Updated: January 2nd, 2024
Cireson, LLC, and its subsidiaries and affiliates (hereinafter “Cireson,” “we,” “us” or “our”) is committed to protecting your privacy. This Privacy Statement explains what personal data we collect, how this data is processed and for what purpose. in connection with our marketing activities, social media pages, our live events, and as otherwise described in this Privacy Policy. In addition, this Privacy Policy describes your rights and choices with respect to the personal information we collect.
US State Data Privacy Notice: If you are a California, Virginia, Colorado, Connecticut, or Utah resident, see the Information for US State Residents section below for important information about your rights under State law.
European Economic Area, United Kingdom, and Switzerland Privacy Notice: If you are a resident of the European Economic Area, Switzerland, or the United Kingdom (collectively, “Europe”), see the information for Europe Residents below for important information.
Cireson offers a range of products, on-premises and in the cloud, used to help enterprises across the globe operate. Cireson does not offer products or services for use by individuals for their personal, family or household purposes. Accordingly, all personal information collected is treated as data pertaining to individuals in their capacities as representatives of the relevant enterprise and not their individual capacities.
However, Cireson’s business customers may transmit or ingest personal information as part of the products and services provided to them. If you have concerns regarding personal information that we process on behalf of a business, please review their privacy policy and direct your concerns to that business.
References to Cireson products and services in this statement include Cireson products, services, websites, apps, software, servers, and devices.
Changes to this Privacy Statement
We reserve the right to modify this Privacy Policy at any time. If we make significant changes, we will update the date of the policy and post it in all appropriate locations. If required by law, we will also notify you through other means that we believe will reach you, such as email (if we have your contact information) or another method within the Service. The updated Privacy Policy will become effective when we post the new terms or implement the changes in our products and services. By continuing to use our contracted products and services after we post any modified Privacy Policy, you indicate your acceptance of the updated terms.
Security @Cireson
We care about keeping your personal information safe. To safeguard the data we collect, we have implemented organizational, technical, and physical measures, and we validate the effectiveness of these measures through external independent audits.
However, it’s important to know that there are always risks with technology and the Internet, Therefore, we cannot provide a complete guarantee of the security of your personal information. Please be aware that email, in particular, is not a secure method for transmitting sensitive information (unless you utilize email encryption technologies). Exercise caution when sharing any personal details with us via email.
Personal data we collect
We collect several types of information from and about our customers while providing and supporting our products and services. You provide personal information in the normal course of use of one of our products directly, for example when you create a support account or when you sign up for one of our services.
We rely on a variety of legal reasons and permissions (sometimes called “legal bases”) to process data, including with your consent, a balancing of legitimate interests, necessity to enter into and perform contracts, and compliance with legal obligations, for a variety of purposes described below.
The data we collect depends on the type of interactions you have with Cireson, the products and features you use, and applicable law.
Personal data we collect can include the following:
- General information, including a customer’s company name and address, credit card information, and the Customer’s representative’s name, email address and phone number.
- Credentials, such as usernames and passwords used for authentication and account access. Please note that credentials that are gathered and maintained by us are stored securely using non-reversable encryption, and are not readable.
- Payment data to process payments for our services.
- Subscription and licensing data derived from your use of our products and services. For example, we may collect the number of active users within your instance.
- Audit logs, activity logs, and error reports. We collect this information to ensure the availability and performance of systems and products. Even though these generally don’t contain personal data, in some cases – depending on the incident – a reference may be included.
- Interactions, which may include data about how you use or interact with Cireson products or our websites.
- Data you enter into our systems. Content you communicate to us either directly or through the input, upload, or creation in our products and services. Examples are attachments, images, or text you may add to a support ticket, in our Cireson Community forum, or in an email communication.
- Video or recordings. If you attend a Cireson online event or activity that is recorded, we may process your image and voice data.
- Feedback and ratings. This may include information you provide to us and the content of messages you send to us, such as feedback, survey data, and product reviews you write.
