agreement (DPA) using our online version found here.
Who are your sub-processors, what do you use them for, and where are they located?
The sub-processors we use that are relevant to our hosted products depend on the specific SonicWall products and services you use. You may view our sub-processor list by clicking here.
Who can I contact if I have additional questions?
You may contact SonicWall directly by sending an email to dataprivacy@sonicwall.com or you may contact your sales representative.
General Disclaimer: The information on the SonicWall website is not an exhaustive review of all elements of applicable privacy regulations, nor is it legal advice. Please seek guidance from your own legal consultants.