Effective Date: June 2023

Bipsync is a Research Platform designed for the investment management industry. We’re providing this Privacy Policy to explain our practices regarding the collection, use, retention and disclosure of information that we receive through our website at http://www.bipsync.com (the “Site”) and our Research Management System, including the Bipsync applications (the “Bipsync Services” and collectively with the Site, the “Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

This Privacy Policy applies to all of Bipsync’s operating divisions, subsidiaries, affiliates, and branches, including any additional subsidiary, affiliate, or branch of Bipsync that we may subsequently form.

If at any time you have questions about our practices or any of your rights described below, you may reach our Data Protection Officer (“DPO”) and our dedicated team that supports this office by contacting us at privacy@bipsync.com.

How Do We Collect Information?

The categories of personal information we collect and use depend on whether you are a user of the business version of Bipsync (meaning you are an authorized user of a company or other organization that uses the Bipsync Services in the workplace) (“Authorized User”), or if you are a visitor to the Site (“Visitor” and, together with Authorized Users, “Users”). All Authorized Users access Bipsync Services through an individual user account (“Account”) as specified in the applicable Subscription Services Agreement between Bipsync and the organization you are accessing the Bipsync Services on behalf of (“Agreement”). To the extent a definition within this Privacy Policy conflicts with a definition in the Agreement, the definition in the Agreement shall govern.

If you use our Services, we collect personal information about you.  Some of the ways that Bipsync may collect personal information include:

Information You Provide

Account Information: If you create an Account, we’ll collect certain personal information such as your name, email address, username, and password.

Communications with Us: We may collect personal information from you such as email address, phone number or mailing address when you choose to request information about our Services, request to receive customer or technical support, or otherwise communicate with us, including via the Contact section of the Site.

Surveys: We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information which may include personal information.

Conferences, Trade Shows, and other Events: We may attend conferences, trade shows, and other events where we collect personal information from individuals who interact with or express an interest in Bipsync and/or the Services. If you provide us with any information at one of these events, we will use it for the purposes for which it was collected.

Information Provided by Your Organization

If you are an Authorized User, we may receive information about you from your organization, such as your name and email address, to help with Account set-up or management of support requests.

Information Collected Using Cookies and other Web Technologies

Like many website owners, we, as well as third parties that provide content, advertising, or other functionality on the Services, use automated data collection tools such as Cookies and Web Beacons to collect certain information.

“Cookies” are small text files that are placed on your device by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you’ve accessed the Site, logged in to the Services and to tell us how and when you interact with our Services. We also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you will not be able to access all portions or features of the Services. When you access our Site, certain third-party service providers that we engage may also place their own Cookies on your device. However, third-party service providers cannot place their own Cookies on your device when you access the Bipsync Services. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.

“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services and to monitor how many visitors view our Services.

In addition, we may automatically collect data regarding your use of our Services, such as the types of content you interact with and the frequency and duration of your activities. We may combine your information with information that other people provide when they use our Services.

We may also use Google Analytics and other service providers to collect information regarding visitor behavior and visitor demographics on our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout.

Information Related to Use of the Services

Our servers automatically record certain information about how our Services are used (we refer to this information as “Usage Data”). Usage Data may include information such as a User’s IP address, browser type, IMEI, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, operating system, the pages or features of our Services to which a User browsed and the time spent on those pages or features, frequency with which our Services are used by a User, search terms, and other statistics. We use Usage Data to administer the Services and we analyze (and may engage third parties, who are under an obligation of confidentiality, to analyze) Usage Data to improve, customize, and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. For Authorized Users, in addition to this Privacy Policy, all use of Usage Data relating to you will be subject to the terms and conditions of the Agreement between Bipsync and your organization (as applicable). Any use of Usage Data by third parties on our behalf will be subject to requirements that such third parties maintain the confidentiality and integrity of such Usage Data.

Information Sent by Your Mobile Device

We may collect certain information that your mobile device sends when you use our Services, such as a device identifier, user settings, and the operating system of your device, as well as information about your use of our Services. Such information helps us to, and will be used in order to, improve, customize and enhance our Services.

Location Information

In some cases we collect and store information about where you are located, such as by converting your IP address into a rough geolocation. We may use location information to improve and personalize our Services for you.

Information from Other Sources

We may obtain information about you from other sources, including through third party services and organizations to supplement information provided by you. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect information about you from that third-party application that you have made public via your privacy settings. Information we collect through these services may include your name, your user identification number, your user name, location, gender, birth date, email, profile picture, and your contacts stored in that service. This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with information about our business, products, and Services.

How Do We Use Information?

We may use personal information for a variety of business purposes, including to:

Fulfill our contracts and provide Services, such as:

• Managing your information and accounts;
• Responding to your questions, comments, and other requests;
• Providing access to certain areas, functionalities, and features of our Services;
• Communicating with you about your account, activities on our Services and policy changes;
• Processing your financial information and other payment methods for products or Services purchased;
• Processing applications and transactions;
• Answering your requests for customer or technical support; and
• Allowing you to register for events.

