Privacy Policy
Varicent US Opco Corporation and its affiliates (“Varicent”, "us", "we", or "our") provide sophisticated sales performance management solutions to global enterprises. Thus, we may collect Personal Data from a variety of individuals including, visitors and users of the Service, representatives of existing and prospective business clients, event, and initiative participants, as well as sales representatives who may interact with our software in the performance of their duties.
This page informs you of our policies regarding our collection, use and disclosure of Personal Data and the choices you may have associated with such data.
By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. Unless otherwise defined in this Privacy Policy, the terms used herein have the same meanings as in our Terms and Conditions, accessible from www.varicent.com.
1. Definitions
CCPA
CCPA shall mean the California Consumer Privacy Act.
Cookies
Cookies are small files stored on your device (computer or mobile device).
Data Controller
Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any Personal Data is, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of Personal Data, save and except when we are providing the Service to our customers’ users (in which case our customers are the Data Controller(s)) and as otherwise outlined herein.
Data Processors (or Service Providers)
Data Processor means any natural or legal person who processes Personal Data on behalf of the Data Controller. We may use the services of various third-party Data Processors (otherwise known as our “Service Providers”) in order to process Personal Data more effectively. We also serve as a Data Processor to many of our business customers who use our Service for their business sales and operational purposes.
Data Subject (or User)
Data Subject is any living individual who is the subject of Personal Data.
EEA
EEA means European Economic Area.
GDPR
GDPR shall mean the EU General Data Protection Regulation 2016/679 (“GDPR”), including as adopted by countries such as the United Kingdom (known as the “UK GDPR”) and Switzerland.
Service
Service is www.varicent.com and other online applications provided and operated by Varicent.
Personal Data
Personal Data means any information about a living individual who can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that individual.
Usage Data
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
2. Purpose for Personal Data Collection and Use
We collect several different types of Personal Data and may use it for the following purposes:
- provide, maintain, and improve our Service to you;
- notify you about changes to our Service;
- allow you to participate in interactive features of our Service when you choose to do so;
- provide customer support in relation to the Service;
- gather analysis or valuable information so that we can improve our Service;
- monitor the usage of our Service;
- detect, prevent, and address security or other technical issues related to the Service;
- answer your queries and contact requests;
- for the purposes outlined in our Recruitment Portal Privacy Notice;
- administer events and initiatives and facilitate your participation either as a participant or speaker;
- administer, manage, and develop our business relationships;
- internally train our personnel and improve our internal standards and practices; and
- market to you and provide you with news, special offers and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
3. Types of Personal Data Collected
We collect several different types of Personal Data and may use it for the following purposes:
Personal Data
While using our Service, we may ask you to provide us with certain Personal Data including, but not limited to:
- Email address;
- First name and last name;
- Phone number;
- Country; and
- Cookies and Usage Data.
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you where we have your consent to do so. We may also use your Personal Data to contact you with marketing or promotional materials based on our legitimate interest in engaging in direct marketing. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or the instructions provided in any email we send.
Our Service also collects and uses sales information, including at the employee level, to provide metrics and sales performance support. Accordingly, we collect and process information about sales performance at the employee or sales representative level on behalf of our clients, which is processed at both the individual sales performance level and at aggregate levels. This information is used by our clients pursuant to their own privacy policies and procedures to support key sales and other operational objectives, and in this context our clients are the data controllers of Personal Data processed as part of our Services.
We process Personal Data provided by prospective and existing Varicent clients in the course of doing business such as name, contact information, and other business details such as job title, employer, areas of business interest, and email correspondence. We also process audio and video information when meetings are recorded with consent of the company or individual being recorded. Such Personal Data may be processed and analyzed by third party service providers using software and algorithms to enhance our business relationships and exercise our legitimate interests to train personnel and improve our internal standards and practices. Examples of the foregoing include but are not limited to enabling automatic notetaking, deal tracking, evaluating the strengths of our interactions with our customers, the development of proposals and communications, and ensuring consistent messaging about our offerings. Individuals and companies who have provided consent can modify or withdraw it at any time by providing notice as provided in the “Contact Us” section below. If you are an existing customer of Varicent, the contents of our audio and video recordings shall be processed by us only for the purposes of managing and improving our business relationship with your specific account and training Varicent personnel related to your business. Such recordings are deemed to be Confidential Information under your Cloud Services Agreement external to the Cloud Service and any Customer Data located therein and shall be subject to further notice(s) we may provide to your company. Notwithstanding the foregoing, our call recording providers may use short, anonymized snippets of recordings from parties we speak with to train machine learning engines (ex. speech to text) within their product. We do not require external participants to call to consent to being recorded.
