DERSE, INC. PRIVACY POLICY 

 

We at Derse, Inc. (“Derse”, “we”, “our” or “us”) respect your privacy. This Privacy Policy (“Policy”) describes how we process your Personal Information when you visit our website, Derse Exhibits Events and Marketing Environments (“Website”), use our mobile application (“App”), and our trade show exhibit and event marketing services (collectively the “Services”).

Please read this Privacy Policy carefully to understand our privacy practices when you use our Services. We may modify this Policy at any time at our discretion. Material changes will be conspicuously posted on the Website or otherwise communicated to you. All changes will be effective immediately upon posting to the Website.

IF YOU ARE A RESIDENT OF CALIFORNIA, TEXAS, OR NEBRASKA RESIDENTS: PLEASE SEE THE “YOUR STATE PRIVACY RIGHTS” SECTION BELOW FOR ADDITIONAL INFORMATION THAT APPLIES TO YOU.

IF YOU ARE A CANADIAN RESIDENT: PLEASE SEE THE “CANADIAN PRIVACY RIGHTS” SECTION BELOW FOR ADDITIONAL TERMS THAT APPLY TO YOU.

IF YOU ARE A RESIDENT OF THE EUROPEAN ECONOMIC AREA, SWITZERLAND, OR THE UNITED KINGDOM:  PLEASE SEE THE “EEA, UK & SWISS PRIVACY RIGHTS” SECTION BELOW FOR ADDITIONAL TERMS THAT APPLY TO YOU. 
 

I. WHAT IS PERSONAL INFORMATION?

For purposes of this Privacy Statement, “Personal Information” or “Personal Data” means information that alone or in combination identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal Information does not include publicly available information or aggregated information that does not include personal identifiers.
 

II. CATEGORIES OF PERSONAL INFORMATION WE COLLECT 

We collect specific categories of Personal Information when you access our Website, or otherwise communicate with us. The information we collect varies depending on the Services you are using. 

We describe how we collect information on our Services below:
 

Category of Data	Examples	Retention Period
Identifiers	Full name, mailing address, billing address, shipping address, Internet Protocol Address (“IP Address”), email address, account user ID and password, and telephone number.	For business customers:  We retain this information as long as we have a business relationship with you. For investors:  As long as required by law. For individuals:  As long as needed to respond to your requests or as required by law.
Customer Records	Name, signature, physical characteristics or description, address, telephone number, bank account number, credit card number, debit card number, or any other financial information.	As long as we have a business relationship with you.
Commercial Information	Records of products or Services you purchased or received, or considered, other purchasing history and invoices.	As long as we have a business relationship with you.
Internet Activity	Browsing history, search history, information regarding your interactions with the Website, applications, or advertisements, electronic device identifier, hardware information, operating system version, browser type and version, browser language, media access control (“MAC”), screen resolution, cookie information, system type, access times, referring Website URLs.	For as long as is needed for our business purposes.
Geolocation Data	City, State, Zip Code, and Country (based on IP Address).	For as long as is needed to obtain general statistics on Website traffic and use of Apps.
Sensory Information	Customer Services calls.	For as long as is needed for our business and customer Services purposes.

 

III. SOURCES OF THE INFORMATION WE COLLECT AND THE PURPOSE FOR WHICH WE COLLECT IT

The charts below list the categories of Personal Information we may collect, as well as the sources we collect the information and the purpose(s) for such collection.

Information we collect from you 

We collect certain Personal Information from you directly or automatically using technology for the purposes described below:
 

Purpose for Collection and Use	Examples	Category of Data
Business Purposes	To facilitate transactions To process, deliver, and return products and Services To improve products and Services To provide customer Services To create accounts To inform our business strategies To engage in product research and development To monitor and improve our products and Services To administer surveys	Identifiers  Customer Records  Commercial Information Internet Activity Sensory Information
Communication Purposes	To respond to your requests or inquiries To send you newsletters and updates To provide information about our products and Services	Identifiers  Customer Records  Commercial Information Internet Activity Sensory Information
Employment Purposes	We collect Personal Information such as your name, address, email, and phone number when you apply for employment with us through the Website.  In addition, we may collect information relating to your demographics, education, and employment history when you submit that information as part of an employment application. Not all requested information is required, however, and we specifically indicate what information is required to submit your employment application.	Identifiers
Website Management Purposes	To provide personalized experiences To troubleshoot problems with the Website To help improve the Website To understand how you get to the Website	Identifiers Internet Activity
Marketing & Advertising Purposes	To send you promotions To serve you targeted advertising To send you e-mail promotions	Identifiers  Internet Activity Commercial Information
For Compliance and Legal Purposes	To protect our legal rights and the rights of third parties	Identifiers  Customer Records  Commercial Information
Analytics	To perform analytics on your use of the Website  To understand the Website demographics and user preferences	Identifiers  Internet Activity Geolocation Information