- Marketing information, such as your preferences for receiving communications about our activities, events, and publications, and any information you provide when you engage with our communications.
- Information we obtain from social media platforms. We may maintain pages for our Company on social media platforms, such as LinkedIn, Twitter, Google, YouTube, Instagram, and other third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.
- Information we obtain from other third parties. We may receive personal information about you from third-party sources, such as our business customers, marketing partners, publicly available sources and data providers. Our use of any information obtained from our business customers is restricted by our agreements with those business partners.
- Automatic data collection. Cireson and our service providers may log information about you, the device you are using and your interaction with the Service, such as:
- Device Data, such as your browser type and version, your operating system type and version, IP address, language settings, mobile network carrier, general location information, and various system telemetry values.
- Online activity data related to our products and services, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.
- Communication and interaction data, such as your interactions with our email, text or other communications (e.g., whether you open and/or forward emails) – we may do this through use of pixel tags (which are also known as clear GIFs), which may be embedded invisibly in our emails.
- Cookies and similar technologies. Certain methods of automatic data collection mentioned earlier are made possible through the utilization of cookies and similar technologies. For further details, please consult the section titled “Cookies and Similar Technologies” below. Additionally, we will retain a log of your preferences regarding the usage of these technologies in relation to the Service.
How we use personal data
We collect Customer Data because it helps us deliver better products and services, as well as a superior level of customer service.
We may use your personal information to:
- provision, maintain, monitor, secure, and troubleshoot our products. This also includes bug fixes, updates, and support.
- communicate with you about the Service, such as sending you news, updates, announcements, security alerts, and support messages.
- respond to your requests, questions and feedback.
- help with personalization of our products.
- operate our business, which includes analyzing our performance, meeting our legal and other obligations, developing our workforce, and doing market research.
We may use your personal information to:
- improve and develop new features and functionality.
- gather information about the usage of our products and services.
We may use your personal information to:
- facilitate advertising and marketing to you, which may include promotional communication, targeted advertising, and presenting you with tailored offers.
- enable the utilization of third-party advertising tools. These tools may employ cookies and comparable technologies to gather information about your interactions (including the data outlined in the “Automatic Data Collection” section mentioned earlier) over a period of time throughout the Service, our communications, and other online services.
We may utilize your personal information when we consider it necessary or appropriate to adhere to relevant laws, lawful requests, and legal procedures. This may include responding to subpoenas, investigations, or requests from government authorities.
We may utilize your personal information and disclose it to law enforcement, government authorities, and relevant parties when we believe it is necessary or appropriate to:
- Safeguard our rights, your rights, others’ rights, privacy, safety, or property (including by initiating and defending legal claims).
- Conduct audits of our internal processes to ensure compliance with legal and contractual obligations, as well as our internal policies.
- Enforce the terms and conditions governing the Service.
- Protect, identify, investigate, and prevent fraudulent, harmful, unauthorized, unethical, or illegal activities, including cyberattacks and identity theft.
We may specifically request your consent to collect, use, or share your personal information in certain cases, as required by law.
We may convert your personal information and the personal information of other individuals we collect into anonymous, aggregated, or de-identified formats. This process involves removing information that can personally identify you from the data. We may use this anonymous, aggregated, or de-identified data for our lawful business purposes, including analyzing and enhancing the Service, as well as promoting our business. We will not attempt to reidentify such data, except as permitted by law.
How we do NOT use your personal data
Interest-based advertising. Interest-based advertising involves the use of cookies and similar technologies by advertising companies to gather information about your interactions across services, communications, and other online platforms. This collected data, which may include the information described in the “Automatic Data Collection” section above, is then used to deliver online advertisements that are tailored to your interests. Cireson does not utilize third-party advertising companies and social media companies to display ads on our website, products, and other online services.
How do we store personal data?
Cireson does not manage, maintain, or operate physical hardware or datacenter locations. For all Cireson products and services infrastructure and platforms we rely on Microsoft Azure, which in this context is sometimes referred to as a sub-processor, or a subservice organization.