If you are a candidate for Varicent employment or work experience, please review our supplementary Recruitment Portal Privacy Notice for further information on how we process your Personal Data.
Varicent also frequently organizes and participates in events and initiatives. In such cases, this Privacy Policy applies to both participants and speakers, together with any other supplementary information or notices that are provided in relation to each event or initiative. During such activities we may process Personal Data such as business contact information, telephone number and/or location. Where a hospitality service is provided, we may process Personal Data such as dietary requirements or personal disabilities to the extent permitted by law. If the activity is recorded, we may also process pictures and videos of you. In such cases, this material may be used later by Varicent for further compatible purposes in accordance with the notices you receive at the location of recording. We may also obtain data such as attendee lists from third parties such as event organizers where the activity is sponsored by Varicent. In such cases, the privacy policy of those third parties to whom you provided your personal data will apply to you.
Usage Data
We may also collect Usage Data on how the Service is accessed and used. This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. Except to the extent otherwise outlined in a separate agreement with our business clients, we are the Data Controller of Usage Data.
Cookies and Other Tracking Technologies
We use cookies and similar tracking technologies to track the activity of our Service and we hold certain information. We are the Data Controller of such data.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are stored on your device and consist of two different types; session and persistent. Session cookies enable us to recognize your actions during the browsing session, are temporary and expire when you close your browser and are not stored beyond this. Persistent cookies remain stored on your device after you close your browser until they expire or when you delete them. Other tracking technologies are also used such as beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
Cookies give us insight into how people use our Service to help us keep improving it.
Cookies do lots of different things, such as helping us to:
- avoid asking you to register or complete details twice;
- estimate the number of visitors to our Service, including the source and patterns relating to this traffic; and
- understand how visitors use the Service, and how we can enhance this experience.
Certain of these cookies are strictly necessary to the access and operation of the Service and other cookies used are non-essential to the access and operation of the Service.
Please see below for more information on our use of cookies.
Examples of Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service;
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings; and
- Security Cookies. We use Security Cookies for security purposes.
Name |
Cookie |
Purpose |
Cookie Settings |
Consent, necessary analysis |
This cookie allows us to remember the cookie settings Users have enabled on our site. |
Google Analytics |
Non-essential persistent cookies |
These cookies are used to:
We will only use Google Analytics where we have your prior consent to do so, which can be given via the cookie banner on our Service. |
Intercom |
Non-essential persistent cookies |
This cookie allows us to provide you with real-time support via a live chat service. |
You are able to accept or reject all cookies, including cookies that are necessary to the functioning and accessibility of our Service, via your browser settings. However, please note that rejecting necessary cookies may result in you not being able to use some portions of our Service.
In addition, you can also manage your preferences through the cookie banner on the homepage of our Service, where you have the option of accepting the use of non-essential cookies on your device.
You can find out more about cookies at http://www.allaboutcookies.org/ and http://www.youronlinechoices.eu/.
"Do Not Track" Signals
We do not support Do Not Track. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
4. Children's Privacy
Save and except when we are administering scholarship programs, our Service does not address anyone under the age of 18 ("Children"), and we do not knowingly collect Personal Data from Children. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected such data from Children without verification of parental consent, we take steps to remove that information from our servers.
5. Legal Basis for Processing Personal Data under the GDPR
If you are from the EEA, our legal basis for collecting and using Personal Data, as described in this Privacy Policy, depends on the Personal Data we collect and the specific context in which we collect it.
We may process your Personal Data because:
- We need to enter and perform a contract with you;
- You have given us permission to do so;
- The processing is in our legitimate interests, and it is not overridden by your rights; and
- To comply with applicable laws.
Where we require your Personal Data to enter into a contract with you or to comply with applicable laws, failure to provide this Personal Data may mean we are unable to provide Services to you. We will tell you when we ask for your Personal Data whether it is a statutory or contractual requirement to give us Personal Data and the consequences of not providing such Personal Data.
6. Retention of Data
Varicent will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
Varicent will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.
If we collect Personal Data as confidential information under the scope of a non-disclosure agreement with the company you represent, we will comply with the retention requirements under such agreement unless we have your permission to retain it for a longer period or you direct that we return or destroy such information sooner.
7. Transfer of Data
Your information, including Personal Data, may be transferred to - and maintained on - computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside Canada and choose to provide information to us, please note that we transfer the data, including Personal Data, to Canada and principally process it there, as well as other jurisdictions where we operate.
