Privacy Policy

This Privacy Policy describes the privacy and data processing practices of Digma Inc (together with its affiliated companies, “Digma”, “we”, “our” or “us”), as we collect, store, use and disclose personal data concerning individual “User(s)” who use Digma’s platform; or “Prospect(s)” who visit, use or engage with our website, online ads and content, surveys, e-mails or other similar forums of communication under our control, including any offline or online events or webinars (collectively – the “Services”). 

Specifically, this Privacy Policy describes our practices regarding: 

1. Data Collection
2. Data Uses
3. Data Location
4. Data Retention
5. Data Disclosure
6. Cookies and Tracking Technologies
7. Communications
8. Data Security
9. Data Subject Rights
10. Additional Information and Contact Details

If you are a User or a Prospect, please read this Privacy Policy carefully and make sure that you fully understand and agree to it. You are not legally required to provide us with any personal data and may do so (or avoid doing so) at your own free will. If you do not wish to provide us with your personal data or to have it processed by us or any of our Service Providers (per Section 5 below), please avoid any interaction with us or any use of our Services.

1. Data Collection

When we use the term “personal data” or “personal information” in this Privacy Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. It does not include aggregated or de-identified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual.

Sometimes we collect personal data automatically when an individual interacts with our Services and sometimes, we collect personal data directly from an individual. We may also collect personal data about an individual from other sources and third parties (such as our business customers, partners, and Service Providers), even before our first direct interaction with you.

We may collect or generate the following types of personal data about individuals in relation to the Services:

• Contact data: contact and business details such as name, e-mail, phone number, position, workplace and related business insights; as well as any needs, preferences, attributes and insights relevant to our relationship;

• Account data: e-mail address, nickname, user ID, hashed password or other information used for authentication and access control, and any additional information you choose to share via the Services. 
• Interactions and communications data: correspondence with us (e.g., for user experience, support and training purposes) via the Services or our social media pages (such as Twitter, and Facebook), as well as chats, surveys, feedback, calls and video recordings, transcriptions, and analyses thereof.
• Usage and analytics data: connectivity, technical and behavioral usage data, IP addresses, device data (such as type, OS, device ID, browser version, locale, and language settings used), activity, communication and performance logs, session recordings, issues and bugs, and the cookies and pixels installed or utilized on your device as you access or otherwise use the Services.
• Prospect Data: data relating to visitors of our website (https://digma.ai/), participants at our events, and any other prospective customer, user or partner who visits or otherwise interacts with our website, online ads and content, emails, sales and marketing channels, and integrations or communications under our control. 

For the purposes of the California Consumer Privacy Act (“CCPA“), specifically, in the last twelve (12) months, we have collected the following categories of Personal Information: Identifiers; Professional or Employment-Related Information; Internet or other Electronic Network Activity Information, and Geolocation Information. We do not use or disclose sensitive personal information as defined in the CCPA.

2. Data Uses

Digma processes the personal data described in Section 1 as necessary for the provision of our Services (“Performance of Contract”); to comply with our legal and contractual obligations (“Legal Obligation”); and to support our legitimate interests in maintaining, improving and advertising our Services, e.g. in understanding how our Services are used and how our campaigns are performing, and gaining insights which help us dedicate our resources and efforts more efficiently; in marketing, advertising and selling our Services; providing customer service and technical support; and protecting and securing our business customers, Users, Prospects, ourselves and our Services (“Legitimate Interest”).

Digma operates in countries around the world. If you reside or are using the Services in a territory governed by privacy laws under which “consent” is the only or most appropriate legal basis for the processing of personal data in the manner described in this Policy (in general, or specifically with respect to the types of personal data you expect or elect to be or have processed by or via the Services), your acceptance of our Terms of Use and this Privacy Policy will be deemed as your consent to the processing of your personal data for the purposes detailed herein. If you wish to revoke such consent, please contact us at privacy@digma.ai. 

Specifically, we use your personal data for the following business and commercial purposes:

Users and Prospects
Purpose	Legal basis for processing
To facilitate, operate, enhance, and provide our Services	Performance of Contract Legitimate Interest
To authenticate the identity of our Users, and to allow them to access our Services	Performance of Contract Legitimate Interest
To provide our Users and Prospects assistance and support	Performance of ContractLegitimate Interest
To further develop, customize, and improve the Services, based on common or personal preferences, experiences, and difficulties	Legitimate Interest
To perform, facilitate and optimize our marketing campaigns, ad management and sales operations, as well as promotional messages and to manage and deliver advertisements for our products and services more effectively	Legitimate InterestConsent
To contact our Users and Prospects with general or personalized service-related messages that may be of specific interest to them	Performance of ContractLegitimate InterestConsent
To support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity	Legal Obligation Legitimate Interest
To create aggregated data, inferred non-personal data or anonymized or pseudonymized data (de-identified data), which we or our business customers or partners may use to provide and improve our respective services or for any other purpose	Legitimate Interest
To comply with our contractual and legal obligations and requirements, and maintain our compliance with applicable laws, regulations and standards	Performance of ContractLegal Obligation
For any other purpose that you consent to	Consent

We do not sell  your personal information for the intents and purposes of the CCPA.

