THIS TERMS OF USE AGREEMENT (“AGREEMENT”) DESCRIBES THE RIGHTS AND RESPONSIBILITIES RELATED TO YOUR USE AND ACCESS OF THE CLOUD SERVICE BETWEEN YOU AND CISCO. BY CLICKING ON 'AGREE', 'INSTALL,' SETTING UP YOUR DEVICE TO USE AN OPENDNS NAMESERVER, OR BY USING THE CLOUD SERVICE, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE WITH ITS TERMS, DO NOT CLICK 'AGREE' OR 'INSTALL' AND DO NOT SET UP YOUR DEVICE TO USE AN OPENDNS NAMESERVER OR OTHERWISE USE THE CLOUD SERVICE. IF YOU ARE LOCATED IN RUSSIA OR CHINA, YOU ARE NOT AUTHORIZED TO USE THE CLOUD SERVICE.

Section 1. Your Use of the Cloud Service

1. Your Use of the Cloud Service and Cisco Content. You may use the Cloud Service solely for your personal use in accordance with this Agreement and the Documentation. If you are using the OpenDNS Umbrella Prosumer package you may use the Cloud Service for your use in your small business for a maximum of five (5) users and three (3) devices per user. You are responsible for the accuracy and quality of Your Data, the means by which You acquired Your Data and Your use of Your Data with our Cloud Service. You will not (i) interfere with the Cloud Service, other customers' access to the Cloud Service, or with the security of the Cloud Service; (ii) sell, resell, or distribute the Cloud Service; (iii) make the Cloud Service available to third parties as a managed or network provisioned service; (iv) use the Cloud Service in a way that causes an unusual spike and negatively impacts the operating capability of the Cloud Service; or (v) attack or disrupt the Cloud Service, including denial of service (DoS), unauthorized access, monitoring or crawling, or distribution of malware (including but not limited to viruses, Trojan horses, worms, time bombs, spyware, adware, or cancelbots). If Your use of the Cloud Service requires or permits You to use any Cisco Content, You may only use such Cisco Content with the Cloud Service and with third-party products or service offerings that Cisco has identified as compatible with the Cloud Service.
2. You are responsible for Your Data. You may use the Cloud Service solely for your personal use in accordance with this Agreement and the Documentation. If you are using the OpenDNS Umbrella Prosumer package you may use the Cloud Service for your use in your small business for a maximum of five (5) users and three (3) devices per user. You are responsible for the accuracy and quality of Your Data, the means by which You acquired Your Data and Your use of Your Data with our Cloud Service. You will not (i) interfere with the Cloud Service, other customers' access to the Cloud Service, or with the security of the Cloud Service; (ii) sell, resell, or distribute the Cloud Service; (iii) make the Cloud Service available to third parties as a managed or network provisioned service; (iv) use the Cloud Service in a way that causes an unusual spike and negatively impacts the operating capability of the Cloud Service; or (v) attack or disrupt the Cloud Service, including denial of service (DoS), unauthorized access, monitoring or crawling, or distribution of malware (including but not limited to viruses, Trojan horses, worms, time bombs, spyware, adware, or cancelbots). If Your use of the Cloud Service requires or permits You to use any Cisco Content, You may only use such Cisco Content with the Cloud Service and with third-party products or service offerings that Cisco has identified as compatible with the Cloud Service.
3. Support. Technical support for the Cloud Service is limited to email support and the forum support available at https://www.opendns.com/support/. Should You submit technical support questions or comments to Cisco via the forum, You acknowledge and agree Cisco may edit and post those questions or comments with the response without revealing personal information on Cisco's forum support web site and that all such questions or comments shall be Cisco's property.