Your consent to this Privacy Policy followed by your submission of such Personal Data represents your agreement to the transfers described herein.
Where you are located in the EEA, Switzerland and the United Kingdom, your Personal Data may be transferred to - and maintained on – our computers located outside of the EEA, Switzerland or the United Kingdom or to other recipients located in countries outside of the EEA, Switzerland and the United Kingdom which may not have data privacy laws equivalent to those in of the country in which you are located. By submitting your Personal Data to us, you consent to the transfer of your Personal Data to us, and the other recipients described in this Privacy Policy that are located in countries outside of the country in which you are located. You may withdraw your consent at any time. The withdrawal of your consent shall not affect the lawfulness of processing based on consent before its withdrawal, nor the lawfulness of processing based on other legal bases.
Varicent will take all the steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy and applicable data privacy laws and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your Personal Data.
8. Disclosure of Data
Disclosures to Business Clients as Part of the Service
When we provide our sales performance management services to our clients, we process Personal Data of their Users as directed by our business clients, and our business clients control and have access to that information. We only disclose Personal Data as permitted by our agreements with our business clients or as otherwise required by law.
Disclosures to Service Providers and Other Third Parties
We may share Personal Data with our third-party service providers that support our products and services, or other operational needs, as well as assist us in analyzing how our Service is used and assisting us in fulfilling the purposes outlined in this Privacy Policy. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose, pursuant to agreements entered into with Service Providers that comply with applicable data privacy laws, including, to the extent applicable, the GDPR”, the CCPA, and other laws that are similar, equivalent to, successors to, or that are intended to supplement the GDPR and CCPA. We may have liability to you in case of failure to comply with the law or this policy in handling onward transfer of your Information to third parties.
Analytics
We may use third-party Service Providers to monitor and analyze the use of our Service, except to the extent otherwise outlined in a separate agreement with our business clients.
Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits and activity.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en and Google’s Business Data Responsibility Side: https://business.safety.google/privacy/.
Behavioral Remarketing
Varicent uses remarketing services to advertise on third party websites to you after you visited our Service, except to the extent otherwise outlined in a separate agreement with our business clients. We and our third-party vendors use cookies to inform, optimize and serve ads based on your past visits to our Service.
Google Ads (AdWords)
Google Ads (AdWords) remarketing service is provided by Google Inc.
You can opt-out of Google Analytics for Display Advertising and customise the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page and Google’s Business Data Responsibility site
Bing Ads Remarketing
Bing Ads remarketing service is provided by Microsoft Inc.
You can opt-out of Bing Ads interest-based ads by following their instructions: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
You can learn more about the privacy practices and policies of Microsoft by visiting their Privacy Policy page: https://privacy.microsoft.com/en-us/PrivacyStatement
Facebook
For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950.
To opt-out from Facebook's interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217.
Facebook adheres to the Self-Regulatory Principles for Online Behavioural Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
We may also share Personal Data with third parties to comply with legal obligations; when we believe in good faith that an applicable law requires it; at the request of governmental authorities or other third parties conducting an investigation; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of our business, third parties, visitors to our websites, or the public. We may also share Personal Data with any person to whom we transfer any of our rights or obligations under any agreement, or in connection with a sale, merger, or consolidation of our business or other transfer of our assets, whether voluntarily or by operation of law, or who is otherwise deemed to be our successor or transferee.
Disclosure for Law Enforcement
Under certain circumstances, Varicent may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Legal Requirements
Varicent may disclose your Personal Data in the good faith belief that such action is necessary to:
- comply with a legal obligation;
- protect and defend the rights or property of Varicent;
- prevent or investigate possible wrongdoing in connection with the Service;
- protect the personal safety of Users of the Service or the public; and
- protect against legal liability.
9. Links to Other Sites
Our Service may contain links to other sites that are not operated by us. If you click a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
10. Security of Data
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. We have implemented reasonable information security policies and technical and organizational procedures commensurate with the sensitivity of the information and commercially acceptable standards to protect your Personal Data. However, we cannot guarantee its absolute security. If we collect Personal Data as confidential information under the scope of a non-disclosure agreement with the company you represent, we will comply with the protective requirements under such agreement unless we have your permission to act otherwise.
To substantiate the safeguards we put in place to protect Personal Data with respect to data uploaded to Varicent’s cloud services, we maintain information protection certifications administered by third-party compliance programs that are internationally recognized, such as ISO/IEC 27001 and SOC 2 Type II. More detail can be found on our security page at https://www.varicent.com/company/security.