 

Information we collect from third party sources 

We collect Personal Information from various third-party companies and public sources as described below:
 

Purpose for Collection and Use	Examples	Category of Data	Third Party Source
Commercial Purposes	When you purchase our products and services, we may coordinate with service providers to ensure the delivery and installation of those products and services.  When you purchase our products or services, we do not receive your credit card, debit card, or other financial information.  Instead, that information is provided directly to a PCI-compliant payment processor to help us facilitate payment. However, we do receive your contact information and purchase information from the payment processor.	Identifiers  Customer Records	Payment Processors Service Providers
Marketing & Advertising Purposes	We may receive information from our third-party advertising Services providers.	Identifiers	Services Providers Third Party Marketing and Analytics Companies
Analytics	We may also receive Personal Information from our third-party analytics providers.	Identifiers  Internet Activity Commercial Information	Website-related Services Providers, including analytics providers Third Party Marketing and Analytics Companies

 

Disclosing Personal Information 

We may disclose your Personal Information as follows:
 

With Whom We Disclose Personal Information	Purpose for Disclosing	Category of Information
Employees, Business Partners, Affiliates, and Subsidiaries	Business Purposes including to process, deliver, and provide Services, communicate with you, provide customer service, and improve our products and Services. Website Management including troubleshooting problems, improving the content and functionality of the Website, and customizing the Website for you and our users.	Identifiers  Commercial Information  Customer Records  Internet Activity Sensory Information
Services Providers	Business Purposes including payment processing, customer Services, and performing analytics. Website Management including hosting, troubleshooting problems, improving the content and functionality of the Website, and performing statistical and other analyses of the Website.	Identifiers  Internet Activity Customer Records  Commercial Information
Third-Party Advertising Networks and Social Media Platforms	Marketing & Advertising Purposes including providing targeted advertising and other marketing communications. Business Purposes including performing data analysis and statistical analysis for us.	Identifiers Commercial Information  Internet Activity
Government and Law Enforcement	Legal Purposes. We will cooperate with law enforcement and other governmental agencies and may disclose Personal Information: (i) if we believe in good faith we are legally required to disclose that Personal Information, (ii) if we are advised to disclose Personal Information by our legal counsel, or (iii) when necessary to identify, contact or bring legal action against someone who may cause or be causing harm to, or interfering with the legal rights of, Derse or any other person or entity.	Identifiers Commercial Information  Internet Activity Customer Records
Professional Advisors	Business Purposes. We need to receive advice from our professional advisors, such as our attorneys, accountants, financial advisors, and business advisors, in their capacity as advisors to us.	Identifiers Commercial Information Customer Records
New Owners or Successors in Interest	Change in Ownership/Business Successors. We may share your Personal Information in connection with a contemplated or completed strategic business transaction such as a merger, acquisition, or sale of all or substantially all of our assets or stock to a subsequent owner or operator, a dissolution, bankruptcy, liquidation, or other similar business transaction where Personal Information may be shared, sold or transferred to that third party, including during the due diligence process.	Identifiers Commercial Information  Internet Activity  Customer Records
Other Users	Digital Millenium Copyright Act Requests. By submitting a copyright infringement notice, counter-notice, or other similar notification, you consent to have that communication forwarded to any person or entity to whom the notice or counter-notice relates in order to facilitate a prompt resolution of the copyright infringement claim.	Identifiers

 

IV. DE-IDENTIFIED/AGGREGATED DATA

We may aggregate or de-identify Personal Information we collect through our Website and when operating our business. Once information or data has been de-identified and/or aggregated, such information is no longer Personal Information. Derse may use or share such de-identified or aggregated data for any legal purpose at its sole discretion.
 

