Privacy Policy

1. What Is This Policy and Why You Should Read It

This Policy explains how Semperis Technologies Inc. and its affiliates and subsidiaries operating under the ‘Semperis’ brand (“Semperis”, “we”, “our” or “us”) collect, store, use, disclose and otherwise process information about you in the course of our business, including through our websites that link to this Policy (semperis.compurple-knight.com and www.hipconf.com) (the “Websites”), online services and through other means such as our and our partner’s sales, marketing activities and events. It will also inform you of your rights relating to your personal data. When we use the term “personal data” we mean any information that relates to an identifiable natural person. 

Semperis Technologies Inc., and its US-based subsidiaries, Semperis Inc., Semperis Government Solution LLC and Semperis Corp. (“Semperis-US“), adhere to the principles of the US-EU Data Privacy Framework, UK extension to the US-EU Data Privacy Framework and the US-Swiss Data Privacy Framework (the “DPF”s) regarding the collection, use, and retention of personal data transferred to the United States from those countries whose data protection laws recognize these data privacy frameworks as a valid mechanism for cross-border transfers. Semperis-U.S. also complies with the DPF for all onward transfers of Personal Data from the EU, the United Kingdom, and Switzerland, including the onward transfer liability provisions.  For more information, please see the US Department of Commerce’s Data Privacy Program Website

2. Personal Data That We Collect 

Semperis collects and uses personal data for various reasons. When we do so, we will collect, process and use it in accordance with applicable laws. Below, we describe in what instances we collect your personal data.

2.1 Personal Data We Collect from You

We collect personal data from you in the following situations: 

  1. If you express an interest in obtaining additional information about our products or services; request customer support; use our “Contact Us” or similar features; use our Websites or register to receive communications; request a demo or a free trial; download a white-paper; sign up for an event, webinar or contest; participate in a program or survey; subscribe to an email list, newsletter or blog; act as an authorized user for our products and services; or download certain content, we may require that you provide to us your contact information, such as your name, job title, company name, address, phone number, email address or username and password;
  2. If you register for an event or a webinar, we may require that you provide to us your financial and billing information, such as billing name and address, credit card number or bank account information;
  3. If you attend an event, we may, with your further consent, scan your attendee badge, which will provide us your information, such as name, title, company name, address, country, phone number and email address;
  4. If you register with us for a variety of purposes, including joining an online community that we host, using a product that we offer or participating in a program, we may ask you to provide a username, photo or other biographical information, such as your occupation, location, social media profiles or usernames, company name, areas of expertise and interests;
  5. If you interact with our Websites, social media profiles or emails, we automatically collect information about your device and your usage of our Websites or emails (such as Internet Protocol (IP) addresses and/or other identifiers) using cookies, web beacons, replay technologies, keystroking or similar technologies;
  6. If you use or interact with our products and services, we may collect information about your device and your usage of our products or services through log files and other technologies;
  7. If you communicate with us via a phone call, we may record that call in accordance with applicable laws;
  8. If you communicate with us via a chatbot or similar means, we may record and store the information exchanged during such communication, in accordance with applicable laws. 
  9. If you attend an event or visit our offices, we may collect your image or video;
  10. If you voluntarily submit certain information to us, such as filling out a survey, or responding to a questionnaire, we may collect the information you have provided as part of that submission;
  11. If you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival;
  12. If you apply for a job, internship or other opportunity you will be required to provide us with personal data about yourself, your past employment, your education and other history; and
  13. If you are a supplier or service provider (or work for a supplier or service provider), you may also be required to provide us with personal data such as your contact details and payment and billing information.

If you provide us, our service providers or our affiliates with any personal data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Policy. If you believe that your personal data has been provided to us improperly, or want to exercise your rights relating to your personal data, please contact us at privacy@semperis.com.

2.2 Personal Data We Collect from Third-Parties

We also collect information about you from other sources including third parties from whom we purchase personal data and from publicly available information. We may combine this information with personal data we obtain about you from other sources. This helps us update, expand, and analyze our records, identify new customers and create more tailored advertising to provide products and services that may be of interest to you. The personal data we collect from other sources includes identifiers, professional or employment-related information, education information, commercial information, internet activity information, and inferences about preferences. In particular, we collect such personal data from the following sources:

  1. Third party providers of business contact information (including names, addresses, company names, mailing addresses, job titles, email addresses, phone numbers, IP addresses, social media profiles, LinkedIn URL’s and custom profiles), for purposes of targeted advertising, delivering relevant email content, event promotion, determining eligibility and verifying contact information; and 
  2. Another individual at your organization who may provide us with your personal data, to the extent you consent to providing it and sharing it, for the purposes of obtaining products and services, support and assessing our goals related to encouraging diversity within our vendors. 

