Privacy Notice

Introduction

Verimatrix (“Verimatrix”, “we”, “us”, “our”) is committed to fulfilling its responsibilities under applicable data protection and privacy legislation including, without limitation, under the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”) (collectively, the “privacy laws”), in relation to the collection, retention, use, and other processing of personal data (defined below).

This privacy notice (“Privacy Notice”) sets out how and why we obtain and process: (1) personal information, as defined by the CCPA, and (2) personal data, as defined by the GDPR (collectively, “personal data”).  It applies to our customers or partners, individuals who interact with any of our websites (collectively, “our website”).

This Privacy Notice specifically explains how we process personal data in our role as a data controller (i.e., when we are responsible for determining the purpose and means of the processing) in the course of our business activities.  It does not apply to processing activities carried out by Verimatrix in its role as a data processor.  We may undertake additional processing which is subject to separate privacy policies and we will draw them to your attention where this is the case.

Terms not otherwise defined in this Privacy Notice have the meaning set out in the GDPR.

Your rights under the privacy laws are set out in this Privacy Notice. See in particular “Your Rights and Choices” for more information.

This Privacy Notice covers:

What Personal Data We Collect and How We Collect It

We may collect personal data when:

  • You give it to us, or we collect it from you, directly – for example, if you wish to receive newsletters or other promotional material, or if you submit a job application to us, interact with our chatbot facility or register for a paid service through our website.
  • You give permission to other parties to share it with us – for example, if you ask to receive information about us from one of our partners or affiliates, or if a client provides us with your information in connection with the provision of one of our many services.
  • Your personal data is available publicly, for example, on an official register of businesses or any another public registry, or is available from external sources such as third party websites and apps, content distribution channels and platforms.

 

We may collect and process the following information about you:

  • Contact data. You may provide us with your contact details, such as name, job title, employer, address, phone number, email address, or other similar information, which we may use, for example, to respond to you or for administrative purposes.  You may update or delete this information by writing to us at [email protected] or, if you are a California resident, by one of the other methods listed under the “California Consumers’ Rights” section below.
  • Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our website and record that data in log files.  This log data may include your Internet Protocol (IP) address, the address of the web page visited before using our website, browser type and settings, the date and time our website was used, information about browser configuration and plugins, language preferences, and cookie data.
  • Device Information. Verimatrix may obtain information about devices that access our website, including the type of device, its operating system, device settings, unique device identifiers, and crash data.  We may also collect device information posted on third party websites for purposes further described below.
  • Authentication Data. To verify the identity of registered users on our website we may collect a username, password, password hint(s), and other similar authentication information.
  • Job Application Information. If you apply for a job through our Careers page, we or our vendor may collect your name, e-mail address, physical address, phone number, and resume data.
  • Financial Information. If you are registering for a paid service via a Verimatrix webpage, we will collect certain financial information from you, such as details of your bank account, including the IBAN, or your credit card information using a third-party payment processor (see https://www.verimatrix.com/sub-processors), depending on your payment method.
  • Other Information You Provide. This may include emails and other communications you send us or otherwise contribute, such as prospective customer inquiries.  This may also include information provided to us via our chatbot facility.

Why We Use your Personal Data and on What Legal Basis

We may use the personal data we obtain to:

  • Communicate with you and/or promote our products and services (including without limitation through conducting surveys for our products, services and events and/or providing promotional materials free of charge), if you have requested or consented to such communication or promotion, or if you have previously communicated with us.
  • Provide you with customized services you have requested or agreed to.
  • Ensure the security and integrity of our website.
  • Maintain and operate our website, including any applications which can be subscribed to through the website.
  • Analyze and learn about how our website is accessed and used.
  • Manage our customer and partner relationships.
  • Analyze and learn about online cyber risks including online piracy of proprietary content.
  • Verify and/or authenticate a registered user’s identity.
  • Enforce our Terms of Use and other legal terms and policies.
  • Protect our interests, rights, and property.
  • Comply with applicable legal requirements.