V. BLOGS AND FORUMS

Our Website may, from time to time, offer publicly accessible blogs or community forums where you can submit ideas, photographs, writings, music, video, audio recordings, computer graphics, pictures, data, information about your location, questions, comments, suggestions, or other content (“User Generated Content”), including Personal Information. You should be aware that any User Generated Content you provide in these areas may be read, collected, and used by others who access them. Please note that we do not control who will have access to the User Generated Content that you choose to make public and cannot ensure that parties who have access to such publicly available information will respect your privacy or keep it secure. 

To request the removal of your Personal Information from our blog or community forum, contact us at dataprotectionofficer@derse.com. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why. We are not responsible for the privacy or security of any User Content that you make publicly available on the Website or what others do with the User Content you share with them on the Website. We are not responsible for the accuracy, use, or misuse of any User Content that you disclose or receive from third parties through the Website.
 

VI. WEBSITE ANALYTICS, COOKIES, AND OTHER TRACKING TECHNOLOGY

We use analytics services and targeted advertising cookies in addition to location features that are connected to your use of the Services. We use cookies, web beacons, pixel tags, and other technologies (collectively "Cookies") on our Services to automatically collect information used to improve the Services and to advertise to you. A cookie is a small text file that our Services save onto your computer or device when you use the Website. 

A cookie can either be a "session" cookie or a "persistent" cookie. Session cookies exist only for so long as you are visiting the Website and are typically deleted when you exit your web browser. Each time you visit a Website that has implemented a persistent cookie, the persistent cookie is renewed, and that cookie will remain active until its predetermined expiration date. Please see our Cookie Policy for additional information Legal :: derse.

A. Website Analytics

We use third-party software tools on our Website to learn more about how visitors navigate the Website and view content. These third-party analytics providers provide us with analytical information collected through the Cookies that we use to improve the Website, to make sure it is easy to use, and to develop content that is both interesting and customized.

• Google Analytics and Its Advertising Features: We have enabled and implemented Google Analytics with signals and Google Dynamic Remarketing, a Google Analytics Advertising feature. To prevent Google from using data collected by Google Analytics, follow the instructions to download and install the Google Analytics Opt-out Browser Add-on for each web browser you use. Using the Google Analytics opt-out browser add-on will not prevent us from using other analytics tools and will not prevent data from being sent to the Website itself or to Google. Opting out will not affect your use of the Website. For more information on how Google uses Personal Information, visit Google's Privacy Policy and Google's page on How Google uses data when you use their partners' websites or apps.
   
• HubSpot Analytics. We use HubSpot Analytics, a web analytics tool, to help us understand how our Website is used. HubSpot Analytics utilizes various tracking technologies to generate the information we select about your use of our Services, which may include information about the Website or online services visited before a device accesses our Services, metrics about the performance of our Services, and information about how devices access our Services. You can learn more about HubSpot’s practices with respect to Personal Information by reviewing their privacy policy, available at HubSpot’s Privacy Policy.

B. Targeted Advertising

We use service providers and other third parties to serve you customized email, SMS, and internet-based advertisements. Those ad networks use cookies and other tracking technologies to serve ads based on your prior visits to our Website. These ad networks may place and store cookies on the devices you use to access our Services and collect information, including your browsing behavior, referring websites, and your response to advertisements.

• HubSpot Ads Pixel. We use HubSpot’s analytics services. HubSpot collects customer data and browser behavior from our Services to optimize our ad targeting experience. HubSpot’s services help track our ads' impact on our Website and allows us to receive insights from our visitors and their Website behavior. To learn more, please visit HubSpot Privacy Policy.

C. Session Replay Services

Session replay technology enables us to collect information about how you navigate and use our Website in real-time. Session replay technology collects information, including the date and time you visited the Site, mouse clicks, mouse movements, keystrokes and text input, scrolling, webpage, or content loading times.

• Crazy Egg. We use session replay technology from Crazy Egg. Personal Information collected by session replay providers includes IP address, browser information, device IDs, operating system, cookies, and customer IDs. Additionally, session replay providers collect or receive Personal Information from us to provide their own advertising services to others. You can learn more about Crazy Egg’s practices with respect to Personal Information by reviewing their privacy policy, available at Crazy Egg Crazy Egg | Privacy Policy.