3. Data Location 

We and our authorized Service Providers (per Section 5 below) maintain, store and process personal data including in the United States, Israel and the European Union and other locations, as reasonably necessary for the proper performance and delivery of our Services, or as may be required by law.

While privacy laws may vary between jurisdictions, Digma and its Service Providers are each committed to protect personal data in accordance with this Privacy Policy, customary industry standards, and such appropriate lawful mechanisms and contractual terms requiring adequate data protection, regardless of any lesser legal requirements that may apply in the jurisdiction where the data may be processed. 

To the extent we transfer personal data from the European Economic Area (EEA), UK, or Switzerland to countries which that are not considered to offer an adequate level of data protection, we rely on appropriate data transfer mechanisms as established under applicable law, such as the standard contractual clauses (SCCs) adopted by the EU (available here) and the UK (available here). You can request a copy of these SCCs by contacting us as indicated in Section 10 below. 

4. Data Retention 

We retain your personal data for as long as it is reasonably necessary to provide you with our Services and to maintain and expand our relationship; to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (e.g. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy and at our reasonable discretion. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements. 

If you have any questions about our data retention policy, please contact us by e-mail at privacy@digma.ai.

5. Data Disclosure

We may disclose your data for a business purpose with certain third parties, including law enforcement agencies, our Service Providers and our affiliates, in accordance with this Policy and as described below: 

Service Providers: we engage selected third-party entities or individuals as “Service Providers” to perform services complementary to our own. Such Service Providers may include hosting and server co-location services, communications and content delivery networks (CDNs), data analytics services, marketing and advertising services, data and cyber security services, fraud detection, investigation and prevention services, e-mail, video conferencing and communication services, session or activity recording services, social and advertising networks, support and customer relation management systems, third-party customer support providers, and our legal, compliance and financial advisors and auditors. These Service Providers may have access to your personal data, depending on each of their specific roles and purposes in facilitating, supporting and enhancing our Services, and may only use it for such purposes.

Business Customers and Partners: Our customers and partners may have access to any personal data we process on their behalf, should you use the Services under their organizational account.

Legal Compliance: in exceptional circumstances, we may disclose or allow government and law enforcement officials access to your personal data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations, with or without notice to you. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity our Users, Prospects and our Services. 

Protecting Rights and Safety: we may disclose personal data with others if we believe in good faith that this will help protect the rights, property or personal safety of Digma, our business customers, Users, Prospects, or any members of the general public. 

Change of control or ownership. If Digma undergoes any change in control, including by means of merger, acquisition or purchase of any of its assets, your personal data may be shared with the parties involved in such an event. If we believe that such an event might materially affect your personal data then stored with us, we will notify you of this and the choices you may have via e-mail or prominent notice on our Services.

Additional sharing: For the avoidance of doubt, we may disclose personal data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal, non-identifiable and anonymous.

For the purposes of the CCPA, in the past twelve (12) months, we may have disclosed Identifiers; Professional or Employment-Related Information; and Internet or other Electronic Network Activity Information to government and law enforcement officials, Service Providers, subsidiaries and affiliates, and in the context of a change of control.

6. Cookies and Tracking Technologies

We and our Service Providers use cookies and other technologies for performance, tracking, analytics and personalization purposes. We may share non-identifiable / aggregated extracts of such information with our partners for our legitimate business purposes.

Cookies are small text files that are stored through the browser on your computer or mobile device (for example, Google Chrome or Safari) when you visit a website. Some cookies are removed when you close your browser session – these are the “session cookies”. Some last for longer periods and are called “persistent cookies”. We use both types of cookies to facilitate the use of the Services’ features and tools. While we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, you can manage your cookies preferences, including whether or not to accept them and how to remove them, through your browser settings. Please bear in mind that disabling cookies may complicate or even prevent you from using the Site. For more information regarding cookies, you may find the following websites useful: www.allaboutcookies.org, www.youronlinechoices.co.uk. 

To learn more about our cookie practices, please visit our Cookie Policy.

We use Persistent Cookies to remember your log-in details and make it easier for you to log-in the next time you access our platform. We may use Session Cookies for additional purposes, to facilitate the use of the features and tools available in our Services. We may also use HTML5 local storage or Flash cookies for the above-mentioned purposes. These technologies differ from browser cookies in the amount and type of data they store, and how they store it.

We also use web analytics tools, including Google Analytics. These tools help us understand User and Prospect behavior on our Services, including by tracking page content, and click/touch, movements, scrolls and keystroke activities. Further information about the privacy practices of our analytics service provider is available at: www.google.com/policies/privacy/partners/. Further information about your option to opt-out of these analytics services is available at: https://tools.google.com/dlpage/gaoptout.