Section 2. Data Protection, Privacy & Confidential Information

1. How we use Your data. Cisco processes and uses Personal Data and Your Data to deliver, analyze, support and improve the Cloud Service and as otherwise permitted in this Agreement, Schedule 1 and the Cisco Online Privacy Statement. Cisco will maintain appropriate administrative, physical and technical safeguards, which are designed to protect the security, confidentiality and integrity of Personal Data and Your Data processed by Cisco. With the exception of any Personal Data submitted to the Cisco as part of Your use and/or access to the Cloud Service, Your Data will be treated as non-confidential by Cisco. Cisco may share Personal Data and Your Data with third party service providers consistent with the Cisco Online Privacy Statement in order to assist in providing and improving the Cloud Service as described in Schedule 1 below. Cisco contracts only with third party service providers that can provide the same level of data protection and information security that You expect from Cisco.
2. Telemetry Data. Cisco may process Telemetry Data to deliver, enhance, improve, customize, support, and/or analyze the Cloud Service and other Cisco offerings and otherwise freely use Telemetry Data that does not identify You.
3. International Data Transfers. Cisco may process and store Your Data and Personal Data outside of the country where it was collected. Cisco will only transfer Personal Data consistent with applicable law. To the extent Cisco processes any Personal Data from the EEA or Switzerland on Your behalf, we will do so in a manner consistent with the relevant EU- or Swiss-US Privacy Shield Principles or successor frameworks (“Principles”) (see www.commerce.gov/privacyshield). Where Cisco transfers Personal Data from an APEC Member Economy on behalf of You, Cisco will process such Personal Data in a manner consistent with the APEC Cross Border Privacy Rules Systems requirements (“CBPRs”) (see www.cbprs.org) to the extent the requirements are applicable to Cisco's processing of such data. If Cisco is unable to provide at least the same level of protection as required by the Principles or CBPRs, Cisco will promptly notify You and cease processing.

Section 3. Ownership and Software Licensing Rights

1. What You Own. You retain ownership in all intellectual property rights to Your Data.
2. What We Own. Cisco and its licensors retain ownership in all intellectual property rights to Cisco Content, the Cloud Service and its underlying technology, software, patents, know-how and associated documentation, in whole or in part, including all improvements, enhancements, modifications, and derivative works. You authorize Cisco to use feedback and ideas You provide in connection with Your use of the Cloud Service for any purpose without further obligation to You.
3. Software License & Restrictions. To use the Cloud Service, You may be required to download and install Cisco software (“Software”). Cisco grants you a limited, non-exclusive, non-sublicensable and non-transferable license to use the Software solely as required to use the Cloud Service. The Software may contain code that is subject to its own license terms. You may not and may not allow a third party to modify, reverse engineer, decompile, or otherwise attempt to derive the source code for the Software, or create derivative works of the Software except as legally permitted for interoperability purposes. You will not extract Cisco Content from the Software, or provide Cisco Content to a third party.