D. Geolocation Services

An App may utilize location services on your mobile device to collect and use location data, including the real-time geographic location of your device. If you consent to the App’s utilization of location services, we may use GPS, Bluetooth, your device’s unique identifier, and/or your IP address, along with Wi-Fi and cell tower locations and other technologies to determine your device’s geolocation. This location data is utilized to deliver Services requested by you. We do not maintain a history of the location of a device, only where your device is at any given moment. We will collect geolocation data only if you consent, and we will notify you whether the location services will always be running or only when the App is in use. You may choose to disable location services through our App or your mobile-enabled Wi-Fi devices, but if you do so, you will not receive any notifications or services that require a geolocation. Most mobile devices provide users with the ability to disable location services. These controls are generally located in the device’s settings menu. You can also contact your mobile Services carrier or your device manufacturer for more information on disabling location services.
 

VII. YOUR CONSUMER PRIVACY CHOICES

• Update your Personal Information. You may update your Personal Information by contacting us using the information in the “Contact Us” section below or by contacting us at dataprotectionofficer@derse.com. 

• Delete Your Account. If you no longer wish to use the Services or access your account or account information, you may request us to delete your account by contacting us at dataprotectionofficer@derse.com. This will result in the full, permanent deletion of your account and associated information. We will not be able to recover your account after it has been deleted.

• Update Your Browser Settings. If you wish to limit or opt out of third-party advertising, you can do one or more of the following:

  • The Options/Settings section of most internet browsers will tell you how to manage cookies and other technologies that may be uploaded to your device, including how to disable such technologies. You can disable our cookies, or all cookies, through your browser settings, but please note that disabling cookies may impact some of the features of our Website and prevent them from operating as intended. You can learn more about cookies, including how to see what cookies have been uploaded to your device and how to manage and delete them, by visiting All About Cookies. 

• Digital Advertising Preferences.

  • You can change your preferences with respect to certain online ads, and to obtain more information about ad networks and online behavioral advertising, visit the National Advertising Initiative Consumer Opt Out page and the Digital Advertising Alliance’s Consumer Choice Tool. Please note that even if you opt out of receiving interest-based advertising, you may still receive advertisements, but they will be more general in nature. In addition, the electronic device you use to visit our Website may offer relevant privacy settings; please see the device settings for details.

• Global Privacy Control. You may opt out of the sale or sharing of your Personal Information by broadcasting a Global Privacy Control (“GPC”) signal, an opt-out preference signal, using a browser and/or browser extension that supports the GPC signal. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use (https://globalprivacycontrol.org/orgs). 

• Opt Out of Marketing Messages. If you sign up to receive marketing communications and materials, you consent to receive such communications at the location or contact information you provide. 

  • Email. If you no longer wish to receive email marketing messages from Derse, you should use the “unsubscribe” option that can be found in each marketing email we send or contact us using the information provided below. Within 10 days of receipt of your unsubscribe request, we will remove you from our distribution list unless you resubscribe.

  • Text. If you no longer wish to receive marketing texts from Derse, you may opt out at any time by replying “STOP” to one of our text messages. You may also contact us using the contact information provided below, and we will remove you from our distribution list.

  • Phone. You may request that we remove you from our telephone marketing list and refrain from sharing your telephone number with third parties by contacting us using the contact information provided below.

  • Push Notifications. You may elect to receive push notifications from the App. If you wish to no longer receive push notifications, you may adjust your notification settings in your App account.
     

VIII. LEAVING OUR WEBSITE AND/OR LINKING TO THIRD PARTIES

We strive to ensure that any information you send us is safe. When you leave our Website and go to another linked website, we are not responsible for the content or availability of the linked website. Please be advised that we do not represent either the third party or you if you enter into a transaction on the third-party website. Further, the privacy and security policies of the linked website may differ from those practiced by us. The inclusion of any link does not imply our endorsement of any other company, its website(s), or its product(s) and/or service(s). We are not responsible for the privacy practices or content of any other website.
 

