Sopheon PLC, Sopheon UK Limited, Sopheon NV, Sopheon GmbH, Sopheon France, Sopheon Corporation (Denver), Sopheon Corporation (Minnesota) and Alignent Software, Inc. (together "Sopheon," “we,” “our,” “us,” and the “Company”), are committed to protecting the privacy of individuals (“Visitors”) who visit the Company’s websites (“Sites”), individuals who register to use or purchase the Services as defined below (“Customers”), and individuals who register to attend the Company’s corporate events (“Attendees”).
We are acting as a data controller and, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data, including your choices regarding online and offline collection, use, access, and correction of personal data as well as how you can ask us to stop storing data about you.
In order to provide you with relevant information and respond to your requests, we sometimes request that you provide us with data about yourself. Sopheon operates in the business-to-business software industry, and does not focus on consumer users or the collection of consumer data. To the extent we collect data online and offline, our purpose is to better serve our business customers. Any reference to a Sopheon Site includes all of our websites and apps as well as those of our subsidiaries.
Sopheon participates in the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding certain personal data received by Sopheon in the U.S. from European Union member countries, and the United Kingdom and Switzerland. Please see our Sopheon Corporation Privacy Shield Policy for information about Sopheon’s data practices regarding personal data it receives from European Union member countries, the United Kingdom and Switzerland pursuant to the respective Privacy Shield frameworks. To learn more about the Privacy Shield program generally, and to view Sopheon’s certification, please visit https://www.privacyshield.gov/. As further described in our Privacy Shield Policy, in certain circumstances Sopheon is subject to investigation and enforcement by the US Federal Trade Commission.
On July 16, 2020, the Court of Justice for the European Union (CJEU) issued a ruling that invalidated the EU-US Privacy Shield which means it is no longer a legal option to protect data transferred from the EU to the US. Additionally, the court held that standard contractual clauses (SCCs) remain a legal transfer mechanism, and accordingly Sopheon relies on SCCs to transfer data globally. However, Sopheon also continues to uphold the requirements of Privacy Shield.
This Privacy Notice applies to Sopheon website interactions and serves as the basis for separate privacy policies specific to Sopheon Software as a Service (SAAS) product offerings. This Privacy Notice does not apply to the practices of third parties that Sopheon does not own or control, or to individuals that Sopheon does not employ or manage.
1. Types of Data We Collect and How We Collect It
Personal Data: Some portions of our Sites may request that you provide us with data about yourself from which we are able to identify you. Examples of this personally identifiable data include your name, professional contact data (telephone numbers, postal address, and email address), company name, and job function. We do not request or collect any Sensitive Personal Data (data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation) on or through the Sites. If you submit any Personal Data relating to other people to us or to our service providers in connection with the Sites, you represent that you have the authority to do so and to permit us to use the data in accordance with this Privacy Notice.
How We Collect Personal Data: We and our service providers may collect Personal Data in a variety of ways, including:
- Through the Sites: We may collect Personal Data through the Sites, for example when you contact us, download content (e.g. whitepapers), register for a webinar or event, subscribe to our newsletter or other email list, or register to use our Sites.
- Offline: We may collect Personal Data from you offline, such as when you attend one of our events, during phone calls with sales representatives, or when you contact customer service.
- Through You: We may collect information such as your location or your preferred means of communication when you voluntarily provide it. Unless combined with Personal Data, this information does not personally identify you or any other user of the Sites. Note that there is no legal obligation for you to provide us with Personal Data and any information collected by us will be provided by you at your own will and with your consent.
- Data from Other Sources: To enhance our ability to provide relevant marketing, offers, and services to you, we may obtain data about you from other sources, such as public databases, joint marketing partners, social media platforms, as well as from other third parties such as industry event organizers.
Other Data. “Other Data” is any data that does not reveal your specific identity or does not directly relate to an identifiable individual. This might include, for instance, browser and device data; Sites usage data; data collected through cookies, pixel tags, and other technologies; the address of the website from which you arrived at a Sopheon website, and the date and time of visits; demographic data and other data provided by you; geographic location (country only); or aggregated, non-personally identifiable data, such as the number of hits to our website, how much time spent on which pages, links clicked, etc. to collect data on our users’ behavior and their devices (stored as pseudonymized user profiles). We use this data to facilitate our operation of the Sites and for other purposes described below. Our vendors are contractually forbidden from selling any of the data collected on our behalf.
