Privacy Policy

Second Sight Data Discovery, LLC Privacy Policy, effective as of September 1, 2020

This Privacy Policy (“Privacy Policy”) explains our privacy practices for the activities described herein.  We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy.  Please read this Privacy Policy carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Data”), and to learn about your rights and choices regarding your Personal Data.

A reference to “we,” “us” or “our” is a reference to Second Sight Data Discovery, LLC and its relevant subsidiaries or affiliates involved in the collection, use, sharing, or other processing of Personal Data.

1. Responsible Entity – We are the controller of your Personal Data as described in this Privacy Policy, unless specified otherwise.

2. Processing Activities Covered – This Privacy Policy applies to the processing of Personal Data collected by us when you visit us on the web or through social media pages; receive communications from us, including emails, phone calls, texts or fax; attend one of our events; use our software or engage us to provide services to you.

Our website, software, and services may contain links to other websites, applications, and services maintained by third parties. The information practices of other services, or of social media platforms that host our branded social media pages, are governed by their Privacy Policies, which you should review to better understand their privacy practices.

3. Personal Data Collected – The Personal Data we collect directly from you may include identifiers, professional or employment-related information, financial account information, commercial information, visual information, and internet activity information. We collect such information in the following situations:

  • If you express an interest in obtaining additional information about our software or services; request customer support; use our “Contact Us” or similar features; sign up for and/or attend an event or webinar; download certain content.
  • If you purchase a subscription for our software or register for a webinar or event, we may require that you provide to us your financial and billing information, such as billing name and address, credit card number or bank account information.
  • If you interact with our website or emails, we may automatically collect information about your device and your usage of our website or emails, IP addresses or other identifiers, which may qualify as Personal Data using cookies, web beacons, or similar technologies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website. Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
  • If you use and interact with our software or services, we may automatically collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as Personal Data.
  • If you voluntarily submit certain information to our software or services, such as filling out a survey about your user experience, we collect the information you have provided as part of that request.
  • If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Policy.

If you believe that your Personal Data has been provided to us improperly, or if you want to exercise your rights relating to your Personal Data, please contact us immediately.

4. Using Personal Data – We may collect and process your Personal Data for a variety of purposes. Where required by law, we obtain your consent to use and process your Personal Data for these purposes. Otherwise, we may rely on the need to use such data to perform a contract or other legal basis. Examples of such reasons include, but are not limited to, the following:

  • Promoting the security of our website, software, and services. We may process your Personal Data by tracking use of our website, software, and services, creating aggregated non-personal data, verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies to the extent it is necessary for our legitimate interest in promoting the safety and security of the services, systems and applications and in protecting our rights and the rights of others.
  • Reviewing compliance with applicable usage terms. We may process your Personal Data to review compliance with the applicable usage terms in your applicable EULA, MPSA, or other such agreement.
  • Handling contact and user support requests.  If you fill out a “Contact Me” web form or request user support, or if you contact us by other means including via a phone call, we may process your Personal Data to address your issue.
  • Providing necessary functionality. We may process your Personal Data to perform our contract with you for the use of our website, software, and services; if we have not entered into a contract with you, we base the processing of your Personal Data on our legitimate interest to provide you with the necessary functionality required for your use of our websites and services.
  • Managing payments. If you have provided financial information to us, we may process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you.
  • Providing, developing and improving our website, software, and services. We may process your Personal Data to perform obligations set forth in any applicable EULA, MPSA or similar agreement we enter into with you, or for the use of our website, software and services.  If we have not entered into a contract with you, we may process your Personal Data to operate and administer our website, software, and services, and to provide you with content you access or request. Such information may also be used to improve our website, software, and services, and to improve functionality.
  • Managing event registrations and attendance. We may process your Personal Data to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you.
  • Assessing opportunities. We may process your Personal Data to assess the requirements of our software and services to ensure that we are meeting the necessary requirements of our service offering and recommending the correct level of engagement.
  • Sending marketing communications. We may process your Personal Data or device and usage data, which in some cases may be associated with your Personal Data, to send you marketing information, product recommendations and other non-transactional communications about us, our subsidiaries, and our affiliates and partners, including information about our products or events.

If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.

5. Sharing Your Personal Data – While we generally strive to keep your Personal Data private, we may share your Personal Data as necessary for reasons such as those set forth below:

  • To fulfill the purpose for which you provide it. For example, if you request a specialized cyber insurance quote based on the results of our software, we will transmit the Personal Data necessary for the quote to be provided.
  • With our contracted service providers, who provide services such as IT and system administration and hosting, credit card processing, research and analytics, data analysis, marketing, customer support and data enrichment for the purposes set forth above and to fulfill any agreements we may have with you.
  • If you use our website to register for an event or webinar organized by us or one of our affiliates, we may share your Personal Data with any event sponsors as well as any affiliate to the extent this is required on the basis of the affiliate’s contract with you to process your registration and ensure your participation in the event.
  • We may share your Personal Data with professional advisors acting as service providers, processors, or joint controllers – including, but not limited to, lawyers, bankers, accountants, auditors, and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Data.
  • We may share anonymized and aggregated data in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services or usage patterns and best practices within a particular industry.  We may also share such information with our subsidiaries and affiliates.
  • If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a business unit, or if all or a portion of our business, assets are acquired by a third party, with such third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.
  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

6. International transfer of Personal Data – Your Personal Data may be collected, processed, transferred to and stored by us outside your jurisdiction, and in countries that are not subject to an adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection as your jurisdiction, such as the EEA. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR). Where required by applicable law, we will only share, transfer or store your Personal Data outside of your jurisdiction with your prior consent.

7. Personal Data Retention – We may retain your Personal Data for a period of time consistent with the original purpose of collection or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements.

8. Rights Relating to Your Personal Data – You may have certain rights relating to your Personal Data, subject to local data protection laws. To exercise your rights, please contact us by using the information in the “Contact us” section, below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive.

9. Data Security – We take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Data we process or use.  However, the safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential.

While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website.

10. Changes to this Privacy Policy – It is our policy to post any changes we make to our privacy policy on this page and to update the “effective date” at the top of the page when we do. If we make material changes to how we treat our users’ personal information, we may notify you prior to the update taking effect or may post a conspicuous notice on our website of the change. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our website and this privacy policy to check for any changes.

11. Contact – To exercise your rights regarding your Personal Data, or if you have questions regarding this Privacy Policy or our privacy practices, please email us at privacy@secondsight.ai.

12. Children – Our website is not intended for children under 16 years of age and we do not knowingly collect Personal Data from children under the age of 16. If you believe we might have any information from or about a child under 16, please contact us at the address set forth below.

13. Additional Disclosures for California Residents – If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our software that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@secondsight.ai or write us at: 509 S. Woodscrest Drive, Bloomington, IN 47401.  If you are an authorized agent wishing to exercise rights on behalf of a California resident, please provide us with a copy of the consumer’s written authorization designating you as their agent.  We may need to verify your identity and place of residence before completing your rights request.

The California Consumer Privacy Act requires businesses to disclose whether they sell Personal Data. To the extent we may be covered by the CCPA, we do not sell Personal Data. We may share Personal Data with third parties or allow them to collect Personal Data from our sites or Services if those third parties are authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal Data.

California law requires that we detail the categories of Personal Data that we share or disclose for certain “business purposes,” such as disclosures to service providers that assist us with securing our services or marketing our products. We disclose the following categories of Personal Data for our business purposes: identifiers; commercial information; internet activity information; financial information; professional and employment-related information; education information; and inferences drawn from any of the above information categories.