IronKey Privacy Policy

Updated: January 19, 2012

At IronKey, we believe privacy protection is critical to all IronKey customers. As a leader in Internet privacy and security solutions, IronKey knows the value of personal information and understands your concerns about privacy. We believe that you have the right to know how we collect and use your personal information. Consequently, IronKey strives to protect your information from individuals and organizations that do not have the right to see or use your personal information. IronKey values your trust and respects your privacy, and is committed to protecting them on your behalf.

How does IronKey gather and use customer information?

You are the sole owner of information that you back up to the IronKey site using IronKey services. IronKey is the sole owner of all other information collected on this site. We will not sell, rent, trade or lease this information to others in ways different from what is disclosed in this statement. We will only share information with third-party agents who provide services for our internal business operations (for example: payment processors). These agents must comply with our privacy policies and cannot use your personal data for any other purpose.

When you place an order, contact technical support, activate your product, download software or respond to our promotional campaigns, we may gather certain personal information from you to respond to your request. For example, we may collect information such as your credit card number, contact information, billing and shipping address and use it to complete your order. If we have trouble processing an order, this contact information may be used to get in touch with you. IronKey does not store your credit card or CVV2 numbers.

For your protection and ours, all information on the order sheet, including credit card holder’s name, number, billing address, is subject to verification prior to processing any order. This is to prevent fraud, and the unlikely use of the credit card without the cardholder’s permission. Your billing information is not correlated with your Internet activities because our billing system and IronKey privacy and security services operate independently. We may use aggregate information to improve our website, but that information is never personally identifiable.

How does IronKey protect customer data?

IronKey’s online services are designed and built to minimize the chances of an unauthorized access or intrusion. All personally identifiable customer information is stored in an encrypted format.

How does IronKey protect my data that I back up to IronKey servers?

In some cases, IronKey allows users to backup their data to our servers using IronKey’s Password Manager and Secure Backup software. Our system is designed so that only you can recover and decrypt your backed-up data. Your data is encrypted on your computer using AES 256-bit encryption and randomly generated strong encryption keys, before being sent to our servers for backup. These keys are further encrypted with a SHA256-bit hash of your IronKey device password, and you choose what that password is. If you do not tell your password to anyone, then you are the only person who can decrypt your encryption keys, and decrypt your data.

Does IronKey ever ask a customer for their personal information via email?

IronKey will never ask a customer for personal information via email unless it is in regards to supporting a customer at his/her request. If someone tells you he is an IronKey employee and asks you for your information, please report this issue to However, if you contact IronKey’s Support Team regarding an issue with your IronKey device or service, members from the Support Team may ask for some personal information to better serve you, such as your name, email, and information about your computer setup. IronKey will never ask you for your login information, such as passwords or answers to your secret questions.

IronKey’s services may contact you via text (non-html) emails regarding the security or standing of your IronKey account. For example, you may receive an email with a confirmation code when you reset a password, or an email to alert you that your subscription services are due to expire. These emails may contain links, but the links will always be visible and direct you to the domain.

What to do if you think you have received a fraudulent IronKey email:

  • Do NOT click on any of the links or open any of the attachments.
  • Please help us in our work with the authorities by forwarding the email and its headers to

Instructions for Outlook users are below.

  • Right-click on the message in the list of emails and select “Options” from the menu.
  • At the bottom of the Message Options dialogue box that opens is a box labeled “Internet Headers” which contains the information we need to track the attacks.
  • Select the information in the box and copy it by hitting Ctrl-C on your keyboard, or right-clicking your mouse and selecting “Copy.”
  • lose the dialogue box and select “Forward” in the message. Paste the headers at the top of the message and address the email to

Does IronKey collect information on minors?

IronKey does not intend to collect information from children who are under the age of 18 in the European Union and Asia Pacific, or under the age of 14 in the United States and Latin America. If you do not meet these age limits, you should not provide information on this site and should ask your parent or guardian to do so for you. Any information you provide may be deleted without warning, if we believe that you are less than 14 years of age.

What are cookies and how does IronKey use them?