 

We process your personal data pursuant to one of the following legal bases:

  • You have consented to the use of your personal data.  When you consent, you can change your mind and revoke your consent at any time. In this respect, you may unsubscribe from receiving notices or updates and elect not to receive correspondence by emailing [email protected], or you may unsubscribe from receiving promotional emails from us by following the instructions provided in email communications.  Please note that even if you opt out of receiving promotional communications from us, we may continue to send you non-promotional emails, such as communications regarding our ongoing relationship with you, pursuant to the other legal bases listed herein.
  • The processing is necessary for us to provide you with the services and products you request, or to respond to your inquiries.
  • We have a legal obligation to process your personal data, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.
  • We have a legitimate interest in using your personal data.  In particular, we have a legitimate interest in the following cases:
    • To analyze and improve the safety and security of our website.  This includes implementing and enhancing security measures and protections and protecting against fraud, spam, and abuse.
    • To operate, maintain and improve our website.
    • To provide you with certain tailored advertising and communications to develop and promote our business.  You can object to such processing at any time. In this respect, you may unsubscribe from receiving tailored communications by emailing [email protected], or by unsubscribing from promotional emails from us by following the instructions provided in such email communications.  Please note that even if you opt out of receiving promotional communications from us, we may continue to send you non-promotional emails, such as communications regarding our ongoing relationship with you, pursuant to the other legal bases listed herein.
    • To anonymize personal data and subsequently use the anonymized information.
    • To conduct research into cyber risks faced by our clients, including regarding the piracy of proprietary content, in order to better advise those clients as to the protections needed for their businesses.

How We May Share your Personal Data

We may share your personal data:

  • With Verimatrix direct and indirect subsidiary companies, which will also process your information in accordance with this privacy notice.  These subsidiary companies are:
    • Verimatrix, Inc.
    • Verimatrix GmbH
    • Verimatrix Amsterdam B.V.
    • Verimatrix Paris SAS
    • Verimatrix UK Ltd
    • Inside Secure Oy
    • Meontrust Oy
    • Verimatrix International, Inc.
    • Verimatrix Video Security Solutions Canada Limited
    • Verimatrix Video Security Solutions India Private Limited
    • Verimatrix Singapore PTE. Limited
    • Verimatrix K.K.

  • With our business partners and service providers that perform services on our behalf when it is reasonably necessary or desirable, such as to help provide services to you or analyze and improve our website.  For example, we may use third parties to help us provide customer support, manage our advertisements on other websites, send marketing and other communications on our behalf, or assist with data storage.  These service providers are listed in https://www.verimatrix.com/sub-processors.

  • With law enforcement, public authorities, regulators and/or our professional advisers, if we determine that such disclosure is reasonably necessary to comply with the law, protect our rights or interests (such as enforcing our Terms of Use), or to prevent fraud or abuse.  For example, we may disclose your personal data in response to binding, lawful requests by public authorities, such as to meet national security or law enforcement requirements.

  • With professional advisers and business partners in the event that we are involved in a reorganization, merger, acquisition, or sale of some or all of our assets.

 

We will not sell or rent your personal data.

Social Features, Advertising, and Analytics

Certain functionalities on our website permit interactions that you initiate between our website and third-party services, such as social networks (“Social Features”).  Examples of Social Features include features enabling you to send content such as contacts and photos between our website and a third-party service; “liking” or “sharing” our content; and features that otherwise connect our website to a third-party service (e.g. to pull or push information to or from our website).  If you use Social Features, and potentially other third-party services, information you post or provide access to may be publicly displayed by the third-party service you use.  Also, both Verimatrix and the third party may have access to certain information about you and your use of our website and the third-party service.

How We Protect Your Personal Data

We maintain appropriate technical and organizational safeguards designed to help protect personal data from unauthorized disclosure or access and accidental or unlawful destruction, loss, or alteration.

Our security measures include:

Physical Safeguards

We lock doors and file cabinets, control access to our facilities, implement a clean desk policy, and apply secure destruction to media containing personal data.

Technical Safeguards

We endeavor to use reasonably available state-of-the-art network and information security standards, protocols and technologies, including encryption, intrusion detection and data loss prevention, and we monitor our systems and data centers to ensure that they comply with our security policies.

Organizational Safeguards

We conduct regular company-wide, as well as role-specific and targeted, training and awareness programs on security and privacy, to make sure that our employees and contractors understand the importance of protecting personal data, and that they learn and maintain the necessary knowledge and skills effectively to protect it in practice.

