Privacy Policy

    How we collect, use, and protect your data

    This privacy policy applies across all websites that we own and operate and all services we provide. We define "personal data" as identifiable information about you, like your name, email, address, telephone number, payment information, etc.

    We update this policy from time to time. When there is a significant change to this policy, we will notify you via the email address you have provided to us.

    Who is Cimpleit?

    When we refer to "we" (or "our" or "us"), that means Cimpleit, Inc. (doing business as LicenseIQ). We provide a financial intelligence platform that helps businesses with commercial contract calculations and accounting.

    Data Protection Principles

    Our approach to data protection is built around the following principles.

    • We are honest and transparent in how we collect and use your information.
    • We enable efficient use of personal data to empower productivity and growth.
    • We use industry leading approaches to securing the personal data entrusted to us.
    • We accept the responsibility that comes with processing personal data.

    How We Collect Your Data

    When you visit our websites or use our services, we collect personal data. The ways we collect it can be broadly categorized into the following:

    Information you provide to us directly:

    When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for a free trial, take part in training and events, contact us with questions or request support. If you don't want to provide us with personal data, you don't have to, but it might mean you can't use some parts of our websites or services.

    Information we collect automatically:

    We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you're using our websites and services so that we can continue to provide the best experience.

    Where we collect personal data, we'll only process it:

    • to provide our service to you, or
    • where we have legitimate interests to process the personal data and they're not overridden by your rights, or
    • in accordance with a legal obligation, or
    • where we have your consent.

    If we don't collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.

    How We Use Your Data

    First and foremost, we use your personal data to operate our websites and provide you with any services you've requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:

    • providing you with information you've requested from us (like training or education materials) or information we are required to send to you
    • sending you operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services
    • marketing communications in accordance with your preferences
    • asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with)
    • assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, in-app support or otherwise
    • tracking and monitoring your use of websites and services so we can keep improving
    • detecting and preventing any fraudulent or malicious activity
    • sending you marketing communications and displaying targeted advertising to you online through our own websites and services or through third party websites and their platforms.

    How We Can Share Your Data

    There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:

    • third party service providers and partners who enable us to provide functionality via our websites or to market our goods and services to you
    • regulators, law enforcement bodies, government agencies, courts or other third parties where we think it's necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure
    • an actual or potential buyer (and its agents and advisors) in connection with an actual or proposed purchase, merger or acquisition of any part of our business
    • other people where we have your consent.

    Security

    Security is a priority for us when it comes to your personal data. We're committed to protecting your personal data and have appropriate technical and organizational measures in place to make sure that happens.

    Retention

    The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you've requested or to comply with applicable legal, tax or accounting requirements).

    We'll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices.

    Processing Personal Data under General Data Protection Regulation (GDPR)

    If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the personal data we collect and the specific context in which we collect it.

    We may process your personal data because:

    • We need to perform a contract with you
    • You have given us permission to do so
    • The processing is in our legitimate interests and it's not overridden by your rights
    • For payment processing purposes
    • To comply with the law

    Data Privacy Framework Commitment and Compliance

    Cimpleit, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Cimpleit, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and from Switzerland in reliance on the Swiss-U.S. DPF.

    In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Cimpleit, Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner's Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.

    Cimpleit, Inc. is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under certain conditions, you may invoke binding arbitration. Cimpleit, Inc. is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to us and following the procedures and subject to conditions set forth in Annex I of Principles.

    Cimpleit, Inc. is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

    Cimpleit, Inc. remains responsible for any of your personal information that is shared under the Onward Transfer Principle with third parties for external processing on our behalf.

    International Data Transfer and Storage of Data

    Your personal information may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different to the laws of your country, and in some cases, may not be as protective. Specifically, our website servers are primarily located in the U.S. and we may process your personal information in jurisdictions where our affiliates, partners and third-party service providers are located.

    We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

    "Do Not Track" Support

    We do not support Do Not Track. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.

    You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

    Data Protection Rights You Have Under the General Data Protection Regulation (GDPR)

    If you are a resident of the European Economic Area, you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data.

    If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us.

    In certain circumstances, you have the following data protection rights:

    • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your personal data directly within your account settings or profile. If you are unable to perform these actions yourself, please contact us to assist you.
    • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
    • The right to object. You have the right to object to our processing of your personal data.
    • The right of restriction. You have the right to request that we restrict the processing of your personal information.
    • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
    • The right to withdraw consent. You also have the right to withdraw your consent at any time where we relied on your consent to process your personal information.

    Please note that we may ask you to verify your identity before responding to such requests.

    You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, please contact your local data protection authority in the European Economic Area.

    Sub-processors

    We use certain sub-processors to assist in providing our services. A sub-processor is a third party data processor engaged by us who agrees to receive personal data intended for processing activities to be carried out (i) on behalf of our customers; (ii) in accordance with customer instructions as communicated by us; and (iii) in accordance with the terms of a written contract between us and the sub-processor.

    We maintain an up-to-date list of the names and locations of all sub-processors. This list is below.

    Amazon Web Services

    Cloud service provider located in the United States.

    Atlassian

    Status page and service availability system.

    Backblaze

    Cloud storage and data backup provider located in the United States.

    CookieYes

    Cookie consent management.

    GitHub

    Source code hosting provider located in the United States.

    Google

    Cloud service provider, search marketer, and analytics provider located in the United States.

    Hubspot

    Marketing automation and CRM provider in the United States.

    nGrok

    Ingress platform for local development.

    Open Exchange Rates

    API for real-time currency conversion.

    ReadMe

    API documentation platform located in the United States.

    Sentry.io (Functional Software, Inc.)

    Error detection provider in the United States.

    Slack

    Messaging platform based in the United States.

    Stripe

    Payment processor located in the United States.

    Vanta

    Continuous security and compliance monitoring.

    Zendesk

    Cloud customer service provider located in the United States.

    Payment Processing

    We may provide paid products and/or services within the service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council.

    Contact Us

    If you have any questions about this Privacy Policy, please contact us at:

    Email: privacy@licenseiq.ai
    Cimpleit, Inc. (d/b/a LicenseIQ)