2.3 Personal Data We Receive from Third-Party Applications

We may link to certain third-party websites and applications in our Websites. In those circumstances, the data we collect, use and disclose via the Websites will be subject to this Privacy Policy, including our Cookie Statement. However, your use of the third-party websites, applications and any information you instruct us to send to a third-party will be subject solely to the third-party’s terms and conditions and privacy statement, and will not be subject to any agreements you have with us or to this Policy.

2.4 Targeted Online Advertisements

We use third party service providers to serve ads about our products and services on other websites. These third parties may automatically collect and use certain information about your online activities, either on our Websites or other websites, such as your IP address, your ISP and the browser you are using. They do this using cookies, web beacons and other tracking technologies. Information collected may be used, alone or in combination with information about you we obtain from other sources, to among other things, deliver advertising targeted to your interests, including serving ads related to our products or services when you access and use other websites and to better understand the usage of the websites tracked by these third parties.

This Policy does not apply to, and we are not responsible for, cookies, web beacons or other tracking technologies in ads delivered by third parties on other websites, and we encourage you to check the privacy policies of ad services to learn about their use of cookies and other tracking technologies.

3. How We Use the Personal Data We Collect

We use personal data we collect for the purposes described in this Policy, including:

  1. operating, developing, improving and auditing our products, services and Websites;
  2. providing customer service and support;
  3. providing you with white-papers, demos and free-trials; 
  4. providing and facilitating the delivery of products and services you request;
  5. sending you related information, including confirmations, invoices, technical notices, updates, security alerts, training and support and administrative messages;
  6. sending you newsletters, blog posts and emails. 
  7. enhancing security and combating fraud, spam, malware or other information and/or network security risks;
  8. detecting bugs, reporting errors and performing activities to maintain the quality and safety of our products, services and Websites;
  9. conducting research and development;
  10. contract fulfilment; 
  11. understanding your preferences to assess, enhance, personalize and improve your experience when using our Websites, products or services;
  12. identifying customer opportunities;
  13. sending you marketing, sales and promotional communications (where this is in accordance with your preferences);
  14. communicating with you about one of our or our partner’s events, including webinars and demos;
  15. managing event registration and attendance;
  16. managing, and participating in, contests, programs or promotions;
  17. responding to your comments or questions or providing information requested by you;
  18. linking or combining it with other personal data we receive from other sources, to help understand your needs, to provide you with better service and to prevent fraud;
  19. displaying personalized advertisements and content; 
  20. displaying and measuring engagement with advertisements across different devices and websites;
  21. maintaining legal and regulatory compliance;
  22. training and administrative purposes; 
  23. collecting diversity information; 
  24. short-term, transient use, such as customizing content that we or our service providers display on the Websites; 
  25. professional, background checks and education information for employee and contractor employment; and
  26. processing your information for other legitimate business purposes, such as customer surveys, data analysis, audits, collecting and assessing feedback, identifying usage trends, determining the effectiveness of our marketing campaigns and evaluating and improving our products, services, marketing and customer relationships.

We may store and process personal data in the United States and in other countries.

4. Children

Our Websites, products and services are not directed at or intended for children. We do not knowingly collect personal data from children under the age of 13 or such other applicable age of consent for privacy purposes in relevant individual jurisdictions. If you are a parent or a guardian and believe that your child has provided us with personal data, please contact us by using the information in Section 15 below and we will take steps to delete their personal data from our systems. 

5. When We Disclose Personal Data

We disclose your personal data to third-parties, in accordance with applicable laws, only as follows:

  1. where it has been de-identified, including through aggregation or anonymization;
  2. with your consent or when you instruct us to do so;
  3. with affiliates and subsidiaries within the Semperis group;
  4. to third-party service providers or vendors contracted to provide services on our behalf. These third-party service providers may use personal data we provide to them only as instructed by us; 
  5. with third party business partners, such as distributors, and/or referral partners, who are involved in providing services to our prospects and/or customers, to fulfill product and information requests and to provide customers and prospective customers with information about Semperis and its products and services. These business partners may use personal data we provide to them only as instructed by us;
  6. where your organization is a customer or potential customer of Semperis, we may disclose your personal data to relevant people within your organization;
  7. when you visit our Websites, we may enable third parties to use cookies and other tracking technologies to show you ads on third-party websites that may be relevant to you. Under some data protection laws, our disclosure of this information to third parties through cookies and other tracking technologies for targeted advertising may be considered as a “sale” or “share” of personal data. Please see our Cookie Statement for more information about the cookies we use;
  8. with analytics and search-engine providers that assist us in the improvement and optimization of our Websites, through the use of cookies and other tracking technologies. Under some data protection laws, our disclosure of this information to third party analytics and search-engine providers through cookies and other tracking technologies may be considered as a “sale” or “share” of personal data. Please see our Cookie Statement for more information;
  9. to comply with laws or to respond to lawful requests and legal process, to protect our rights and property and that of our customers, employees, agents, partners and others, including to enforce our agreements, policies and terms of use or in an emergency to protect the personal safety of any person;
  10. in order to protect any individual’s vital interests, but only where we believe in good faith that it is necessary in order to protect the vital interests of that individual; or
  11. in connection with or during negotiation of any business transition, such as a transfer, merger, financing, acquisition, or dissolution transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company. 

6. How We Secure Your Personal Data

We use technical and organizational measures that provide a level of security appropriate to the nature of the personal data we collect and to the risks that are presented by processing your personal data, in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration and destruction. These measures may include physical access controls, encryption, internet firewalls, intrusion detection and network monitoring, depending on the nature of the information and the scope of processing. Our staff who may have access to your personal data are required to keep that data confidential. However, the security of information transmitted through the internet can never be guaranteed. You are responsible for maintaining the security of your password or other forms of authentication involved in accessing password-protected or secured resources.

7. International Data Transfers 

Semperis operates as a global business. Your personal data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country, and in some cases, may not be as protective. Specifically, our website servers are primarily located in the U.S. and we may process your information in jurisdictions where our affiliates, subsidiaries, partners and third-party service providers are located. However, we take appropriate safeguards to protect your privacy, your fundamental rights and freedoms, and the ability to exercise your rights. For example, if we transfer personal data from the European Economic Area (“EEA”), the UK, or Switzerland to another country such as the United States, the cross-border transfer will be made under the applicable DPF or, if not applicable, we will implement an appropriate data transfer solution such as entering into Standard Contractual Clauses for transfers of personal data approved by the European Commission or competent governmental authority (as applicable) with the data importer. Our Standard Contractual Clauses or further details may be provided on request. 

8. Legal Basis for Processing Personal Data (Users and Visitors From EEA, UK, and Switzerland Only)

If you are a user or visitor based in the EEA, Switzerland, or the United Kingdom, Semperis Technologies Inc. is the data controller of your personal data, unless the data is collected in circumstances where one of our affiliates is running (for example) a local event, training session or survey, and they collect and control that information. In such circumstances, we will endeavor to make this clear to you at the point we collect your personal data. Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data only where we have your consent to do so, where we need the personal data to perform a contract with you or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal data from you. If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear when we ask for the data. For more information on our legal basis for processing data, please contact us using the details provided in Section 15 of this Policy.

9. California Users 

This section applies to you only if you are a natural person and live in California. This section provides notice and specific information to consumers in California, including information required by the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively “CCPA” and “CPRA”). 

The CCPA, as amended by the CPRA, requires businesses that collect personal data of California residents to make certain disclosures regarding how they collect, use, retain and disclose such personal data. This section addresses those requirements. For a description of all of our data collection, use and disclosure practices, please read this Privacy Policy in its entirety.

We do not sell personal data as we understand the term “sale” to be defined by the CCPA and its implementing regulations. We do share personal data (as the term “share” is defined by CCPA and its implementing regulations). For more information on selling and sharing personal data, please see section 5 above (“When We Disclose Personal Data”), and particularly sub-sections (g) and (h). You can request us to stop sharing (or selling, in the event that our practices are considered as “selling” by some data protection laws) your personal data by contacting us at privacy@semperis.com 

The categories of personal data we collect are detailed in Section 2 above (“Personal Data We Collect”). 

We collect and disclose personal data for the purposes set forth in Section 3 above (“How We Use the Personal Data We Collect”).

The sources from which we collect personal data are described in Section 2 above (“Personal Data That We Collect”).

We do not use or disclose sensitive personal data for purposes other than those permitted under the CCPA.

We retain personal data as described in Section 11 below (“Data Retention and Deletion”). 