All of the platforms used by Cireson are physically located in the contiguous United States. All physical security and platform management functions lie with the subservice organization (Azure). Applicable InfoSec certifications (e.g. SOC 2 Type 2, ISO 27001) are continuously reviewed and considered reasonable and appropriate.
Microsoft’s Privacy Statement, including additional information about compliance can be found here.
How long do we keep personal data?
We keep your personal information used to provide our products and services (business contact data, accounting data) for as long as we need it for the reasons we collected it. This includes fulfilling legal requirements, handling accounting and reporting, protecting ourselves legally, and preventing fraud.
The decision on how long we keep your information is based on several factors. We consider things like the type and amount of data, the risk of unauthorized use or disclosure, our specific purposes for using the data, if there are other ways to achieve those purposes, and applicable laws.
When we no longer need your personal information, we may delete it, make it anonymous, or separate it so that it can’t be used for further processing.
Cireson will delete the data you input or ingest into the products and services we operate and maintain immediately upon request – or – after a period of thirty days after service cancellation.
Is personal data shared with other entities?
We may disclose your personal information to the following third parties, as well as in accordance with the details provided in this Privacy Policy, other relevant notices, or during the collection process:
We may share your personal information with our corporate parent, subsidiaries, and affiliated companies for purposes consistent with this Privacy Policy.
Your personal information may be shared with third-party entities and individuals who assist us in providing services or operating the Service on our behalf. This includes activities such as customer support, hosting, analytics, email delivery, marketing, and database management services. You can find a list of our sub-processors and the nature of their processing activities at this link.
Cireson does not collaborate with third-party advertising companies for the purposes of interest-based advertising, as described above.
On occasion, we may share your personal information with partners or enable them to directly collect information through our Service.
In the course of rendering professional services to us, we may disclose your personal information to professional advisors such as lawyers, bankers, auditors, and insurers when necessary.
Your personal information may be shared for the purposes of compliance, fraud prevention, and safety, as outlined earlier.
In the context of actual or potential business transactions (e.g., investments in Cireson, financing of Cireson, public stock offerings, or the sale, transfer, or merger of all or part of our business, assets, or shares), we may disclose personal information. For example, certain personal information may need to be shared with prospective counterparties and their advisors. Furthermore, in the event of a corporate divestiture, merger, consolidation, acquisition, reorganization, sale of assets, or similar transaction, and/or in the event of bankruptcy, dissolution, or receivership, where personal information is transferred as part of our business assets, some or all of your personal information may be disclosed to an acquirer, successor, or assignee of Cireson, or to one or more third parties.
How to access and control your personal data
You have choices about the collection and utilization of your data. To exercise your data protection rights and maintain control over your personal data obtained by Cireson, you can contact Cireson directly or utilize the various tools we offer. It is important to note that, in certain cases, the extent of your access to or control over your personal data may be limited to adhere to applicable laws. The methods available for accessing or controlling your personal data will also vary depending on the specific products you use.
- Account Information. If you have registered for an account with us, you may review and update certain personal information in your account profile by logging into the account.
- Marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at privacy@cireson.com. However, you will continue to receive service- as well as account-related and other non-marketing emails.
- Cookies. Most browsers allow you to delete and reject cookies placed by websites. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, you may not be able to use all functionality of the Service and it may not work properly. Please refer to your browser’s vendor’s documentation for details.
Cookies and similar technologies
Cookies are small text files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. We use cookies and similar technologies for storing and honoring your preferences and settings, enabling you to sign in, combating fraud, analyzing how our products perform, and fulfilling other legitimate purposes.
We also use “web beacons” to help deliver cookies and gather usage and performance data. Our websites and emails may include web beacons, cookies, or similar technologies from affiliates and partners as well as third parties, such as service providers acting on our behalf.
Some of the cookies we commonly use are listed below. This list is not exhaustive, but it is intended to illustrate the primary purposes for which we typically set cookies.
