Simplifai Privacy Policy

This privacy policy (the “Policy”) has been compiled to better serve those who are concerned with how their personal data is being used, hereunder to inform you (“You” or “Your”) of Your rights as well as our policies and procedures regarding the processing of Your personal data.

Where the words “We“, “Us” or “Our” are used in this Policy, this refers to Simplifai AS, a limited liability company incorporated under the laws of Norway, bearing the Norwegian organisation no. 918 938 877 – and having its registered address at Stortorvet 10, 0155 Oslo, Norway. Please note that we are the data controller of Your personal data unless otherwise specified.

For the purposes of this Policy, the term “Services” means the software services delivered online to Our customers (“Customers”) or partners (“Partners”), including upgrades and updates that We may provide, if applicable.

Please read Our Policy carefully to get a clear understanding of how We collect, use, protect or otherwise handle your personal data. Please click on any of the topics below to be directed to the relevant information.

Personal data
Collection
Purpose
Processing
Legal basis
Data controller
What are your rights?
Retention
Third parties
Security
International Transfer
Amendments
Contact & Complaint

1. PERSONAL DATA

1.1. Personal data is information relating to a natural individual who can be identified, directly or indirectly by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity. This Policy does not cover aggregated data from which the identity of an individual cannot be determined. We retain the right to use aggregated data in any way that We find appropriate.

2. COLLECTION

2.1. We collect personal data when You use Our Services, subscribe to a newsletter, respond to a survey or marketing communication, use our Website or certain Website features, fill out a form, open a support ticket or otherwise enter information on Our Website. If You have engaged one of Our Partners which facilitates Our Services independently or bundled or combined with their own services, they will also provide personal data to Us.

3. PURPOSE

3.1. We process personal data to the extent necessary to enable You to make use of Our Services. We will process personal data for the purposes described herein and in order to offer, monitor, maintain, improve and analyse the Services.

3.2. When You access Our Services, We may also process Your personal data in order to:

a) Conduct internal investigations and risk assessments.

b) Fulfil Your service inquiries.

c) Handle disputes and provide assistance to Our Customers and Partners.

d) Manage a survey or Your use of the Services.

e) Process orders and transactions and send appurtenant information and updates

f) Register and prevent fraud, spam, abuse, technical issues, security incidents and other harmful activities.

g) Send You service or operating messages, such as updates, security alerts, and account alerts.

h) Verify You as a user and facilitate information that You have made available in the Services.

3.3. We also carry out anonymous analysis to improve Our Services. Such analysis will be conducted using aggregated and anonymised personal data, and this data will not be used to identify You as a person.

3.4. If You have agreed to online marketing, We may also process Your personal data in order to provide you with information on product updates, offers and news.

4. PROCESSING

4.1 By using the Services, We may process personal data about You, including but not limited to:

a) Billing information.
b) Details concerning Your use of the Services, e.g. duration, connection information, chat logs and Your questions and answers.
c) Device information.
d) E-mail address.
e) IP address.
f) Phone number.
g) Your name.

5. LEGAL BASIS

5.1. In order to use the Services, You must provide us with certain personal data. If You do not wish to provide Us with such necessary data, We cannot grant You access to the requested Services. You will be asked to confirm that You have read and consented to the contents of this Policy and to Our processing of Your personal data. You may withdraw Your consent at any time by contacting us as specified in Clause 13. Please note that such withdrawal may make it impossible for us to continue to deliver our Services to You.

5.2. If You wish to receive offers or newsletters from Us, You may consent to have your personal data processed for the purpose of marketing. Such consent is not required in order to use the Services and You may at any time withdraw Your consent by contacting us as specified in Clause 13.

6. DATA CONTROLLER

6.1. Unless otherwise specified in the terms and conditions applicable to the Services You have requested, We are the data controller, where the processing of personal data is collected directly from You as a data subject. A data controller is a person who determines the purpose of the processing of personal data and the means to be used during such processing. It is the data controller who has the overall responsibility for the processing of Your personal data.

6.2. We are also a separate data controller where personal data has been provided by another separate data controller who is either a Customer or a Partner of Us. In these cases, Our role as a data controller of personal data received from such entities or collected through Our Services shall be limited to the purpose of providing and operating the Services for the benefit of Our Customers, Partners and yourself. Please note that Our Customers and Partners are separate data controllers in regard to their processing of Your personal data through Our Services and otherwise. We strongly encourage You to read the privacy policies and any terms and conditions of the Customers and Partners who process Your personal data and We disclaim any responsibility or liability for the content and activities of these entities.

6.3. If You are consenting to this Policy on behalf of a Customer, Partner or an organisation, You warrant and acknowledge that You:

Are solely responsible for ensuring that the relevant data subjects have been provided with all necessary information in respect of this Policy
Have a lawful basis to transfer the personal data to Us.
Have sufficient power of authority to execute such consent.

7. YOUR RIGHTS

7.1. As a data subject, You have the following rights:

Access:You may request a copy of Your personal data that We process.
Data portability:You may request to obtain the personal data that You have provided to Us or to have said data transferred to a third party in a structured, commonly used and machine-readable format.
Erasure:You may demand that we erase all of Your personal data unless We are required by law to keep the data for a certain period of time.
Information:You are entitled to receive information concerning which categories of Your personal data that We process and how they are processed.
Objection:You may object to Our use of Your personal data for the purpose of direct marketing, including profiling for direct marketing purposes. You may also object to being subject to a decision based solely on automated processing, including profiling, which produces legal effects that significantly affect You.
Rectification:You may require Your personal data to be rectified or supplemented.
Restriction:You may request that We restrict the processing of Your personal data.