We also have in place contractual obligations with our vendors designed to ensure that personal data are protected from unauthorized access or disclosure.  Only individuals with a need to know are permitted access to personal data, and that access is limited to what is reasonably needed to carry out the relevant individual’s responsibilities.

If you have any questions about the security of your personal data or the security of our website, or wish to report a potential security issue, please contact [email protected].  When reporting a potential security issue, please describe the matter in as much detail as possible and include any information that might be helpful.

Although we use reasonable efforts to safeguard personal data, we cannot guarantee the security of your information.  If the measures we have adopted fail to prevent a data breach, we will promptly take necessary remedial measures, and fulfill our legal obligation with regard to the notification of regulators and/or affected data subjects.

We will store your personal data for no longer than is necessary for the performance of our obligations, or to achieve the purposes for which the information was collected, or as may be permitted or imposed under applicable law, or that is reasonably necessary to resolve disputes, or to enforce our rights and/or agreements, or during which litigation or investigations might arise in respect of our business relations or other interactions with you.  To determine the appropriate retention period, we will consider the amount, nature, and sensitivity of the data; the potential risk of harm from unauthorized use or disclosure of the data; the purposes for which we process the data and whether we can achieve those purposes through other means; and the applicable legal requirements. Unless otherwise required by applicable law, at the end of the retention period we will remove personal data from our systems and records or take appropriate steps to properly anonymize it.

  • What is a cookie?

We utilize cookies on our website, but only if you have provided your consent.  A “Cookie” is a small piece of data sent from our webpage and stored in your web browser, mobile phone, or other device while you are using our website.  Cookies send back information to our servers or those of third parties.  It helps the page recognize your device the next time you visit, provides you with access to certain functions, and understands your website journey. Cookies are very common web technology – most websites use cookies.

Cookies are either “session” Cookies which are deleted when you end your browser session, or “persistent,” which remain until their deletion by you (discussed below) or the party who served the Cookie.

  • Why do we collect cookies?

As described in more detail below, we use these technologies:

  • To recognize new or past customers.
  • To store your password if you are registered on our website.
  • To facilitate and improve your navigation on our website.
  • To allow the proper functioning of certain services.
  • To improve our website and to better understand your visits.
  • To integrate with third party social media websites.
  • To better personalize the services, content, promotional offers and banners that appear on our website.
  • To serve you with interest-based or targeted advertising.
  • To measure the audiences of certain services.
  • To observe your behaviors and browsing activities over time across multiple websites or other platforms.
  • To better understand the interests of our customers and our website visitors.
  • How do cookies function?

 

Only the issuer of a cookie may read or modify the information contained therein. Our website uses cookies to distinguish you from other users on our website.  This helps us to provide you with a better experience when you browse our website and also allows us to make improvements to our website.  Additionally, the cookies used on our website make it possible to identify the services and sections that the user has visited, and more generally their behavior in terms of visits.

Cookies may be included in the advertising spaces on our website. Cookies are also included in the sharing buttons on social networks.

  • What cookies do we issue?

When you connect to our website, we may be required, subject to your choices, to install various cookies in your terminal allowing us to recognize the browser of your terminal during the period of validity of the cookie concerned.

Details of the cookies used on www.verimatrix.com, investors.verimatrix.com and appshield.verimatrixcloud.net can be obtained by clicking the “Cookies Preference” link at the foot of the web page to open the “Privacy Preference Center”.

The cookies we issue are used for the purposes described below, subject to your choices which result from your specific cookie choices (see below) and the settings of your browser software used during your visit to our website.

The cookies we issue allow us to:

a. Facilitate and improve your navigation on our website:

  • by adapting the presentation of our website to the display preferences of your terminal (language used, display resolution, operating system used, etc.) during your visits to our website, depending on the hardware and viewing software or of reading that your terminal includes;
  • by memorizing information relating to a form that you have filled out on our website or to products, services or information that you have chosen on our website;
  • by allowing you to access reserved and personal spaces on our website, such as your account, using identifiers or data that you may have previously given to us;
  • by implementing security measures.