Provider | Name | Purpose |
hubspot.com Privacy link | __cf_bm | This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. |
google.com Privacy link | _GRECAPTCHA rc::a rc::b rc::c rc::d-15# | This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. |
smartrecruiters.com Privacy link | AWSALB AWSALBCORS | Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience. |
youtube.com Privacy link | CONSENT | Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. |
cireson.com Privacy link | CookieConsent | Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. |
cireson.com Privacy link | elementor | Used in context with the website’s theme. The cookie allows the website owner to implement or change the website’s content in real-time. |
nr-data.net Privacy link | JSESSIONID | Used for website performance analytics. Preserves users states across page requests. |
Provider | Name | Purpose |
cireson.com Privacy link | messagesUtk | Stores a unique ID string for each chat-box session. This allows the website-support to see previous issues and reconnect with the previous supporter. |
Provider | Name | Purpose |
google.com Privacy link | _ga _ga_.* | Used by Google Analytics to collect data on the number of times a user has visited the website as well as dates for the first and most recent visit. |
google.com Privacy link | _gat | Used by Google Analytics to throttle request rate |
google.com Privacy link | _gid | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. |
googletagmanager.com Privacy link | td | Registers statistical data on users’ behaviour on the website. Used for internal analytics by the website operator. |
Provider | Name | Purpose |
hubspot.com Privacy link | __ptq.gif | Sends data to the marketing platform Hubspot about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels. |
google.com Privacy link | ads/ga-audiences | Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites. |
youtube.com Privacy link | LAST_RESULT_ENTRY_KEY nextId requests TESTCOOKIESENABLED ytidb::LAST_RESULT_ENTRY_KEY YtIdbMeta#databases | Used to track user’s interaction with embedded content. |
youtube.com Privacy link | remote_sid | Necessary for the implementation and functionality of YouTube video-content on the website. |
youtube.com Privacy link | VISITOR_INFO1_LIVE | Tries to estimate the users’ bandwidth on pages with integrated YouTube videos. |
youtube.com Privacy link | YSC yt.innertube::nextId | Registers a unique ID to keep statistics of what videos from YouTube the user has seen. |
youtube.com Privacy link | yt-remote-cast-available yt-remote-cast-installed yt-remote-connected-devices yt-remote-device-id yt-remote-fast-check-period yt-remote-session-app yt-remote-session-name | Stores the user’s video player preferences using embedded YouTube video |
Links or references to other Sites and Services
Our products and services may include links to third-party websites and online services. These links should not be seen as an endorsement or indication of any affiliation with such third parties. Furthermore, our content may appear on web pages or online services that are not directly associated with us. We do not have control over these third-party websites or online services, and we cannot be held responsible for their actions. It’s important to note that different websites and services have their own privacy policies, which may vary in terms of how they collect, use, and share your personal information. We strongly encourage you to review the privacy policies of any other websites and online services you utilize.
Children
Cireson products and services are designed for business purposes and are meant to be used by businesses. They are not intended for, and we don’t collect personal information from, individuals under the age of 18 knowingly. If we discover that someone under 18 has provided us with personal information without proper authorization, we will delete that information from our records as soon as reasonably possible.
US State Data Privacy Notice
The California Consumer Privacy Act of 2018 (“CCPA”) became effective on January 1, 2020 and created a variety of privacy rights for California consumers. In November 2020, California amended the CCPA, effective January 1, 2023. Additionally, Virginia (effective January 1, 2023), Colorado (effective July 1, 2023), Connecticut (July 1, 2023), and Utah (December 31, 2023) have passed laws extending similar privacy rights to their consumers. We use this notice to make disclosures required by these state laws.
Please note that the rules implementing some of these laws have not yet been finalized. We are continuously working to better comply with these laws, and we will update our processes, disclosures, and this notice as these implementing rules are finalized.
Scope: This section specifically applies to residents of California, Virginia, Colorado, Connecticut, and Utah (hereinafter the “states”). It explains how we handle the collection, use, and sharing of Personal Information both online and offline, as a “business” under the applicable state laws. It also outlines the rights that residents of these states have in relation to their Personal Information. Please note that certain categories of California residents, such as job applicants, may receive a different privacy notice that will take precedence over this section.