California law provides California residents the right to make certain requests with regard to their personal data. Please see Section 10 below (“Your Privacy Rights”) for a description of those rights. For information on how to exercise your rights, please refer to Section 10.2 below (“How to Exercise Your Rights”). If you are an authorized agent wishing to exercise rights on behalf of a California resident, please contact us using the information in Section 15 below and provide us with a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity and place of residence before completing your rights request.

10. Your Privacy Rights

10.1 Your Rights 

You may have certain rights relating to your personal data, subject to applicable local data protection laws. Depending on the applicable laws, and our contractual responsibilities, these rights may include the following: 

  1. access your personal data held by us;
  2. know more about how we process your personal data; 
  3. rectify inaccurate personal data and, taking into account the purpose of processing the personal data, ensure it is complete;
  4. erase or delete your personal data;
  5. restrict our processing of your personal data;
  6. transfer your personal data to another controller, to the extent possible;
  7. object to any processing of your personal data;
  8. opt out of certain disclosures or sharing of your personal data to or with third parties; and
  9. not be discriminated against for exercising your rights described above.

Where we process your personal data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you may exercise your right to object at any time to such processing, without having to provide any specific reason for such objection. 

Currently, our Websites, products and services do not include automated decision-making.

10.2 How to Exercise Your Rights

To exercise your rights, please contact us by using the information in Section 15 below. Your personal data may be processed in responding to these rights.

In the event that your request would adversely affect the rights or freedoms of others or if we are legally required or entitled to deal with your request in a different way than initially requested, we will address your request in accordance with applicable law. 

10.3 Your Rights Relating to Customer Data 

As described above, we may also process personal data submitted by or for a customer to our products and services. To this end, if not stated otherwise in this Privacy Policy or in a separate disclosure, we process such personal data as a processor on behalf of our customer who is the controller of the personal data. We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those explained in this Privacy Policy. If your data has been submitted to us by or on behalf of a customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly. Because we may only access a customer’s data upon and in accordance with their instructions (unless otherwise required by applicable law), if you wish to make your request directly to us, please provide us the name of the customer who submitted your data to us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.

10.4 Your Preferences for Marketing Communications

If we process your personal data for the purpose of sending you marketing communications, you may manage your receipt of these communications by clicking on the “unsubscribe” link located on the bottom of these communications. Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your event registrations, service announcements or security information.

11. Data Retention and Deletion 

We only keep your personal data for as long as we need it. This may take into account our need to communicate with you for our business purposes (including for marketing purposes), whether you are likely to still be interested in receiving information from us about our products and services, any laws or regulatory requirement which may necessitate the retention of your data, and whether we are or could potentially in the future be in dispute with each other or a third party.  

Please note that we may anonymize your personal data or use it for statistical purposes. We keep anonymized and statistical data indefinitely but we take care to ensure that such data can no longer identify or be connected to any individual.

If either deletion or anonymization is not possible (for example, because your personal data has been stored in backup archives), we will securely store your personal data and isolate it from any further processing until deletion is possible.

12. Regulatory Authority and Disclosures

Semperis US is subject to investigatory and enforcement powers of the Federal Trade Commission in the United States in connection with its Data Privacy Framework program. Semperis may also be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

13. Dispute Resolution

If your personal data has been transferred to Semperis US from a country whose data protection laws recognize any of the DPF’s as mechanisms for cross-border transfers: (i) if you have any inquiries or complaints about our handling of your personal data under the DPF, please contact us at privacy@semperis.com. We will respond to your inquiry without undue delay; (ii) if you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider, (free of charge) at https://go.adr.org/dpf_irm.html; (iii) if neither we nor our third-party dispute resolution provider resolves your complaint, you may also have the option of invoking binding arbitration as described in the DPF principles.

14. Changes to the Privacy Policy

This Privacy Policy may be amended or revised from time to time at our discretion. Changes to this Policy will be posted on this page and the “last updated” date below will be changed. If we make any material changes, such as a change to the purposes of processing of personal data that is not consistent with the purpose for which it was originally collected, we will provide notice on this page prior to the change becoming effective. We encourage you to periodically review this Privacy Policy for the latest information on our privacy practices.

15. How to Contact Us

If you have any questions about this Policy or privacy-related issues, please contact us at privacy@semperis.com or by writing to us at the following address: Semperis Technologies Inc., 221 River Street (9th floor), Hoboken, New Jersey 07030 (Attention: Legal Department).

Last updated: July 26, 2023