Section 4. Warranties, Disclaimers and Limitation of Liability

1. DISCLAIMER. THE CLOUD SERVICE, SOFTWARE, CISCO CONTENT AND ALL DOCUMENTATION PROVIDED BY CISCO HEREUNDER ARE PROVIDED “AS IS” AND “WITH ALL FAULTS,” AND CISCO EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND OR NATURE, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES OF OPERABILITY, CONDITION, TITLE, NON-INFRINGEMENT, NON-INTERFERENCE, QUIET ENJOYMENT, VALUE, ACCURACY OF DATA, OR QUALITY, AS WELL AS ANY WARRANTIES OF MERCHANTABILITY, SYSTEM INTEGRATION, WORKMANSHIP, SUITABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR THE ABSENCE OF ANY DEFECTS THEREIN, WHETHER LATENT OR PATENT. NO WARRANTY IS MADE BY CISCO ON THE BASIS OF TRADE USAGE, COURSE OF DEALING OR COURSE OF TRADE. CISCO DOES NOT WARRANT THAT THE CLOUD SERVICE, SOFTWARE, CISCO CONTENT OR THE DOCUMENTATION PROVIDED UNDER THIS AGREEMENT WILL MEET YOUR REQUIREMENTS OR THAT THE OPERATION THEREOF WILL BE UNINTERRUPTED OR ERROR-FREE, OR THAT ALL ERRORS WILL BE CORRECTED. CISCO DOES NOT GUARANTEE THAT THE CLOUD SERVICE WILL DETECT OR REVEAL ALL MALWARE, CORRUPT FILES OR VIRUSES ON YOUR ENDPOINT DUE TO THE CONTINUAL DEVELOPMENT OF NEW TECHNIQUES FOR INTRUDING UPON AND ATTACKING FILES, NETWORKS AND ENDPOINTS. CISCO DOES NOT WARRANT THAT THE CLOUD SERVICE WILL PROTECT YOUR FILES, NETWORK OR ENDPOINTS FROM ALL MALWARE, VIRUSES OR THIRD-PARTY MALICIOUS ATTACKS. YOU ACKNOWLEDGE THAT CISCO'S OBLIGATIONS UNDER THIS AGREEMENT ARE FOR YOUR BENEFIT ONLY.
2. LIMITATION OF LIABILITY. IN NO EVENT WILL CISCO BE LIABLE FOR (I) INDIRECT, INCIDENTAL, EXEMPLARY, SPECIAL OR CONSEQUENTIAL DAMAGES; (II) LOSS OR CORRUPTION OF DATA OR INTERRUPTED OR LOSS OF BUSINESS; (III) LOSS OF REVENUES, PROFITS, GOODWILL OR ANTICIPATED SALES OR SAVINGS OR (IV) ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE (REGARDLESS OF THE SOURCE OF ORIGINATION). THIS LIMITATION OF LIABILITY APPLIES WHETHER THE CLAIMS ARE IN WARRANTY, CONTRACT, TORT, INFRINGEMENT, OR OTHERWISE, EVEN IF EITHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT SHALL CISCO'S AGGREGATE LIABILITY TO YOU OR ANY THIRD PARTY ARISING OUT OF THIS AGREEMENT, THE CLOUD SERVICE, SOFTWARE, CISCO CONTENT AND/OR THE DOCUMENTATION EXCEED FIFTY U.S. DOLLARS ($50.00USD). CERTAIN LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES OR THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE ABOVE DISCLAIMERS, EXCLUSIONS, OR LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MIGHT HAVE ADDITIONAL RIGHTS.

Section 5. Payment and Renewal Terms.

1. Payment Terms. For fee-based Cloud Services, You expressly agree that Cisco is permitted to invoice and charge your credit card or accepted payment account the applicable fees, applicable taxes and any other charges that you may incur with Cisco in connection with your use of such fee-based Cloud Service. Such fees, taxes and related charges will be billed to the credit card or accepted payment account that you provide at the time a fee or charge is due and payable. You agree to allow Cisco, or our affiliates or services providers, to process and store your payment information. If payment is not received or cannot be charged to your credit card or accepted payment account for any reason in advance of the applicable subscription period, Cisco reserves the right to either suspend or terminate your access to the Cloud Service, and at Cisco's sole discretion, terminate this Agreement. All amounts owed hereunder are payable in U.S. Dollars and are based on the Cloud Service(s) purchased and not on actual usage. All fees are non-refundable, except where prohibited by law. The price of each Service does not include any taxes and you shall pay any applicable sales use, excise, withholding or other taxes applicable to the sale or furnishing of the Cloud Service and related Software. If sales tax is applicable, we will either (i) collect and remit such tax to the relevant State authority or (ii) you are responsible for paying this tax directly to the relevant authority.
2. Renewal Terms. In order to provide You with uninterrupted service, any fee-based Cloud Service will automatically renew for the subscription period applicable to the fee-based Cloud Service You purchased, unless You terminate the Cloud Service at least thirty (30) days before the end of the then-current term. If You terminate the Cloud Service at least thirty (30) days prior to the start of the next renewal period you will not be obligated to pay any additional fees for upcoming subscription renewal period(s), however, any fees that you previously paid in advance will not be refunded.

Section 6. Term and Termination

You may terminate the Cloud Service by simply cancelling your Cloud Service account, discontinuing Your use of the Cloud Service and uninstalling the Software. Cisco may terminate your access to all or any part of the free Cloud Service and Software at any time, with or without cause and with or without notice. Additionally, for any fee-based Cloud Service or Software, if You commit a breach of any provision of this Agreement which is not cured within thirty (30) days of written notice from Cisco, then Cisco may terminate your access to all or any part of the Cloud Service. The following sections survive the expiration or termination of this Agreement: Sections 2, 3, 4, the last sentence of Section 6, Sections 7 and 8, and Schedule 1.