Your privacy rights: As a resident of these states, you have certain rights, which include the following. However, it’s important to note that these rights are not absolute, and there may be cases where we are permitted by law to deny your request.
You can request the following information about how we have collected and used your Personal Information during the past 12 months:
- The categories of Personal Information that we have collected;
- The categories of sources from which we collected Personal Information;
- The business or commercial purpose for collecting, selling and/or sharing Personal Information;
- The categories of third parties with whom we disclose Personal Information;
- The categories of Personal Information that we sold, disclosed, or shared for a business purpose; and
- The categories of third parties to whom the Personal Information was sold, shared or disclosed for a business purpose.
- You can request a copy of the Personal Information that we have collected about you during the past 12 months.
- You can ask us to delete the Personal Information that we have collected from you.
- You can ask us to correct inaccurate Personal Information that we have collected about you.
- You can request to opt-out of disclosures of your Personal Information that constitute “selling” or “sharing” of your Personal Information as defined in the state laws.
- You are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA and other state laws.
Exercising your right to information, access, correction and deletion. You may submit requests to exercise these rights in the section below, “How to Contact Us.”
Notice of right to opt-out of the “selling” or “sharing” of your Personal Information. As described above, Cireson does not engage in interest-based ads to you as described in the How We Use Personal Data section above. As such, Cireson does engage in what may be classified under the state laws as a “selling” or “sharing” your Personal Information (including any business and personal contact information, device data, and online activity data described above in “Personal information we collect” section above).
Verification of identity or authorized agents. To process your information, access, correction, and deletion requests, we need to verify your identity and confirm your state residency. This is to ensure the security of your personal information. In order to verify your identity, we may ask you to authenticate through an online account with us (if you have one), provide information that we can compare with our records, show a government-issued identification, make a declaration under penalty of perjury, or provide other information allowed by law.
If you want to authorize someone else (an authorized agent) to make a request on your behalf, we will need to verify their identity as well. They must provide us with a valid power of attorney according to applicable state laws (e.g. for California residents: California Probate Code Sections 4000-4465). If you have not granted your authorized agent a power of attorney, you must give them written permission, sign it, and confirm in writing that you have authorized them to exercise your rights under the CCPA or other applicable state laws. Additionally, they must provide the information we require to verify your identity.
Personal information that we collect, use and disclose. The table provided below gives a summary of the Personal Information we collect, categorized according to the specifications provided in the CCPA and CPRA. It outlines our current practices as well as those within the 12 months prior to the effective date of this Privacy Policy. It’s important to note that the information you voluntarily provide to us, such as through free-form web forms, may include additional categories of personal information that are not specifically mentioned in the table.
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records Internet or Network Information Sensory Information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Internet or network information Sensory information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records Internet or network information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records Audio or visual information | Service providers Professional advisors Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records Internet or network information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial information California consumer records | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers California consumer records | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial information Internet or network information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Internet or network information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Identifiers Commercial Information California consumer records Internet or network information | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Inferences | Service providers Professional advisors For compliance, fraud prevention, and safety Business transfers | N/A |
CCPA and CPRA Statutory Category | Categories of third parties to whom we “disclose” PI for a business purpose | Categories of third parties to whom we “sell” or “share” PI |
Protected classification characteristics We do not intentionally collect this information, but it may be revealed in identity data or data you enter into our systems. | N/A | N/A |
Information for Europe Residents
Scope: The information provided in this section applies to individuals in the European Economic Area, Switzerland, and United Kingdom (collectively, “Europe”).
Personal information. References to “personal information” in this Privacy Policy are equivalent to “personal information” governed by European data protection legislation.
Controller. Cireson is the controller of your personal information that is actively collected for the purposes of providing and improving the product or service.
Processor. Cireson is a processor of your personal information that is entered or ingested by you or your organization into systems and services operated and maintained by us. Please note that we are not aware, nor do we control the nature, category or volume of data that is entered and used by you and your organization.