IX. SOCIAL MEDIA AND PLUG-INS

Our online Services may use social media plug-ins (e.g., the Facebook "Like" button and "Share to Twitter" button) to enable you to easily interact with certain social media websites (e.g., Facebook, Twitter, Instagram) and share information with others. When you visit our online Services, the operators of the available social media plugins can place a cookie on your device, enabling such operators to recognize individuals who have previously visited our online Services. If you are logged into these social media websites while visiting our online Services, the social media plugins allow the relevant social media website to receive information that you have visited our online Services or other information. 

The social media plugins also allow the applicable social media website to share information about your activities with our online Services with other users of the social media website. For example, Facebook Social Plugins allow Facebook to show your "Likes" and comments on our online Services to your Facebook friends. Facebook Social Plugins also allow you to see your friends' Facebook activity on our online Services. We do not control any of the content from the social media plugins. We may also interact with you on social media platforms. If you contact us on one of our social media platforms, request Services, or otherwise communicate directly with us on social media, we may contact you to interact with you. For more information about social media advertising and social media plugins from other social media websites, please refer to those website's privacy and data-sharing statements.

We use the YouTube application programming interface (API) services to allow you to access YouTube content from our Services. Your use of YouTube is governed by YouTube’s Terms of Services and Privacy Policy. We encourage you to read the YouTube Terms of Service and Privacy Policy, which are available on its website at https://www.youtube.com/t/terms.
 

X. CHILDREN'S PRIVACY

Our Website and Services are not intended for or directed to individuals under 18 years of age, and we do not knowingly collect any Personal Information from children under the age of 18.
 

XI. DATA SECURITY POLICY & USER RESPONSIBILITIES

We take the protection of your information seriously and take reasonable and appropriate physical, administrative, and technical measures to protect the information collected through our Website. While we implement commercially reasonable security measures to protect your privacy. There are inherent security risks associated with transferring data over the internet, and we cannot guarantee that the information collected about you will always remain private when using our Website and/or Services. As a result, while we strive to protect your Personal Information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
 

XII. ADDITIONAL TERMS APPLICABLE ONLY TO RESIDENTS OF CALIFORNIA, NEBRASKA, AND TEXAS, INCLUDING YOUR CALIFORNIA PRIVACY RIGHTS

If you are a California, Texas, or Nebraska resident, applicable state law provides you with certain rights regarding your Personal Information or Personal Data. These rights are subject to limitations such as (a) exceptions permitted by applicable law and (b) verification of your identity. This section provides a summary of your privacy rights and explains how to request to exercise those rights with us. 

In the event of a conflict between this Section and the remainder of this Policy, this Section shall govern for residents of California, Texas, and Nebraska. Certain capitalized terms not defined in this Policy have the meaning set forth in the California Consumer Privacy Act of 2018 and its implementing regulations, each as amended (the "CCPA”), the Texas Data Privacy and Security Act ("TDPSA”), or the Nebraska Data Privacy Act (“NDPA”).

A. Your Privacy Rights

1. Right to Opt Out

California, Texas, and Nebraska residents may request us not to Sell or Share your Personal Information.

Honoring Opt-Out Preference Signals. California, Texas, and Nebraska residents may direct us not to process their Personal Information for targeted advertising or “Sell” their Personal Information by enabling the GPC on the browsers or browser extensions that support it. To learn more about the GPC, visit https://globalprivacycontrol.org. If you choose to use the GPC, you will need to turn it on for each supported browser or device you use.

You may also submit an opt-out request by:

• Calling us at 800-562-2300

• Completing our webform at https://derse.com/contact

• Emailing us at dataprotectionofficer@derse.com 

2. Right to Access 

California residents have the right to request any of the following which occurred in the prior 12-month period: (a) the categories of Personal Information we collected from you, (b) the categories of sources from which the Personal Information was collected, (c) the business or commercial purpose for collecting your Personal Information, (d) the categories of third parties with whom we shared your Personal Information, and (e) the specific pieces of Personal Information we collected from you.

Texas and Nebraska residents have the right to confirm whether we are processing their Personal Data and to access such Personal Data.

3. Right to Request Deletion

California, Texas, and Nebraska residents have the right to request that Derse delete their Personal Information or Personal Data that we collected from them. We will comply with such requests and direct our service providers to do the same, subject to certain exceptions permitted by applicable law.