How We Collect Other Data. We and our service providers may collect Other Data in a variety of ways, including:
- Through Your Browser or Device: Certain data is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution and device screen size, operating system name and version, device manufacturer and model, preferred language, and Internet browser type and version.
- Through Cookies and Other Similar Technologies: Cookies and other similar technologies may be used to collect Other Data. We may use third parties to serve advertisements on other websites that may be of interest to you, based on data collected about your use of our Sites and other websites. To do so, these companies may place or recognize a unique cookie on your browser (including through the use of pixel tags and web beacons).
“Cookies” are small text files that store data about your interactions with a particular website, either temporarily (known as a “temporary” or “session” cookie, and are deleted once you close your browser window) or more permanently on the hard drive of your computer (known as a “permanent” or “persistent cookie”).
Cookies can make it easier to use a website by allowing servers to access certain data quickly:
- Session cookies can be used to help a user’s browser navigate a website more smoothly and may show up if the user comes from a website with which the subsequent website has some relationship (e.g., a website of an affiliated company) and can give helpful data.
- Persistent cookies can be used to customize or tailor data for a website for a user, such as by storing sessions, passwords, preferences, and registration and account data so that users do not have to re-enter this data each time they visit a website.
IP Address: Your “IP Address” is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP Address may be identified and logged automatically whenever you access the Sites, along with the time of the visit and the page(s) that you visited. Collecting IP Addresses is standard practice and is done automatically by many websites, applications and other services. Sopheon uses IP Addresses to calculate usage levels of the Sites, help diagnose problems with its servers, administer the Sites, and monitoring the regions from which you navigate to our Sites.
How We Collect IP Address: We and our service providers may collect IP Address in a variety of ways, including:
- Through First-Party Analytics Tools: We also use first-party analytics tools, such as HubSpot and MailChimp, to assist us with certain automated marketing efforts from your interactions on our website, including data you may provide. Additionally, we use G2 to assist with certain marketing efforts based on your interactions with our software to gather feedback. We use this data to better understand our customers and potential customers and to assess our marketing effectiveness and/or business performance.
Data Localization: Sopheon servers are located in the UK, EU and USA. Your national privacy laws may require certain data from certain types of industry to be resident locally, which Sopheon does not currently support. At the time of writing, we are aware of this being the case for Russia, and for medical industries in Japan and South Korea, national security matters in Mexico and Turkey, and financial industries in South Korea and Turkey. Do not register with us or sign up for a Sopheon Acclaim product unless you are certain that your industry is exempt from such requirements.
2. How We Use Your Data
The data Sopheon collects helps us to understand how our Sites are being used so that we can improve their quality and make them more helpful to our users.
We may also use the data we collect about you or submitted by you to communicate with you about our products and services. These uses may include providing you with services and support, communicating with you and responding to your requests, and sending you information in relation to new products and services. If you choose to join any of the mailing lists offered by Sopheon, we will use the data stored about you to send mailings to you. We use any data received by us in any e-mail received from you, such as to email@example.com, to respond to your e-mail.
We may email you several times after your enquiry in order to follow up on your interest and ensure that we have answered it to your satisfaction. We will do this based on our legitimate interest in marketing our products and services. You can ask us to stop at any time.
If you do not provide certain information, you may still be able to access other portions of this website, although it may limit your access to certain information or services.
3. How We Share Your Data
Sopheon shares data for business purposes only on a need-to-know basis and only with: other companies within our group of companies; its own employees and affiliates; the entity from which Sopheon received the data; Sopheon agents, consultants, subcontractors, advisers and auditors; to suppliers of services to us, and third-party service-provider companies, in each case that have agreed to take measures to safeguard your data and other entities authorized to have access to such data under applicable law or regulation. Except as described in this Privacy Notice, Sopheon will not share the personal data you provide to Sopheon with non-Sopheon third parties without your permission except as required by law to government agencies (such as the police) or courts of competent authority or when necessary in order to protect the rights of Sopheon or its employees.
We acknowledge our liability for such data transfers to third parties.
International Transfer of Data: Your personal data collected on Sopheon websites and through our services may be transferred to, stored and processed in Europe or the United States or any other country in which Sopheon or its subsidiaries or service providers maintain facilities. By disclosing data to us, you are consenting to the transfer of the data outside of your country to any country (including countries which may have different data protection rules than those of your country or the country in which you were located when you initially provided the data).
4. How We Keep Your Data Secure
Sopheon is committed to protecting the security of your personal data. We use a variety of appropriate physical, technical and administrative procedures to safeguard the data we collect – to process data only in ways compatible with the purpose for which it was collected; to carefully protect it from unauthorized access, disclosure, or alteration; and to maintain data accuracy. When collecting or transferring sensitive data, we protect it through the use of encryption, such as the Transport Layer Security (TLS) protocol.