11. Your Data Protection Rights Under the GDPR and CCPA
Your Data Protection Rights Under the GDPR
If you are a resident of the EEA, you have certain data protection rights subject to certain limitations and/or restrictions:
- The right to access, update or delete the Personal Data we have on you;
- The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;
- The right to object. You may have the right to object to our processing of your Personal Data in certain circumstances. You always have the right to object where we are processing your Personal Data for direct marketing purposes;
- The right of restriction. You have the right to request that we restrict the processing of your Personal Data;
- The right to data portability. You have the right to be provided with a copy of the Personal Data we have on you in a structured, machine-readable, and commonly used format;
- The right to withdraw consent. You also have the right to withdraw your consent at any time where we have relied on your consent to process your Personal Data;
- The right not to be subject to automated decision-making. You also have the right not to be subject to a decision based solely on automated processing of Personal Data, including profiling, which produces legal effects concerning you or similarly significantly affecting you.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the EEA, Switzerland, or United Kingdom. In order to contact Varicent’s Data Protection Officer in these jurisdictions please use the information below:
email: privacy@varicent.com
Your Data Protection Rights Under Certain U.S. State Laws
This U.S. State Privacy Rights and Disclosure section addresses legal obligations and rights specified in the CCPA, and similar U.S. state laws. These obligations and rights apply to residents of certain U.S. State laws and to information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a consumer, household, or device. It does not include deidentified or aggregate information, or public information lawfully available from governmental records.
In addition to the above, the following chart describes the categories of Personal Data we may have collected or obtained about you in the past 12 months and, for each category, where and why we collected it, and the categories of entities with which we shared the Personal Data, if any.
Category of Personal Data |
Sources from which Personal Data was collected or obtained |
Purpose of collection |
Categories of entities with which Personal Data was shared |
Address and other identifiers – such as name, postal address, email address, account name, Social Security number, job title, job function, company, telephone number, driver’s license number, passport number, or other similar identifiers |
Directly from you From your employer From other third parties, including clients, business contacts, data brokers and third-party sales software and systems From publicly available information |
To provide and operate the software and services to contact you to discuss the services or products you receive from us to respond to any questions or concerns you have raised to deal with administrative matters such as invoicing, renewal or to audit performance management metrics and transactions to perform services on our behalf, such as customer service, processing or fulfilling orders, and processing payments to comply with applicable law, company policies or carry out related compliance checks and controls to verify your identity or for other fraud and/or crime prevention to debug errors in our systems for marketing and advertising purposes for internal research, analytics and development |
Your employer Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; Third party business partners to your employer. |
Unique and online identifiers – such as IP address, device IDs, or other similar identifiers |
Directly from you From your employer |
To provide and operate the software and services to comply with applicable law, company policies or carry out related compliance checks and controls to verify your identity or for other fraud and/or crime prevention to debug errors in our systems for marketing and advertising purposes for internal research, analytics and development |
Service providers, including to provide and support our data management, analytics, security, and storage systems; |
Financial information |
Directly from you From your employer From other third parties, including clients, business contacts and third-party sales software and systems |
To provide and operate the software and services to contact you to discuss the services or products you receive from us to respond to any questions or concerns you have raised to deal with administrative matters such as invoicing, renewal or to audit performance management metrics and transactions to perform services on our behalf, such as customer service, processing or fulfilling orders, and processing payments to comply with applicable law, company policies or carry out related compliance checks and controls to verify your identity or for other fraud and/or crime prevention to debug errors in our systems for marketing and advertising purposes for internal research, analytics and development |
Your employer Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; Third party business partners to your employer. |
Commercial information – such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies |
Directly from you From your employer From other third parties, including clients, business contacts and third-party sales software and systems From publicly available information |
To provide and operate the software and services to contact you to discuss the services or products you receive from us to respond to any questions or concerns you have raised to deal with administrative matters such as invoicing, renewal or to audit performance management metrics and transactions to perform services on our behalf, such as customer service, processing or fulfilling orders, and processing payments for marketing and advertising purposes for internal research, analytics, and development |
Your employer Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; Third party business partners to your employer. |
Education or other professional information Directly from you |
From your employer From other third parties From publicly available information |
To provide and operate the software and services for marketing and advertising purposes for internal research, analytics and development |
Your employer Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; Third party business partners to your employer. |
Geolocation Information |
Directly from you From your employer |
To provide and operate the software and services to verify your identity or for other fraud and/or crime prevention; |
Service providers, including to provide and support our data management, analytics, security, and storage systems; |
Inferences drawn from CCPA PI – such as individual profiles, preferences, characteristics, behaviors |
Directly from you From your employer From other third parties From publicly available information |
To provide and operate the software and services for marketing and advertising purposes for internal research, analytics, and development |
Your employer Professional advisers, including accountancy and legal firms, in order to provide us with advice; Service providers, including to provide and support our data management, analytics, security, and storage systems; Third party business partners to your employer. |
If you are a California resident, California’s Shine the Light law permits you to request information about our practices related to the disclosure of your Personal Data (“California Information”) by Varicent to certain third parties for their direct marketing purposes. You may be able to opt out of our sharing of your California Information with unaffiliated third parties for the third parties’ direct marketing purposes in certain circumstances.