 

b. Improve our services:

These cookies make it possible to establish statistics and volume of attendance and use of the various elements making up our website (sections and content visited, routes) in order to improve the interest and ergonomics of our services.

c. Adapt the advertising offered on our website:

  • by counting the total number of advertisements displayed by us on our advertising spaces, identifying these advertisements, the number of users who clicked on each advertisement and establishing statistics;
  • by adapting our advertising spaces to the display preferences of your terminal (language used, display resolution, operating system used, etc.), depending on the hardware and software for viewing or reading that your terminal contains;
  • by adapting the advertising content displayed on your terminal by our advertising spaces, according to the navigation of your terminal on our website;
  • by adapting if necessary the advertising content displayed on your terminal in our advertising spaces according to the location data transmitted by your terminal with your prior agreement;
  • by adapting the advertising content displayed on your terminal in our advertising spaces according to the personal data that you have provided to us.
  • What are your options?

 

The use of cookies not strictly necessary for the provision of our website on your terminal is subject to your consent, except in the case of legal exemption.

You have several options for managing cookies.  Any configuration that you may undertake may modify your browsing on the Internet and our website as well as your conditions of access to certain services requiring the use of cookies.  You can choose at any time to express and modify your wishes in terms of cookies, by the means described below.

On www.verimatrix.com, investors.verimatrix.com and appshield.verimatrixcloud.net the configuration and recording of your choices regarding the deposit of cookies and other tracers is carried out via the banner offered for display when you first connect to our website.  The console allowing you to modify your initial choices can be accessed by clicking the “Cookies Preference” link at the foot of the web page to open the “Privacy Preference Center”.

We may link the information collected by Cookies with other information we collect from you pursuant to this Privacy Notice.  Similarly, the third parties who serve Cookies on our website may link your name or email address to other information they collect.

Personal Data Transfers

If you are visiting our website from outside the United States, please be aware that personal data we collect will be transferred to and stored on our servers in the United States.  By using our website, you acknowledge and consent to the transfer and processing of your personal data in the United States as described in this Privacy Notice.

To the extent your personal data is transferred to the United States from the European Economic Area, or if such personal data is transferred to other countries not deemed by the European Commission to provide an adequate level of personal data protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal data, where required by EU data protection legislation:

  • Contracts (in the form of Standard Contractual Clauses) approved by the European Commission which impose data protection obligations on the parties to the transfer.
  • An alternative transfer solution, i.e., a solution, other than the Standard Contractual Clauses, that enables the lawful transfer of personal data to a third country in accordance with the GDPR.

 

Please contact us if you want further information on the specific mechanism we use to transfer your personal data.

Your Rights and Choices

A. European Data Subjects’ Rights

The GDPR provides EU data subjects with certain rights regarding their personal data. In accordance with GDPR and other applicable privacy laws, you may ask Verimatrix to take the following actions in relation to your personal data that we hold:

  • Right of information. You have the right to ask us to provide you with a copy of the information we hold on you and you have the right to be informed of: (a) the source of your personal data; (b) the purpose, methods and legal basis of processing; and (c) the entities to whom your personal data may be transferred.
  • Right of rectification. You have a right to ask us to update or correct inaccuracies in your personal data and you may ask us to complete information which is incomplete.
  • Right to be forgotten. You may ask us to delete your personal data in certain limited circumstances, for example: (a) where it is no longer necessary for us to continue holding or processing your personal information for a particular purpose; (b) if you withdraw your consent to certain processing (in relation to which we rely upon your consent as a lawful basis); (c) if you have objected to processing in relation to which we rely upon our legitimate interests, and we have no overriding interest or that personal information or that personal information is processed for direct marketing purposes.
  • Right of portability. You may ask us to transfer a machine-readable copy of your personal data to you or a third party of your choice.  This right is only available when we process your personal data with your consent or pursuant to a contract with you, and in each case, where we are processing your data by automated means.
  • Right to restrict processing. You may ask us to restrict the processing of your personal data if: (a) you contest its accuracy and we need to verify whether it is accurate; (b) the processing is unlawful and you ask us to restrict use of it instead of erasing it; (c) we no longer need the information for processing, but you need it to establish or defend legal claims; or (d) you have objected to our processing of the information for the purposes of our legitimate interests.  This restriction would apply while we carry out our balancing assessment of your rights and our legitimate interests.
  • Right to object. You have the right to object to reliance on our legitimate interests as the basis for processing of your personal data.  If you raise an objection, we have an opportunity to demonstrate that we have a compelling legitimate interest which override your right not to have your data processed.
  • Right to object to our processing for direct marketing purposes. You can require us to refrain from processing your personal data for direct marketing purposes if you object to such processing.  We must comply with any request to stop processing for the purpose of direct marketing.
  • Right to withdraw consent. You may withdraw your consent to our processing your personal data (where the data processing is based on consent) at any time.
  • Right to lodge a complaint with a regulator. If you would like to submit a complaint about our use of your personal data or our response to your requests regarding your personal data, you may contact us at [email protected] or submit a complaint to the data protection regulator in your jurisdiction.  You can find information about your data protection regulator here.