Section 7. General Provisions

1. Assignment and Subcontracting. We may assign any of our rights or delegate any of our obligations under this Agreement in our sole discretion. We may also subcontract the performance of the Cloud Service to third parties. Any such subcontract will not relieve Cisco of any of its obligations under this Agreement. You may not assign this Agreement without the prior written consent of Cisco.
2. Modifications. As our business evolves, we may modify this Agreement and Your continued use of the Cloud Service will be deemed Your acceptance of the modified Agreement.
3. Export. Cisco's on-premise Software, Cloud Services, products, technology and services are subject to local and extraterritorial export control laws and regulations. You and Cisco each will comply with such laws and regulations governing use, export, re-export, and transfer of such on-premise Software, Cloud Services, products and technology and will obtain all required local and extraterritorial authorizations, permits or licenses. Specific export information may be found at: http://tools.cisco.com/legal/export/pepd/Search.do.
4. Compliance with Laws. Cisco will comply with all applicable laws when providing the Cloud Service. We may restrict the availability of the Cloud Service in any particular location or modify or discontinue Cloud Service features to comply with applicable laws and regulations. You will comply with all applicable laws and regulations related to Your receipt and use of the Cloud Service. You must ensure You have the right to use all features of the Cloud Service in Your jurisdiction. Cisco may also share information as necessary to comply with laws and subject to Cisco's policy on law enforcement requests found at http://www.cisco.com/c/en/us/about/trust-transparency-center/validation/report.html.
5. Governing Law and Venue. The Agreement, and any disputes arising out of or related hereto, will be governed exclusively by the applicable governing law below, based on Your primary domicile address and without regard to conflicts of laws rules or the United Nations Convention on the International Sale of Goods. The courts located in the applicable venue below will have exclusive jurisdiction to adjudicate any dispute arising out of or relating to the Agreement or its formation, interpretation or enforcement. Each party hereby consents and submits to the exclusive jurisdiction of such courts. Regardless of the below governing law, either party may seek interim injunctive relief in any court of appropriate jurisdiction with respect to any alleged breach of its intellectual property or proprietary rights.

   Your Primary Domicile Address	Governing Law	Jurisdiction and Venue
   United States, Latin America or the Caribbean	State of California, United States of America	Superior Court of California, County of Santa Clara and Federal Courts of the Northern District of California
   Canada	Province of Ontario, Canada	Courts of the Province of Ontario
   Europe (excluding Italy), Middle East, Africa, Asia (excluding Japan and China), Oceania (excluding Australia)	Laws of England*	English Courts
   Japan	Laws of Japan	Tokyo District Court of Japan
   Australia	Laws of the State of New South Wales	State and Federal Courts of New South Wales
   Italy	Laws of Italy	Court of Milan
   China	Laws of the People's Republic of China	Hong Kong International Arbitration Center
   All other countries or territories	State of California	State and Federal Courts of California

   *Where the governing law is the laws of England, no person who is not a party to this Agreement shall be entitled to enforce or take the benefit of any of its terms under the Contracts (Rights of Third Parties) Act 1999.
6. Notification. Cisco may provide You with notice via email, regular mail and/or postings on the www.opendns.com website or any other website used as part of the Cloud Service. Notices to Cisco should be sent to Cisco Systems, Office of General Counsel, 170 Tasman Drive, San Jose, CA 95134.
7. Force Majeure. Neither of us will be responsible for failure of performance due to a Force Majeure Event.
8. Reservation of Rights. Failure to enforce any right under this Agreement will not waive that right.
9. Severability. If any term of this Agreement is not enforceable, this will not affect any other terms in this Agreement.
10. Complete Agreement. This Agreement is the complete agreement between the parties concerning the Cloud Service and supersedes all prior or contemporaneous communications, understandings or agreements (whether written or oral) regarding this subject matter. The parties agree that the English version of this Agreement will govern in the event of a conflict between it and any version translated into another language.

Section 8. Definitions

"Cisco", "we", "our", or "us" means Cisco Systems, Inc. or its applicable affiliate.