In addition, if we collect your Personal Data for our own purposes, rather than merely process your Personal Data on behalf of another company, and you are a California resident, the CCPA grants you the right to request certain information about our practices with respect to California Information. In particular, you can request the following:
- The categories of your Personal Data that we’ve collected;
- The specific pieces of your Personal Data that we have collected;
- The categories of sources from which we collected Personal Data;
- The business or commercial purposes for which we collected or sold Personal Data; and
- The categories of third parties with which we shared Personal Data.
You can submit a request to us for the following additional information:
- The categories of third parties to whom we’ve sold Personal Data, and the category or categories of Personal Data sold to each; and
- The categories of Personal Data that we’ve shared with service providers who provide services for us, like processing your bill.
12. Your Data Protection Rights in General
Your Right to Request the Deletion of Personal Data and Other Rights
Depending on the jurisdiction you reside in; you may be able to exercise rights similar to those outlined in Section 10. Upon your request, we will delete the Personal Data we have collected about you, except for situations when that information is necessary for us to: provide you with a product or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; comply with or exercise rights provided by the law; or use the information internally in ways that are compatible with the context in which you provided the information to us, or that are reasonably aligned with your expectations based on your relationship with us.
Your Right to Ask Us Not to Sell Your Personal Data
We do not, and will not, sell Personal Data to third parties.
Our Support for the Exercise of Your Data Rights
We are committed to providing you with control over your Personal Data. If you exercise any of these rights explained in this section of the Privacy Policy, we will not disadvantage you. Except as outlined in the first paragraph of this Section in accordance with applicable law, you will not be denied or charged different prices or rates for goods or services or provided a different level or quality of goods or services.
How We Will Handle a Request to Exercise Your Rights
For requests that relate to Personal Data that we process on behalf of another company, including specifically sales performance data that is processed through our sales performance management solutions for global enterprises, we are not able to directly process any privacy requests, and would direct you to submit your request directly to our client (aka the Data Controller).
For requests for access or deletion of Personal Data Varicent collects and processes directly as a Data Controller, we will first acknowledge receipt of your request. We will provide a substantive response to your request as soon as we can, generally within 30 days from when we receive your request, although we may be allowed to take longer to process your request under certain circumstances as allowed by applicable law. If we expect your request is going to take us longer than normal to fulfill, we’ll let you know.
When you make a request to access or delete your Personal Data, we will take steps to verify your identity. These steps may include asking you for Personal Data, such as your name, address, or other information we maintain about you. If we are unable to verify your identity with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of the denial.
You may also designate an authorized agent to submit requests on your behalf. If you do so, you will be required to verify your identity by providing us with certain Personal Data as described above. Additionally, we will also require that you provide the agent with written permission to act on your behalf, and we will deny the request if the agent is unable to submit proof to us that you have authorized them to act on your behalf.
13. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
14. Contact Us
If you have any questions about this Privacy Policy or would like to exercise any of your privacy rights with respect to Personal Data we hold as Data Controllers, please contact us as outlined below. If you would like to exercise a privacy right, please include your full name, email address, and the subject line labeled with the applicable jurisdiction in which you reside in. Requests for disclosure are generally free.
- By email: privacy@varicent.com; or
- By visiting this page on our website: varicent.com/contact-us/
15. Data Privacy Framework
Varicent complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Varicent has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Varicent has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Varicent may be liable under the EU-U.S. DPF Principles and/ or the Swiss-US DPF Principles in cases of onward transfers to third parties.
If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Data Privacy Framework Panel. For more information on this option, please see Annex I of the Data Privacy Framework Principles at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
Varicent may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Varicent US Opco Corporation is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
16. Dispute Resolution
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Varicent commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Varicent at: privacy@varicent.com
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Varicent commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in United States, the European Union, the United Kingdom, and/or Switzerland (as applicable). If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Effective as of May 30, 2024