 

You can submit these requests by email to [email protected] or our postal address provided below. We may request specific information from you to help us confirm your identity prior to processing your request.  Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

B. California Consumers’ Rights

The CCPA permits California residents to make the following requests regarding the processing of their personal information:

  • Right to know and access your information. You have the right to: (i) know the categories of personal information we collect and the categories of sources from which we got the information; (ii) know the business or commercial purposes for which we collect and share personal information; (iii) know the categories of third parties with whom we share the personal information; and (iv) access specific pieces of personal information we have collected about you.  You can ask us to provide you with this information up to two times in a rolling twelve-month period.  When you make this request, the information provided may be limited to personal information we collected about you in the previous 12 months.
  • Right to deletion. You can ask us to delete your personal information. Once we receive a request, we will delete the personal information (to the extent required by law) we hold about you as of the date of your request from our records and direct any service providers to do the same. In some cases, deletion may be accomplished through de-identification of the information.  Choosing to delete your personal information may impact your ability to use our websites and online features.
  • Right to opt out of the sales. We do not sell or rent your personal information.
  • Right to be free from discrimination. You may exercise any of the above rights without fear of being discriminated against.

 

Californians may exercise their rights by emailing [email protected], or by contacting us by phone (1-800-574-3856) or by postal mail sent to:

Verimatrix, Inc.

Attention: Data Protection Officer

6059 Cornerstone Court West

San Diego, California 92121 USA

Your inquiry must include your name, street address, city, state, and ZIP code.  You may be required to submit proof of your identity for your request to be processed.  Please note that we are only required to respond to one request per California resident each year.

Links to Other Websites

We may provide links to other websites or services for your convenience and information.  Websites that are operated by entities not affiliated with Verimatrix may have their own privacy policies or notices, which we strongly suggest you review.  Verimatrix is not responsible for the content or privacy practices of any linked websites that we do not control.

Children's Privacy

This website is not intended for, nor targeted to, children under 16, and we do not knowingly or intentionally collect information from children under 16.  If we learn that we have received information directly from a child who is under the age of 16, we will delete the information in accordance with applicable law, except as provided below.

Upon request, we will provide a parent or guardian who has provided adequate identification with the following: (1) a description of the specific types of personal data collected from the child, (2) the opportunity to refuse or permit further collection and use of personal data from the child, and (3) a reasonable means for the parent or guardian to obtain any personal data collected from the child.  If a parent or guardian does not permit the continued collection and use of personal data from a child, we will delete the child’s personal data and terminate the account of the child, as applicable.

Changes to this Privacy Notice

We may occasionally make alterations to this Notice, which will reflect how we process and look after your data.  This is to ensure our commitment to being transparent with you, protecting your information and upholding your rights.  If significant changes are made to this Notice or the way in which we process your personal data, we will draw your attention to this either through updates to this Notice on our website, or by another means of communication such as email.

Who can you contact if you have questions or requests?

Verimatrix has appointed a Data Protection Officer (“DPO”) who is available to handle any questions or queries you may have relating to the processing of your data, this Notice and associated Privacy Notices.

The DPO can be contacted at [email protected] or alternatively by writing to the Data Protection Officer, at the following address:

Verimatrix

Attention: Data Protection Officer

6059 Cornerstone Court West

San Diego, California 92121 USA