"Cisco Content" means any Cisco-provided content or data including, but not limited to, geographic and domain information, rules, signatures, threat intelligence or other threat data feeds, suspicious URLs and IP address data feeds.

"Cloud Service" means the Cisco hosted software-as-a-service offering made available for free and for a fee at https://www.opendns.com/home-internet-security/. Cloud Service also refers to our OpenDNS nameservers that are available for free use on Your device(s) without registering for an account or Cloud Service package.

"Documentation" means the Cisco user or technical manuals, training materials, specifications, privacy data sheets, or other information applicable to the Cloud Service.

"Force Majeure Event" means an event beyond the affected party's reasonable control, including accidents, severe weather events, acts of God, actions of any government agency, epidemic, pandemic, acts of terrorism, or the stability or availability of the Internet or a portion thereof.

"Personal Data" means any information that can be used to identify You or another individual and may include name, address, email address, phone number, login information (account number and password), marketing preferences, social media account information, or payment card number.

"Telemetry Data" means all information and data that the Cloud Service generates in connection with Your use, including but not limited to, network policy, log and configuration information; threat intelligence data, URLs, metadata or net flow data; origin and nature of malware; the types of software or applications installed on a network or an endpoint; information about the devices connected to a network; information generated by sensors, devices and machinery; information related to the usage, origin of use, traffic patterns or behavior of the users of a network or Cloud Service; and information relating to the existence of cookies, web beacons, and other similar applications.

"You" or "Your" means the individual using and/or accessing the Cloud Service.

"Your Data" means all information and data that You provide or transfer to Cisco or that the Cloud Services collects from You or Your system(s) in connection with Your use of the Cloud Service or Software. Your Data does not include Telemetry Data.

Schedule 1: Personal Data Privacy.

A. Personal Data Processing:

Personal Data Category	Types of Personal Data	Purpose of Processing
Registration Information	Name Address Email Address User ID	Creating an account Data collected is for product enablement, product use notifications, training and support only
Usage and Event Data	DNS query data contained in DNS logs (including but not limited to: domain, DNS record type, DNS response, IP address, potential user email ID) Device ID IP logs	Data collected for: Product usage Cisco global threat intelligence research
Configuration Information Settings	Audit logs Policy settings Unique account	Data collected for: Product usage Provide information about the account
Support Information	Name Email Address Phone Number Customer Information	Data Collected for: Remote access support Review of the support service quality Troubleshooting Product analysis
Dashboard Activity Information	IP address User ID Country Region/state City Device type Operating system type	Data collected for: Analyze feature usage and product functionality

B. Cross Border Transfers:

When using the Cloud Service, based on dynamic Anycast routing decisions, Your Usage and Event Data (i.e., - DNS traffic) can be routed to any data center facility listed on our network map (set forth in Table 1 below), although normally the data center in which the traffic is routed will be the closest physical location to the individual initiating the DNS query. The Cloud Service is co-located in tier-1 data centers that feature state of the art physical and cyber security and highly reliable designs.

By default, Usage and Event Data is then sent to Amazon Web Services (AWS) data centers in AWS East and West regions of the United States, Frankfurt, and Ireland for additional processing, statistical analysis, and storage. This is necessary for the delivery of the Cloud Service, as big data analytics requires the examination of worldwide data in real time.

Additionally, where Schedule 1, Section A above specifies that certain data is processed for the purposes of Cisco global threat intelligence research, such processing is conducted by Cisco's global threat intelligence teams, “Talos” and “TIP”, which have data centers in the United States only (as set forth in Tables 2 and 3 below).

Cisco uses Salesforce and Zendesk for the processing and storage of limited customer and support information (if any) and the Salesforce and Zendesk data center locations are based in the United States. Additionally, Cisco employs support personnel globally, so a customer support agent based outside of Your country may need access to certain personal data to assist You in troubleshooting the Cloud Service. Cisco also uses Amplitude and Intercom for the processing and storage of Dashboard Activity Information. The Amplitude and Intercom data centers are both located in the United States.