Our GDPR representatives. Cireson does not process large amounts or special categories of data as referred to in GDPR Art. 9 (1), nor personal data relating to criminal convictions and offenses referred to in GDPR Art. 10. Thus, pursuant to GDPR Art. 27 (2)(a) Cireson does not currently maintain representation in Europe. Cireson will take appropriate steps, based on the requirements of our customers.
Legal bases for processing. We use your personal data for the purposes listed below. In respect of each of the purposes for which we use your personal data, European data protection legislation requires us to ensure that we have a “legal basis” for that use. We rely on the following legal bases:
- Consent: Processing personal data is based on the clear and voluntary agreement given by the individual for a specific purpose. Consent should be well-informed, straightforward, and provided through clear and affirmative action.
- Contractual Necessity: Processing personal data is necessary to fulfill obligations under a contract between the individual and the organization. This basis applies when data processing is required to carry out the terms of a contract or take steps before entering into a contract.
- Legal Obligation: Processing personal data is necessary to comply with a legal requirement imposed on the organization. This includes obligations set by laws or regulations, such as tax or employment laws.
- Legitimate Interests: Processing personal data is necessary for the legitimate interests pursued by the organization or a third party, except when those interests are outweighed by the individual’s rights and freedoms. Legitimate interests may include business purposes, direct marketing, fraud prevention, or IT security.
Cireson processes personal data for the following purposes:
Categories of personal data | Legal basis |
Business and personal contact information | Contractual necessity |
Categories of personal data | Legal basis |
Feedback or correspondence | Legitimate interests |
Categories of personal data | Legal basis |
Business and personal contact information | Legitimate interests Consent |
Categories of personal data | Legal basis |
Any and all data types relevant in the circumstances | Legitimate interests Compliance with law |
Categories of personal data | Legal basis |
Any and all data types relevant in the circumstances | Legitimate interests |
Categories of personal data | Legal basis |
Any and all data types relevant in the circumstances | Compliance with law |
Use for new purposes. We might use your personal information for purposes that are not specifically mentioned in this Privacy Policy, but only if it’s allowed by law and aligns with the original reason we collected your information. If we ever need to use your personal information for a different purpose, we will let you know and clarify the legal basis that applies to it.
Data Sharing and Transfers. We may share your personal data with trusted third parties, including service providers and business partners, for the purposes outlined in this privacy statement. We ensure appropriate safeguards are in place to protect your data when sharing it with third parties.
If we transfer personal data to countries outside the European Economic Area (EEA), we will implement appropriate measures to ensure an adequate level of data protection as required by applicable data protection laws.
Data Subject Rights. Under the GDPR, you have certain rights regarding your personal data, including:
- Right to access: You can request access to the personal data we hold about you.
- Right to rectification: You have the right to request correction of inaccurate or incomplete data.
- Right to erasure: You can request the deletion of your personal data under specific circumstances.
- Right to restrict processing: You have the right to restrict certain processing activities.
- Right to data portability: You can request the transfer of your personal data to another organization.
- Right to object: You have the right to object to certain processing activities based on legitimate interests.
To exercise your rights or obtain further information about them, please contact us using the details provided in the How to Contact Us section.
Your Right to Lodge a Complaint with your Supervisory Authority. In addition to your rights outlined above, if you are not satisfied with how we handle your request or process your personal information, you have the option to lodge a complaint with the data protection authority in your country of residence.
- For users in the European Economic Area – the contact information for the data protection regulator in your place of residence can be found here.
- For users in the UK – the contact information for the UK data protection regulator is below:
The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow – Cheshire SK9 5AF
Tel. +44 303 123 1113
Visit Website - For users in Switzerland – the contact information the Swiss data protection regulator can be found here.
How to Contact Us
If you would like to exercise your rights under this policy or have any questions or comments about this policy, please submit your request via email to privacy@cireson.com.
You may also write to us via postal mail at:
3960 W. Point Loma Blvd, #H290, San Diego, California 92110, United States