Please note that if you get a new computer, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you may also clear the opt-out cookies installed once you opt-out, so an additional opt-out will be necessary to prevent additional tracking.

7. Communications

We may engage in service and promotional communications through any of the means available to us (e.g., e-mails, text messages and notifications).

Service Communications: we may contact you with important information regarding our Services. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Services (such as login attempts or password reset instructions, alerts and notifications concerning anomalies detected by our Services, surveys, etc.). You can control your communications and notifications in accordance with the instructions included in the communications sent to you. Please note that you will not be able to opt-out of receiving certain service communications which are integral to your use.

Notifications and Promotional Communications: we may also notify you about new features, additional offerings, events, webinars, special opportunities or any other information we think you may find valuable. We may provide such notices through any of the contact means available to us (e.g., e-mail), through the Services, or through our marketing campaigns on any other sites or platforms. Furthermore, if you contact us with an inquiry, we may respond with promotional e-mails related to your inquiry. For example, if you contact us with an inquiry about a feature you would like to see on one of our Services, we will use your contact information to later inform you once our Services have been updated to include features similar to those you inquired about or other features you may be interested in. To control your notifications settings, please follow the instructions included in the promotional communications sent to you. If you do not wish to receive such communication, you may also notify us by sending an e-mail to privacy@digma.ai or opt-out of these e-mail updates by following the “unsubscribe”, “stop”, “opt-out” or “change e-mail preferences” link located at the bottom of the e-mail.

8. Data Security

In order to protect your personal data held with us, we use industry-standard physical, procedural and technical security measures to secure your personal data, in to minimize the risks of theft, damage, loss of information, or unauthorized access or use of personal data.

However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any personal data stored with us or with any third parties as described in Section 5 above.

9. Data Subject Rights

If you wish to exercise your privacy rights under any applicable law, including the EU or UK General Data Protection Regulation (GDPR), the CCPA or other relevant laws, please contact us by email at privacy@digma.ai or if you are a website visitor located in the European Economic Area (“EEA”) or United Kingdom (“UK”), Rickert Law is our local EEA representative of your Personal Data and can be contacted at art-27-rep-digma@rickert.law. Rickert Services Ltd UK is our local representative in the UK and can be contacted at art-27-rep-digma@rickert-services.uk.

Privacy rights may include (to the extent available to you under the laws which apply to you), the right to know / request access to (specific pieces of personal information collected; categories of personal information collected; categories of sources from whom the personal information was collected; purpose of collecting personal information; categories of third parties with whom we have shared personal information), to request rectification or erasure of, your personal data held with Digma; to restrict the processing of such data and to object to its processing (including, for California Residents, the right to direct us not to sell or share your personal information to third parties now or in the future, as indicated below); to port such data; or the right to equal services and prices (each to the extent available to you under the laws that apply to you). 

If you would like to opt out of the “sale” or “sharing” (as such terms are defined under the CCPA) of your personal information for cross-context behavioral advertising, please contact us at privacy@digma.ai.

Please note that we may require additional information, including certain personal data, in order to authenticate and process your request. Such additional information may be then retained by us for legal purposes (e.g., as proof of the identity of the person submitting the request), in accordance with Section 4 above. We may redact from the data which we make available to you, any personal data related to other individuals.

Additionally, you have a right to lodge a complaint with a competent authority, such as the supervisory authority in the EU Member State of your habitual residence, place of work, or of the alleged GDPR infringement, the UK’s Information Commissioner’s Office, or your State’s Attorney General (as applicable).

10. Additional Information and Contact Details

Updates and Amendments: we may update and amend this Privacy Policy from time to time by posting an updated version on our Services. The amended version will be effective as of the date it is published. We will provide prior notice if we believe any substantial changes are involved via any of the communication means available to us or via the Services. Your continued use of the Services after the changes have been implemented will constitute your acceptance of the changes.

External Links: While our Services may contain links to other websites or services, we are not responsible for their privacy practices. We encourage you to pay attention when you leave our Services for the website or application of such third parties, and to read the privacy policies of each and every website and service you visit. This Privacy Policy applies only to our Services.

Children: Our Services are not directed to children under the age of 16. We do not knowingly collect personal data from children and do not wish to do so. If we learn that a child under this age is using the Services, we will attempt to prohibit and block such use and will make our best efforts to promptly delete any personal data stored with us with regard to such child. If you believe that we might have any such data, please contact us by e-mail at privacy@digma.ai.

Questions, concerns or complaints: if you have any comments or questions regarding our Privacy Policy, or if you have any concerns regarding your personal data held with us, or if you wish to make a complaint about how your personal data is being processed by Digma, you can contact us at privacy@digma.ai.

Last updated: November, 2023.