8. RETENTION

8.1. We keep Your personal data only for as long as it is required for the reasons it was collected from You. The time period in which We store personal data varies, depending on the category and the nature of the personal data.

8.2. When Your personal data is no longer required for Our purposes, We have procedures to destroy, delete, erase or convert it into an anonymous form.

9. THIRD PARTIES

9.1. We may disclose Your personal data to individuals or organisations who are Our service providers and who are involved in database management, maintaining, reviewing and developing our business systems, procedures, and infrastructure, including testing or upgrading our computer systems or who otherwise facilitates Our Services.

9.2. Third parties will only receive access to Your personal data for the purpose of fulfilling Our obligations to You, deliver the Services or if You otherwise have consented to such transfer or access. If We were to disclose personal data to organisations that perform services on Our behalf, We will require those service providers to use such personal data solely for the purposes of providing services to Us and to have appropriate safeguards for the protection of that personal data.

9.3. All third parties who receive personal data from Us are obligated to adhere to Our standards for the processing of personal data, as well as obligations in accordance with the applicable privacy legislation.

9.4. You acknowledge that We cooperate with government authorities and law enforcement officials to enforce and comply with any applicable law. Please note that there are circumstances where the use and/or disclosure of personal data may be justified or permitted or where We are obliged to disclose personal data without Your consent.

9.5. Where personal data may be subject to transfer to another organisation in contemplation of a merger, financing, reorganisation or dissolution transaction of all or part of Us, We will do this only if the involved parties have entered into an agreement under which the collection, use, and disclosure of the personal data is restricted to those purposes that relate to the transaction, including a determination of whether or not to proceed with the transaction, and is to be used by the involved parties to carry out and complete the transaction. If another company acquires Us or Our business or assets, that company will possess the personal data collected by Us and will assume the rights and obligations regarding Your personal data as described in this Policy.

10. SECURITY

10.1. Safeguarding Your personal data is Our highest concern. As such, we endeavor to maintain and employ reasonable measures for the physical, procedural and technical security with respect to the offices and information storage facilities involved with Your personal data, to prevent any loss, misuse, unauthorised access, disclosure, or modification of Your personal data. This also applies to Our disposal or destruction of Your personal data.

10.2. Your personal data is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the personal data confidential. We use computer systems with limited access housed in facilities using physical security measures.

10.3. If any of Our employees misuse personal data, this will be considered as a serious offence for which disciplinary action may be taken, including termination of employment. If any individual or organisation misuses personal data – provided for the purpose of providing services to or for Us – this will be considered a serious issue for which action may be taken, including termination of any agreement between Us and that individual or organisation.

11. INTERNATIONAL TRANSFER

11.1. Your Personal Data may be transferred to — and maintained on — computers located inside of the European Economic Area and other countries which the European Commission has considered to have adequacy of protection of personal data on the basis of Article 45 of Regulation (EU) 2016/679.

11.2. Our employees in Ukraine and India may access Your personal data in connection with product updates, support or product enhancement, e.g. training of underlying machine learning models. You acknowledge that We may transfer Your personal data for the aforementioned purposes to the following processors by way of EU standard contractual clauses:

Simplifai Ukraine LLC	Simplifai Cognitive Services Pvt Ltd
USREOU 42910206	CIN U74999PN2018FTC175269
Yaroslavskii lane, 1/304071, Kiev, Ukraina	Mahalunge, Fourth floor, The Pavilion, S.no. 105/1, Baner, Maharashtra 411026, India

11.3. You may obtain a copy of the EU standard contractual clauses by contacting Us as specified in Clause 13.

12. AMENDMENTS

12.1. The privacy policy is governed by Norwegian law and may be updated from time to time due to amendments or expansions in the Services, and We will notify You if this requires a new consent from You. In case of any material changes, We will contact You through the available channels such as e-mail or notifications on Our Website.

13. CONTACT & COMPLAINT

13.1. If you wish to utilise Your rights of access, information, rectification, erasure, restriction, data portability or the right to object to the processing of personal data or if You have questions or requests regarding this privacy policy, Our processing or wish to file a complaint, please contact us at: privacy@simplifai.ai.

13.2. We will investigate all complaints and if a complaint is found justified, We will take all reasonable steps to resolve the issue.

13.2. You are also entitled to file a complaint to the Data Authority regarding Our processing of Your personal data. For information on how to contact the Data Authority, visit the Data Authority’s website.

13.4. To guard against fraudulent requests, we may require sufficient information to allow us to confirm that the individual making the request is authorised to do so.

Cookie	Duration	Description
__hssrc	session	This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
_lfa	2 years	This cookie is set by the provider Leadfeeder to identify the IP address of devices visiting the website, in order to retarget multiple users routing from the same IP address.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
__hstc	5 months 27 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_7TME3LNQE9	2 years	This cookie is installed by Google Analytics.
_gat_UA-143157247-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
hubspotutk	5 months 27 days	HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_lfa_test_cookie_stored	past	No description
AnalyticsSyncHistory	1 month	No description
li_gc	5 months 27 days	No description
ln_or	1 day	No description