Please keep in mind that while we have established safeguards to help prevent unauthorized access to or misuse of your personally identifiable data, we cannot guarantee that it will never be disclosed in a manner inconsistent with this Privacy Notice (for example, in the event of unauthorized acts by third parties that violate applicable law or our policies). In addition, if a password is used to help protect your accounts and personal data, it is your responsibility to keep your password confidential. Do not share this information with anyone. If you are sharing a computer with anyone you should always log out before leaving a site or service to protect access to your data from subsequent users.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they cease being customers. In some circumstances you can ask us to delete your data. Please note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be communicated to you at the time of your request, if applicable.
Also, if your data is embedded in a Sopheon product or service, as these involve databases with relational links between data fields, the entire database could be corrupted if a person who had transacted on the platform asked to have their data erased. We will “erase” such data by anonymizing any personally identifying information. We may also anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
5. How You Can Access, Correct, Update, or Remove Your Data
Sopheon provides individuals with the ability to know whether we hold data about you and, if we do (subject to certain limitations), to have access to that data, to have it corrected if it is inaccurate or out of date, or to request that it be removed.
This may be accomplished
When contacting us, please specify the data that you think is incorrect, inaccurate or out of date. Please also provide us with correct replacement data. If we have asked for your consent to process your personal data, you may withdraw that consent at any time. If you wish to be removed from any of our databases or mailing lists, please include those instructions.
You have the right to make a complaint at any time to your jurisdiction’s data protection authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach them. Please contact us in the first instance.
- A list of EU data protection authorities is available here: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm
- To contact the Swiss FDPIC visit: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html
- To contact the UK Information Commissioner’s Office visit: www.ico.org.uk
- To contact the Office of the Attorney General of California, visit: https://oag.ca.gov/privacy
6. MinorsSopheon does not offer services to minors and does not knowingly request personally identifiable data from anyone under the age of 17. Any person who provides their personal data to Sopheon through this website represents that they are 17 years of age or older.
7. Use of Social MediaWe use social media widgets as dynamic information sharing tools on our website (such as LinkedIn, Twitter or Facebook) to engage in dialogue, share information and media, and collaborate with our visitors. Your activity on these social media sites is governed by the security and privacy policies of the third-party sites. Sopheon does not control, moderate or endorse the comments or opinions provided by visitors to these sites. You should review the privacy policies of all websites before using them and ensure that you understand how your data may be used. You should also adjust privacy settings on your account on any third-party website to match your preferences.
8. Links to Non-Sopheon WebsitesSopheon’s websites may provide links to unaffiliated, third-party websites for your convenience and information. If you access these links, you will leave the Sopheon website. Sopheon has no control over these websites and is not responsible or liable for the policies and practices followed by third parties. The personal data you choose to provide to or that is collected by these third parties is not covered by this Privacy Notice. If you link to or otherwise visit any other websites managed by third parties, we encourage you to review the privacy policies posted at those sites to understand their information practices.
9. Updates to this Privacy Notice
Sopheon may, acting in its sole discretion, modify, revise, amend, or replace this Privacy Notice at any time and from time to time. When we do, we will also revise the “last updated” date on the Privacy Notice.
All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this Privacy Notice or other notice on the website. We encourage you to review this Privacy Notice often to stay informed of changes that may affect you, as your continued use of the website signifies your continuing consent to be bound by this Privacy Notice. Our electronically or otherwise properly stored copies of this Privacy Notice are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this Privacy Notice which were in effect on each respective date you visited the Website.
10. Questions, Concerns or ComplaintsIf you have any questions, comments, or suspect that we may have acted contrary to this Privacy Notice or any applicable legislation about our Privacy Notice or associated practices, please email us at firstname.lastname@example.org or write to attention Privacy Officer at one of the following addresses:
- Privacy Officer, Sopheon Corporation, 6870 West 52nd Avenue, #215, Arvada, CO 80002, USA
- Privacy Officer, Sopheon NV, Gaetano Martinolaan 95, 6229 GS Maastricht, The Netherlands
- Privacy Officer, Sopheon UK Limited, Dorna House One, Guildford Road, West End, Surrey GU24 9PW, UK
The Privacy Officers of Sopheon NV and the Sopheon UK Limited respectively act as each other’s Article 27 representatives.
Last updated 19 December 2022