4. Right to Correct

California, Texas, and Nebraska residents have the right to request that we correct their inaccurate Personal Information or Personal Data. If we receive such a request, we will use commercially reasonable efforts to comply. If necessary, we may ask for documentation showing that the Personal Information or Personal Data we maintain is inaccurate.

5. Right to Data Portability

California, Texas, and Nebraska residents have the right to request a copy of the Personal Information or Personal Data that we collected from them in a portable and, to the extent technically feasible, readily usable format.

B. How to Exercise Your Rights to Access, Delete, Correct, and Data Portability

To exercise the access, data portability, correct, and deletion rights described above, please submit a verifiable consumer request to us by either:

• Calling us at 800-562-2300

• Completing our webform at https://derse.com/contact

• Emailing us at dataprotectionofficer@derse.com. 

C. Verifiable Consumer Request

Except when we receive a request to opt out, we cannot respond to your request without sufficient information to allow us to reasonably verify your identity and confirm that the Personal Information or Personal Data is related to you.

When we receive your request to exercise your rights: (a) We will acknowledge receipt of your request; (b) We will try to match the information you provide in making the request with information we already maintain; (c) If required to verify your identity, we may ask you to provide additional information, including Personal Information or Personal Data; (d) We will consider various factors when determining how to verify your identity, such as the sensitivity and value of the data, the risk of harm, and the likelihood of fraud.

We will only use Personal Information or Personal Data provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. If you maintain an account with us, we may use that account to respond to your request and/or verify your identity.  If we are unable to verify your identity as required by applicable laws and regulations, we will decline to comply with your request, and let you know why.

D. Who Can Exercise Your Rights?

Only you, or a person that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.

Texas and Nebraska residents have a right to submit a request to opt out through an authorized agent. California residents have a right to submit requests to exercise any rights under the CCPA through an authorized agent. You may designate an authorized agent to make a request on your behalf to exercise your rights by doing the following: (1) Provide the authorized agent written permission to do so; (2) Verify your identity. We may deny a request from an authorized agent if we do not have proof that they are authorized by you to act on your behalf. We will not require authorized agents to verify your identity to effectuate an opt-out request. We may deny a request from an authorized agent if we do not have proof that they are authorized by you to act on your behalf.

E. When We Will Respond

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. We may charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. 

F. Right to Non-Discrimination

California, Texas, and Nebraska residents have the right to not receive discriminatory treatment for exercising any of their rights under the CCPA, TDPSA, or NDPA. We do not discriminate against you if you exercise any of your privacy rights described in this Policy. 

G. Appeals Process for Texas and Nebraska Residents       

Texas and Nebraska residents have the right to appeal a denied request to exercise your privacy rights. You must submit your appeal within 60 days of your receipt of our denial. You may submit your appeal to us by contacting us at any of the following: 

• Calling us at 800-562-2300

• Completing our webform at https://derse.com/contact

• Emailing us at dataprotectionofficer@derse.com 

When We Will Respond. We will respond to your appeal within 60 days of receipt. When we respond we will include any action taken or not taken, including an explanation of the reason or reasons for the decision.

H. Additional Information for California Residents

Categories of Personal Information We Have Collected. During the past 12 months, we have collected the following categories of Personal Information: Identifiers, Customer Records, Protected Classification Information, Commercial Information, Internet Activity, Geolocation Data, Professional and Employment Information, Educational Information, and Sensitive Information.
 

Categories of Personal Information We Have Disclosed for a Business Purpose: During the past 12 months, we have disclosed the following categories of Personal Information for a Business Purpose: Identifiers, Customer Records, Protected Classification Information, Commercial Information, Internet Activity, Geolocation Data, Professional and Employment information, Educational Information and Sensitive Information.

Sharing Personal Information. In the last 12 months we have not Sold your Personal Information to a third party for monetary compensation. We have Shared Personal Information with third parties for the purposes of serving targeted advertising, including: Identifiers, Geolocation Data, and Internet Activity, to the third parties described in this Policy.
 

Processing Sensitive Personal Information. We do not “Sell” or “Share” any Sensitive Personal Information. We do not “Share” precise geolocation data for the purpose of marketing or targeted advertising. 
 

