Effective Date: January 5, 2024
Except as otherwise noted below, this Policy applies to the personal data that Sibros collects and processes related to:
Additional or supplemental notices and disclosures (each an “additional notice”) may be provided and will apply to certain personal data collected and processed by us. Generally, we provide additional notices to clarify our privacy practices in specific circumstances and provide you with additional information about certain processing activities. To the extent there is a conflict with this Policy, the additional notice will control with respect to the personal data subject to that additional notice.
When a Software-as-a Service (“SaaS”) platform user (“Customer”) purchases and accesses the Sibros Deep Connected PlatformTM (“Platform”) or engages us to provide any other services relating to our Platform, we process and collect personal data on behalf of and under the instructions and privacy policies of the Customer. Those policies are typically set forth in a data processing agreement which governs the processing of personal data, and Sibros will only collect, use, retain and otherwise process such data on behalf of our Customers in accordance with our applicable contractual agreements. Each Customer is responsible for providing notice to and obtaining any required consent from their end-users related to our processing of personal data as part of our Platform.
This Policy does not cover the personal data that we collect and process related to our employees, contractors, and applicants, or to any information that is exempt under applicable privacy laws.
For information about the privacy choices you have regarding your personal data, review the Section “Your Privacy Rights and Choices” below, as well as the Section “Additional information for Individuals in Certain Jurisdictions,” which includes additional jurisdiction-specific information about privacy rights for residents of certain jurisdictions, including residents in the European Economic Area (“EEA”) and the United Kingdom (“UK”). If you are a California resident, please see the Section “Additional information for California Residents” below for more information pursuant to California privacy laws, including the California Consumer Privacy Act (“CCPA”).
If you have questions about this Policy, please see the Section “Contacting Us” below.
You can review information about our privacy practices and your privacy rights and choices below in the following sections:
We collect your personal data directly from you, automatically related to your use of the Services, and in some cases, from third parties (e.g., platform providers, payment processors, operators of certain third-party services that we use and social networks). The personal data we collect about you varies depending upon the circumstances, such as the Services used or your interaction with us.
The personal data that we collect varies depending upon your use of our Services and our interactions with you but in general including the following:
We may also collect certain personal data from third parties, such as:
We may collect personal data about how you use our Services and your online interactions with us and others, including information we collect automatically (e.g., using cookies and pixel tags), as well as information we derive about you and your use of the Services. Such data includes:
For more information, see the Section “Cookies and Similar Technologies” below.
The purposes for which we may process and use personal data vary depending upon the circumstances. For information on how our Customers collect, use and share your personal data collected via our Services and Platform we provide to them, please refer to the Platform User’s respective privacy policies, not this Policy.
Certain laws, including the General Data Protection Regulation (“GDPR”), require that we inform you of the legal bases for our processing of your personal data. Pursuant to these laws, we process personal data for the purposes outlined below:
The purposes for which we collect, use, disclose and otherwise process personal data vary depending upon the circumstances. Generally, we collect, use and process your personal data for the below business and commercial purposes:
We may disclose or make available the personal data we collect about you as follows:
A cookie is a small data file that is stored on your computer’s or mobile device’s memory. Some cookies help you navigate our Services, for example by setting a cookie to remember your login details. Cookies also help us better understand the effectiveness of our Services (for example, by tracking the way in which you respond to, select and interact with our Services and tracking the conversion of our prospective customers into actual customers). Other cookies collect information about how you use our Services, which highlights areas we can improve, including navigation.
For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org. To read about your choices with regard to Sibros’ and third parties’ uses of cookies in our Services, please see the subsection “Managing Your Cookie Preferences” below.
Sibros and our service providers may also use “pixel tags,” “web beacons”, “clear GIFs” or similar means (individually or collectively “Pixel Tags”) to analyze usage patterns of consumers. A Pixel Tag is an electronic image, often a single pixel, which is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a web page or in a mobile application and may be associated with cookies on your hard drive. Some Pixel Tags are used to drop cookies on users’ devices. Pixel Tags allow us to count users who have visited certain websites and applications of our business customers, and pages within such websites and applications, and to help determine the effectiveness of marketing campaigns. We and our service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
You can control how participating third-party ad companies use the information that they collect about your visits to our websites and use of our mobile applications, and those of third parties, in order to display more relevant targeted advertising to you. For more information and to opt out of receiving targeted ads from participating third-party ad networks go to:
Opting out of participating ad networks does not opt you out of being served advertising. You may continue to receive generic or “contextual” ads on our Services. You may also continue to receive targeted ads on other websites, from companies that do not participate in the above programs.