Table 1 Network Map

Location	Provider	Certification
Amsterdam, Netherlands	Interxion	ISO27001/ISO22301
Ashburn, VA	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Atlanta, GA	Digital Reality	SOC2/SOC3/PCI-DSS/ISO 27001
Bucharest, Romania	NX DATA	ISO9001/ISO27001
Chicago, IL	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Copenhagen, Denmark	Interxion	ISO27001/ISO22301
Dallas, TX	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Denver, CO	CoreSite	ISO 27001/SOC 1 Type 2/SOC 2 Type 2/PCI DSS/HIPAA
Dubai, United Arab Emirates	Equinix	ISO27001/OHSAS/PCI/SOC1/SOC2
Dublin, Ireland	Interxion	ISO27001/ISO9001/ISO22301
Frankfurt, Germany	Equinix	SO27001/PCI/SOC1/SOC2/ISO9001
Hong Kong	Equinix	ISO27001/PCI/SOC1
Johannesburg, South Africa	Teraco	ISO27001/PCI/ISO9001
London, UK	Equinix	ISO27001/PCI/SOC1/SOC2/ISO9001
Los Angeles, CA	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Melbourne, Australia	NEXT DC	ISO27001/ISO9001/UpTime Institute Certified Tier 4
Miami, FL	Coresite	ISO27001/HIPAA/PCI/SOC1/SOC2
Milan, Italy	Equinix	ISO27001/ISO9001/PCI
Mumbai, India	STT	ISO27001/ISO20000/ISO14001/TL9000/PCI-DSS
New York, NY	Coresite	ISO27001/HIPAA/PCI/SOC1/SOC2
Palo Alto, CA	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Paris, France	Equinix	ISO27001/ISO9001/SOC1/SOC2/PCI-DSS/ISO50001/ISO14001/OHSAS18001
Prague, Czech Republic	CECOLO	ISO27001/ISO14001/ISO18001(OHSAS)/ISO9001
Reston, VA	Coresite	ISO27001/HIPAA/PCI/SOC1/SOC2
Rio de Janeiro, Brazil	Equinix	ISO 22301, SOC 1 Type II, PCI-DSS, SOC 2 Type II, ISO 9001-2008, ISO 27001
San Jose, CA	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Sao Paulo, Brazil	Equinix	ISO27001/ISO9001/SOC1/SOC2
Seattle, WA	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Singapore	Equinix	ISO27001/PCI/SOC1/SOC2/SS564
Sydney, Australia	Equinix	ISO27001/PCI/SOC1/SCO2
Tokyo, Japan	Equinix	ISO27001/PCI-DSS/SOC1/SOC2
Toronto, Canada	Equinix	ISO27001/HIPAA/FISMA/PCI/SOC1/SOC2
Vancouver, BC	Cologix	PCI/SOC1/SCO2/HIPAA
Warsaw, Poland	EdgeConneX	ISO27001/ISO9001/PCI-DSS

Table 2 Talos Data Centers

Location	Provider	Certification
Ashburn, VA	Equinix	NIST 800-53/FISMA, ISO 27001, SOC 1 Type II, SOC 2 Type II, PCI DSS, HIPPA
Sunnyvale, CA	Equinix	SOC 2 Type II, ISO 27001 and SSAE16 SOC 1 Type 1
Dallas, TX	Equinix	NIST 800-53/FISMA, ISO 27001, SOC 1 Type II, SOC 2 Type II, PCI DSS, HIPPA
Chicago, IL	Equinix	NIST 800-53/FISMA, ISO 27001, SOC 1 Type II, SOC 2 Type II, PCI DSS, HIPPA

Table 3 TIP Data Centers

Location	Provider	Certification
Carrollton, TX	Vazata	SSAE 18 SOC I Type 2

C. Access Control:

Personal Data Category	Who has access	Purpose of the access
Account/Contact Information	You	You modify and control certain admin information
	Cisco Umbrella staff	Provision Your account; billing/invoicing; supporting the service in accordance with our data access and security controls process
Usage and Event Data	You (only to Your DNS logs)	Set policies on Your network; monitor Your network
	Cisco Umbrella staff	Support of the service; improvement of the service
Configuration Information	You	Management and configuration of account
	Cisco Umbrella staff	Supporting/debugging/trouble shooting
Support Information	You	Provide feedback, point out technical issues, receive support
	Cisco Umbrella staff	Provide support for the service and troubleshoot customer issues
Dashboard Activity Information	Cisco Umbrella staff	Analyze feature usage and product functionality

D. Data Retention and Deletion:

You may request deletion of Your Personal Data by sending a notice to privacy@cisco.com. When You make a request for deletion, Cisco will purge the requested data from our systems to the extent required by applicable law and may retain administrative data required for legitimate business purposes (e.g. billing records).