Shine the Light
California's "Shine the Light" law (Civil Code Section § 1798.83) allows California residents to request (a) a list of all third parties to whom we may have disclosed your Personal Information within the past year for direct marketing purposes, and (b) a description of the categories of Personal Information disclosed, by contacting us at dataprotectionofficer@derse.com. Please reference California Privacy Rights in your subject line. You may also write to us at the address provided below.
 

XIII. CANADIAN PRIVACY RIGHTS 

Your Canadian Privacy Rights. Under Canadian privacy laws you have certain rights to access and correct Personal Information, subject to identity verification requirements and certain exceptions.

Right to Access. You have the right to confirm that we hold Personal Information about you, receive an explanation about how we use your Personal Information, and obtain access to your Personal Information.

Right to Rectification. You have a right to examine and challenge the accuracy and completeness of your Personal Information, and have your Personal Information amended where appropriate.

Right to Withdraw Your Consent. You have the right to withdraw your consent to processing your Personal Information at any time, subject to legal or contractual restrictions and reasonable notice. If your withdrawal of consent implicates the quality of our Services to you, we will notify you.

Right to Complain to a Data Protection Authority. You also have the right to lodge a complaint regarding the processing of your Personal Information with the applicable data protection authority. Please contact your local data protection authority for more information.

How to Exercise Your Rights. To exercise your rights described in this Section, you may submit your request to us by contacting us using the contact information listed below.

Data Transfers and Consent To Processing Outside of Canada or Quebec

We are based in the United States. We may transfer your Personal Information to the United States in connection with the operation of our business. 

To assist us in meeting our operational and legal obligations, we may also transfer or make your Personal Information accessible to one of our service providers located either in Canada (both inside and outside Quebec) or throughout the world. 

When we transfer your Personal Information outside of Canada, your Personal Information may be available to government officials in the United States or other countries. These countries have privacy laws that differ from Canadian privacy laws.  

Additional Terms Applicable to Quebec Residents Only

If you are a resident of Quebec, Quebec law provides you with additional rights regarding the use of your Personal Information, subject to identity verification requirements and certain exceptions.

Right to Restriction of Processing. You have a right to direct us to cease disseminating your Personal Information or to de-index any hyperlink attached to your name that provides access to the information by a technological means, if the dissemination of the information contravenes the law or a court order.

Right to Request Deletion. You have a right to request that we delete Personal Information we collected from you. We will comply with such requests, and direct our Service providers to do the same, subject to certain exceptions permitted by applicable law.

Right to Portability. You may request copies of the Personal Information you have provided to us. Where possible, we will deliver the copy of your Personal Information to you using a structured, commonly used, and machine-readable format. Alternatively, you may request that we send your Personal Information to another business. 

Translations. This Privacy Statement may be provided in several languages. In the event of conflict or inconsistency, the English language version of this Privacy Statement controls, unless otherwise required by applicable law. En cas de conflit ou d'incohérence, la version anglaise de cette politique de confidentialité contrôle, sauf si la loi applicable l'exige.

How to Exercise Your Rights. To exercise your rights described in this Section, you may submit your request to us by contacting us using the information below. 
 

XIV. EEA, UK & SWISS PRIVACY RIGHTS

The purpose of this Section is to provide information and additional provisions that apply to Derse’s processing of Personal Data in accordance with the EU General Data Protection Regulation 2016/679, the UK General Data Protection Regulation and the Swiss Federal Data Protection Act (collectively “GDPR”). The terms in this section are only applicable to those persons located in the European Economic Area (“EEA”), Switzerland, and the United Kingdom (“UK”) (collectively, “EU Data Subjects”). 

In the event of a conflict between this section and the remainder of the Privacy Policy, this section shall control for EU Data Subjects.  

Lawful basis for Processing Personal Data of European Data Subjects

We process the Personal Data of European Data Subjects on the following lawful bases:

• Legitimate Interests. Where the processing is necessary for the purposes of the legitimate interests pursued by Derse or by a third party and not overridden by your fundamental rights and freedoms (e.g., product development and security purposes);

• Performance of a Contract. Where the processing is necessary for the performance of a contract with you (e.g., to deliver the service you have requested);

• Consent. Where you have given explicit consent to the processing of your Personal Information for one or more specific purposes (e.g., new and unexpected processing activities); and

• Legal Obligation. Where processing is necessary for compliance with a legal obligation to which Derse is subject (e.g., compliance with laws and regulations).