You can review and manage your cookie preferences for our Sites and opt out of most cookies, including targeting cookies and tags on our Sites, by editing your browser options as explained below. Cookie preferences are browser and device specific, which means that you need to set the preference for each browser and device you use to access our Sites; in addition, if you delete or block cookies, you may need to reapply these preferences. Further, opting out of cookies and advertising as discussed below does not mean that you will no longer receive advertising content from us. You may continue to receive generic or “contextual” ads from us, they may just be less relevant to you.
We do not respond to Do Not Track (DNT) signals at this time. You may, however, disable certain tracking mechanisms in the cookie preference settings of your web browser and opt out of certain third-party ad cookies on our Sites as described in this Policy.
We will retain your personal data for the period necessary to fulfill the purposes outlined in this Policy for which the personal data was collected, unless a longer retention period is required or permitted by law. For example, we may maintain your personal data for an additional period of time where necessary to comply with our legal obligations or to establish, exercise or defend our legal rights (including to respond to actual or potential legal claims.
We have taken reasonable steps to implement physical, technical and organizational measures, procedures and practices designed to help protect from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed by us. Despite our efforts to keep your information secure, no website or Internet transmission is completely secure and we cannot guarantee that unauthorized parties will not gain access to your personal data.
Our Services are not intended for, nor directed to, individuals under the age of 18 and we do not knowingly collect personal data from individuals in this age group. By using or accessing the Services or providing us with your information, you represent that you are at least 18 years old. If you believe we have inadvertently collected personal data about a child, please contact us and we will take steps to delete this data.
In this section we describe the choices you have regarding our collection, use and handling of your personal data for which Sibros is a data controller or business. Please note that if you have a request related to personal data we collect and process on behalf of a Customer, you should contact that Customer directly. If you submit your request to us, we will attempt to forward it to the relevant Customer so that they may respond to you directly.
Subject to applicable law, you may submit a request to us to access, correct or delete personal data by contacting us as set out in the section “Contacting Us” below. We may ask you for additional information so that we can confirm your identity or process your request, and we will process your request in accordance with applicable privacy/data protection laws.
You may at all times opt-out from receiving electronic commercial communications from us. If you no longer want to receive marketing-related emails from us on a going-forward basis, you may opt-out of receiving these marketing-related emails by following the instructions in the communication you received from us. For example, you may unsubscribe from email marketing by clicking on the unsubscribe link within the email message that you receive from us. Please also note that if you opt-out of receiving marketing-related communications from us, we may still send you administrative and transactional messages relating to the Services from time to time, to the extent permitted by applicable laws. In addition, where required under applicable law, we will obtain your prior consent to direct marketing.
We provide additional information, as required under certain privacy laws, including the rights certain individuals have in certain jurisdictions:
You may deactivate your account by changing your preferences in the user settings page of the Services.
Sibros is headquartered in the United States. If you are located outside the United States, such as in the European Economic Area (EEA) or the United Kingdom (UK) or Switzerland, and you submit personal data to us, that data will be transferred to the United States and we may process and store information in any country where we have facilities and/or employees, or in which we engage service providers. Data protection laws in the United States may not be considered equivalent to the data protection laws that exist in your jurisdiction. We will take steps to ensure that your personal data is subject to appropriate safeguards, including, where required, by implementing appropriate adequacy measures, such as the relevant set of EU standard contractual clauses (as approved by the European Commission) for the transfer of personal data to processors established in third countries, and where relevant the UK Addendum (as approved by the ICO). The current form for the standard contractual clauses can be found at https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en).
This Policy does not cover, and we are not responsible for, the privacy, data or other practices of any third parties (except as required by applicable law), including any third parties operating any site or service to which our Services link to. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates. These third parties collect your data according to their own privacy policies.