The Cloud Service follows the below retention policies:

Type of Personal Data	Retention Period	Criteria for the Retention
Raw DNS query data (domain, DNS record type, DNS response, IP address) and Device ID	2 years or less	Automatically deleted after no later than 2 years
Email address, activation code, name, password	No official retention period, data is not deleted unless requested	n/a
Summarized log data	Up to 2 years	Automatically deleted no later than 2 years after creation of logs
Configuration Information	No official retention period, data is not deleted unless requested	n/a
Support Information	No official retention period, data is not deleted unless requested	n/a
Dashboard Activity Information	No official retention period, data is not deleted unless requested	n/a

E. Personal Data Security

Type of Personal Data	Type of Encryption
Raw DNS query data (domain, DNS record type, DNS response, IP address) and Device ID	AES 128 encryption in transit. Logs are not encrypted at rest, but encryption at rest is a roadmap item for the business.
Email address, activation code, name, password	Backups are encrypted with GPG

Cisco partners with service providers who contract to provide the same level of data protection and information security that you can expect from Cisco. A current list of sub-processors for the Cloud Service is below:

F. Third Party Sub-Processors

Sub-processor	Personal Data	Service Type	Location of Data Center
All data centers listed in Tables 1, 2, and 3 above	Usage and Event Data	To resolve DNS queries; global threat intelligence research	See locations in Tables 1, 2, and 3 above
AWS	Usage and Event Data and Configuration Information	Holds customer logs	AWS East and West U.S., Frankfurt, Ireland
Salesforce	Account/Contact and Support Information	To provision the service and provide support	Dallas, TX, USA Phoenix, AZ, USA
Zendesk	Support Information	To provide support	West Coast, USA Backup site in East Coast, USA
Amplitude	Dashboard Activity Information	To analyze feature usage and product functionality	USA
Intercom	Dashboard Activity Information	To analyze feature usage and product functionality	USA

G. Breach and Incident Notification Processes

The Data Protection & Privacy team within Cisco's Security & Trust Organization coordinates the Data Incident Response Process and manages the enterprise-wide response to data-centric incidents. The Incident Commander directs and coordinates Cisco's response, leveraging diverse teams including the Cisco Product Security Incident Response Team (PSIRT), the Cisco Security Incident Response Team (CSIRT), and the Advanced Security Initiatives Group (ASIG).

PSIRT manages the receipt, investigation, and public reporting of security vulnerabilities related to Cisco products and networks. The team works with Customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks. The Cisco Security Center details the process for reporting security incidents.

The Cisco Notification Service allows Customers to subscribe and receive important Cisco product and technology information, including Cisco security advisories for critical and high severity security vulnerabilities. This service allows Customers to choose the timing of notifications, and the notification delivery method (email message or RSS feed). The level of access is determined by the subscriber's relationship with Cisco. If you have questions or concerns about any product or security notifications, contact your Cisco sales representative.

H. Certifications and Compliance with Privacy Laws.

The Security and Trust Organization and Cisco Legal provide risk and compliance management and consultation services to help drive security and regulatory compliance into the design of Cisco products and services. Cisco and its underlying processes are designed to meet Cisco's obligations under the EU General Data Protection Regulation and other privacy laws around the world.

Cisco leverages the following privacy transfer mechanisms related to the lawful use of data across jurisdictions:

• Binding Corporate Rules
• EU-US Privacy Shield Framework
• Swiss-US Privacy Shield Framework
• APEC Cross Border Privacy Rules
• EU Standard Contractual Clauses

For more general information and FAQs related to Cisco's Security Compliance Program and Cisco's GDPR readiness please visit The Cisco Trust Center.

This Agreement was last updated and posted on April 14, 2020. View Archived Version