In this case, we rely on the following lawful basis for processing personal data for the purposes set forth below:

Purpose of Processing	Lawful Basis
Operate the Services	Legitimate Interest, Consent or Performance of a Contract
Marketing	Legitimate Interest, Consent
Compliance and Protection	Legitimate Interest, Legal Obligations
Other Purposes	Consent; Legal Obligations

PRIVACY RIGHTS OF EUROPEAN DATA SUBJECTS

European Data Subjects have the following rights concerning their Personal Information under the General Data Protection Regulation, the Polish Personal Data Protection Act, and the German Federal Data Protection Act: 

• Withdrawal of Consent. If we are processing Personal Data on the basis of consent, you may have the right to withdraw consent to our processing at any time.

• Access and Rectification. You may have the right to access, correct, and update your Personal Data.

• Deletion/Erasure. You may have the “right to be forgotten” through the erasure or deletion of your Personal Data.

• Portability. You may have the right to move, copy, and/or transfer certain Personal Data from our Service to another service.

• Stop Processing. If processing is on the basis of legitimate interests, you may have the right to object to the processing of your Personal Data and to ask us to restrict the processing of your Personal Data, subject to certain limitations.

• Submit a Complaint. You have the right to submit a complaint to a data protection authority about our collection and use of your Personal Data. Contact details for the EU/EEA are here: 

  • If you are located in the European Economic Area,
     https://edpb.europa.eu/about-edpb/about-edpb/members_en

  • If you are located in Switzerland,
     https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html

  • If you are located in the United Kingdom,
     https://ico.org.uk/global/contact-us/contact-us-public/

• Right To Withdraw Consent. In the event you provide your consent for us to process your Personal Data, you may withdraw your consent at any time by emailing to request such change at no additional cost.

Exercising your rights under the European Data Protection Laws

You, or an authorized agent, may exercise your privacy rights by submitting a request to dataprotectionofficer@derse.com.

We respond to and process requests promptly and within the time frames required by the European Data Protection Laws. Please note that all requests are subject to proper prior verification before processing.

If you are the authorized agent of an individual making a request, you may have to take additional steps to verify your identity and demonstrate that you can exercise the individual’s rights on their behalf.

Retention of European Data Subject personal data

Derse retains Personal Data for a period commensurate with the purposes for which the Personal Data was collected or obtained. The criteria used to determine the retention of Personal Data includes any time necessary for legal and compliance purposes. Personal Data may be retained in archival format (e.g., data backups) beyond its retention period.

Marketing.  

Derse does not process Personal Data of European Data Subjects for the purpose of marketing without first obtaining your express, opt-in consent or having a legitimate interest for doing so. You have the right to object to the processing of Personal Data for marketing purposes at any time by contacting us at 

Automated Decision Making.  

We do not make any automated decisions on your behalf or about you without first obtaining your express, opt-in consent. In the event we secure your consent to do so, you have the right to object to the processing of Personal Data via automated decision making at any time by contacting us at.
 

DATA PROTECTION INQUIRIES

If you are a European Data Subject and you have questions about how we process your Personal Data, you may contact Derse’s Privacy Team at the following:

Derse, Inc.
Attn: Data Privacy
3800 West Canal Street 
Milwaukee, WI 53208
Email: dataprotectionofficer@derse.com

XV. CHANGES TO THIS PRIVACY POLICY

As our organization changes over time, this Privacy Policy may change as well. We reserve the right to amend the Privacy Policy at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy on our Services. We will provide you notice of material changes by indicating that the Privacy Policy has been updated on our homepage and will indicate the date we made the update above. Your continued use of any of the Services after the changes have been made will constitute your acceptance of the changes. Please, therefore, make sure you read any such notice carefully. If you do not wish to continue using the Services under the new version of the Policy, please cease using the Services.

Contact Us

Derse, Inc.
Attn: Data Privacy
3800 West Canal Street 
Milwaukee, WI 53208
Phone: 800-562-2300
Email: dataprotectionofficer@derse.com

Last updated July 11, 2025