Residents of certain jurisdictions have additional rights under applicable privacy laws, as described in this section.
The data controller of your personal data is the Sibros entity you interact with or otherwise have a business relationship.
If you are located in the European Economic Area, the United Kingdom or Switzerland, subject to the requirements and conditions set out under applicable law, you have the rights set out below in regard to our processing of your personal data where we are the data controller for such data. Please remember, if you want to make a request with respect to Customer personal data, i.e., the data our Customers provide to us so that we can provide them our Services, please contact the relevant Customer directly with your request, not us.
To exercise any of the above listed rights, please email us with your request at email@example.com. We will handle your request in accordance with applicable law. When you make a request, we may ask you for additional information in order to verify your identity to protect your privacy and security.
Sibros commits to resolving complaints about our collection or use of your personal data. You have a right to lodge a complaint with a competent supervisory authority situated in a member state of your habitual residence, place of work, or place of alleged infringement if you have concerns about how we are processing your personal data. We ask that you please attempt to resolve any issue with us first, although you have a right to contact your supervisory authority at any time. You can find the relevant supervisory authority name and contact details here for individuals located in the EEA, here for individuals located in the United Kingdom and here for individuals located in Switzerland.
In this subsection, we provide additional information for California residents regarding our collection, use and disclosure of their personal information (as such term is defined under the California Consumer Privacy Act (“CCPA”), as well as their privacy rights under California privacy laws, as required under California privacy laws including the CCPA. This subsection does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the CCPA.
While our collection, use and disclosure of personal information varies based upon our relationship and interactions with you, the table below generally describes the categories of personal information (as defined by the CCPA) that we have collected about California residents, as well as the categories of third parties to whom we may disclose this information for a business or commercial purpose. In addition to the third parties listed in the table below, we disclose your personal information to our service providers, who process the information on our behalf, other third parties as required by law, or otherwise with your consent.
California privacy laws define a "sale" as disclosing or making available to a third-party personal information in exchange for monetary or other valuable consideration, and “sharing” broadly includes disclosing or making available personal information to a third party for purposes of cross-context behavioral advertising. While we do not disclose personal information to third parties in exchange for monetary compensation, we may “sell” or “share” (as defined by the CCPA) identifiers and Internet and electronic network activity information to/with third-party advertising networks, analytics providers, and social networks. We do so in order to improve and evaluate our advertising campaigns and better reach customers and prospective customers with more relevant ads and content. We do not sell or share sensitive personal information, nor do we sell or share any personal information about individuals who we know are under sixteen (16) years old.
In general, as described in the Section “Personal Data We Collect” above we collect personal information from you directly, automatically, and from the following categories of third party sources:
As described in more detail in the Section “ Legal Bases and Purposes of Use for Processing Personal Data” above, we use, disclose and otherwise process the above personal information for the following business or commercial purposes and as otherwise directed or consented to by you:
Notwithstanding the above, we only use and disclose sensitive personal information as reasonably necessary (i) to perform our services requested by you, (ii) to help ensure security and integrity, including to prevent, detect, and investigate security incidents, (iii) to detect, prevent and respond to malicious, fraudulent, deceptive, or illegal conduct, (iv) to verify or maintain the quality and safety of our services, (v) for compliance with our legal obligations, (vi) to our service providers who perform services on our behalf, and (vii) for purposes other than inferring characteristics about you. We do not use or disclose your sensitive personal information other than as authorized pursuant to section 7027 of the CCPA regulations (Cal. Code. Regs., tit. 11, § 7027 (2022)).
We retain the personal information we collect only as reasonably necessary for the purposes described above or otherwise disclosed to you at the time of collection. For example, we will retain your account data for as long as you have an active account with us, transactional data for as long as necessary to comply with our tax, accounting and recordkeeping obligations, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, and comply with legal obligations.
The California Consumer Privacy Act (CCPA) provides certain California residents with the additional rights listed below. The rights below apply in the event that we process your personal information in the capacity of a business, on our own behalf. In the event that we process your information on behalf of a Customer, i.e. as a service provider, we encourage you to make your request directly with the relevant Customer, but will direct your request to the relevant Customer if possible based on the information you provided to us.
Under the CCPA, California residents have the following rights (subject to certain limitations):