Like many companies, IronKey uses cookies to customize our Internet website communication and provide you with better service and security. A cookie is a small data file that your web browser writes to your computer when you visit our website. That file may contain information that we use to track the Web pages you have visited or how often you have visited IronKey’s website. The primary reason IronKey uses cookies is to prepare customized pages for you and to improve Internet security and overall usability of our website.

We also use third-party advertising technology to serve ads on the websites where we advertise. Generally, advertisements are served by ad networks, such as DoubleClick, that are independent of us. Third-party servers may employ cookies or action tags to measure advertising effectiveness, target advertising to individuals and for other purposes. For more information about third party technology used to serve advertising, as well as to obtain software tools that will allow you to opt-out of targeted advertising, please visit the Network Advertising Initiative.

You can configure your browser to warn you before accepting cookies, or you can refuse cookies by turning them off in your browser. If you turn off cookies, our website may not function properly or you may not be able to access all the functions of our website. For your additional privacy, IronKey does not use cookies for analytical purposes on

Webforms on IronKey’s websites

IronKey allows Internet users to volunteer information into webforms on IronKey websites. For example, you can volunteer feedback anonymously at Some webforms allow visitors to opt-in to marketing or product-related programs. These webforms ask for personal information, such as your name and email address, which is used to contact you regarding that program or a related program you may be interested in. If you do not wish to volunteer this information, do not submit the webform. If you do not wish to receive occasional IronKey newsletters, updates, and offers, uncheck the checkbox that adds you to the IronKey email list.

If you have already opted-in to an IronKey program and no longer wish to be contacted, send an email stated this to Note that if you are an IronKey customer, this will not remove you from our customer database, and you will still receive emails regarding your IronKey account. Those settings can be adjusted from within your account.

Will IronKey share my information with other companies or people?

IronKey does not sell, rent, trade, or lease your personal information for marketing purposes. We may share information with third-party agents who provide services for our internal business operations (for example: payment processing). These agents must comply with our privacy policies and cannot use your personal data for any other purpose.

If you are a user of IronKey’s Enterprise and Trusted Access products and services, the software and hardware are provisioned and managed by your employer or an issuer such as your financial institution. These issuers will have access to your non-private information such as device identifier and some utilization logs.

Apart from this, we disclose personal information only in the good faith belief that we are required to do so by law, or that doing so is reasonably necessary to: (i) comply with legal process; (ii) respond to any spamming or Internet crimeware abuses; or (iii) to protect the rights, property or personal safety of IronKey, our customers, or the public.

Note to United States customers: IronKey complies fully with all laws of the United States and the State of California. If required by law, through subpoena or other legal requirement, we will release information in our possession about members that are the subject of an investigation.

Note to European customers: The information you provide us will be transferred outside the European Economic Area for the purpose of processing by IronKey, Inc., its affiliates and agents. By submitting your information, you agree to that international transfer.

Communications from the IronKey website

We send all new customers a welcoming email to verify username and confirmation of activation of IronKey products and/or services. You may occasionally receive information on products, special deals, and a newsletter.

How can I manage my personal information or unsubscribe from emails?

For e-newsletters, software updates notices, and special offers, you may unsubscribe from receiving IronKey communications at

If you have created an account at IronKey’s website, you may change your personal information and account email alerts after logging into your account at

How can I contact IronKey if I have any further questions?

You are welcome to email us or open your question on the IronKey Forum (

IronKey, Inc.
600 W California Ave.
Sunnyvale, CA 94086 USA
+1 (408) 737 4346

Additional Information

This privacy policy does not apply to usage logs.

For IronKey Personal devices, usage logs do not reveal any personally identifiable information, and are only used for the purpose of tracking system abuse and spam. Usage logs may be deleted after 30 days.

For IronKey Enterprise and Trusted Access products, usage logs are used for the purpose of tracking system abuse and spam, detecting lost or stolen devices, and for tracking legitimate use by the issuer (for example, your employer or financial institution).


IronKey is dedicated to continually improving its websites by adding new functionality, products, services and programs. Because of those improvements along with the changes in the law, technology, and IronKey’s business, IronKey reserves the right to change, modify, add, or remove portions of this Privacy Policy at any time without notice to you. The latest version of our Privacy Policy will be available on our website and will indicate the date that it went into effect. We encourage you to review our Privacy Policy whenever you use this website to make sure you always understand how your information will be used.