Analyze and improve our Services pursuant to our legitimate interest, such as:

• Measuring interest and engagement in our Services;
• Conducting research and development;
• Developing new products and Services and improving, upgrading, or enhancing our Services;
• Ensuring internal quality control;
• Verifying your identity and preventing fraud;
• Detecting and repairing bugs or other software issues;
• Detecting, preventing, and protecting against security incidents and malicious, deceptive, fraudulent or potentially prohibited or illegal activities and prosecuting those responsible for that activity;
• Enforcing our Terms; and
• To comply with our legal obligations, protect your vital interest, or as may be required for the public good.

Provide you additional content and Services, such as:

• Providing you with customized materials about offers, products, and Services that may be of interest, including new content or Services;
• Providing Services to you and our customers;
• Auditing relating to transactions or your use of the services; and
• Other purposes you consent to, are notified of, or are disclosed when you provide personal information.

You may contact us at any time to opt out of the use of your personal information for marketing purposes, as described below.

Use De-identified and Aggregated Information. We may use personal information and other data about you to create de-identified and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access our Services, or other analyses we create.

Share Content with Friends or Colleagues. Our Services may offer various tools and functionalities. For example, we may allow you to provide information about your friends through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services.

Automatic Collection Technologies. We, as well as third parties that provide content, advertising, or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies to automatically collect information through the Services. Our uses of these technologies fall into the following general categories:

• Operationally Necessary. This includes technologies that allow you access to our Services, applications, and tools that are required to identify irregular site behavior, prevent fraudulent activity and improve security or that allow you to make use of our functions such as saved search, or similar functions;
• Performance Related. We may use technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;
• Functionality Related. We may use technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services or keeping track of your specified preferences, interests, or past items viewed;

What Information Do We Share With Third Parties?

We may share any personal information that we have collected as described below:

Your Organization

If you are an Authorized User, under the terms of the Agreement between Bipsync and your organization, your organization and other personnel and Authorized Users from your organization are permitted to access the information in your Account, both during your use of the Services and/or when you or your organization ceases using the Services.  In addition, at a minimum, the name associated with your Account may be displayed to others within your organization and in connection with your use of the Bipsync Services. Certain User roles assigned by your organization may allow personnel from your organization with specific User credentials access to Account information as required for purposes such as compliance or management of Users and User groups.

Our Services Providers

We may engage third-party service providers to work with us to administer and provide the Services. These third-party service providers have access to personal information for the purpose of performing services on our behalf. Such third parties include: customer relationship management software providers, Internet hosting and cloud service provider services, and customer support services and software.

Business Partners

We may provide personal information to business partners with which we jointly offer products or services. In such cases, our business partner’s name will appear along with ours.

Affiliates

We may share personal information with our affiliated companies.

Information Shared with Other Third Parties

We may share aggregated and de-identified information (such that information cannot be identified as the information of a particular User) with third parties for industry research and analysis, demographic profiling and other similar purposes, and for third-party programs to access the Services in a manner that extends the Bipsync user experience and helps us operate and improve the Services.

Information Disclosed in Connection with Business Transactions

Information that we collect from our Users, including personal information, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your personal information, will be disclosed or transferred to a third-party acquirer in connection with the transaction, as permitted by law and/or contract.

Information Disclosed for Our Protection and the Protection of Others

We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate: (i) to respond to claims, legal process (including subpoenas), law enforcement requests and national security requests; (ii) to protect your, our, or others’ rights and safety and the rights and safety of the public in general; (iii) to stop any activity that we consider illegal, unethical or legally actionable activity; (iv) to enforce our policies or contracts; (v) to collect amounts owed to us; or (vi) to assist with an investigation or prosecution of suspected or actual illegal activity. In the event of such disclosure or transfer of personal information to public authorities, there is a chance that Bipsync will not be able to require such public authorities to implement and maintain reasonable security controls to protect the confidentiality, integrity and availability of personal information.

Where Do We Send Information?

As our Users operate globally, we need to send User personal information to different countries in order to provide the Services, and you might send your personal information to different countries in the course of using Bipsync Services. If you are an Authorized User, your organization may require us to store personal information in a specific region. You agree that all information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. We have taken appropriate safeguards to require that your personal information will remain protected and require our third-party service providers and partners to have appropriate safeguards as well. Further details can be provided upon request.

When we send personal information outside of the European Economic Area (EEA), we use a variety of legal mechanisms to make sure that your personal information is sent with appropriate safeguards including (as applicable):

Data Retention

We store the personal information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

The Security of Your Information

We take reasonable measures to protect the information that we collect from or about you (including personal information) from unauthorized access, use or disclosure. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure.

By using the Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an e-mail to you.

Links to Other Sites

Our Services may contain links to other websites and services. Any information that you provide on or to a third-party website or service is provided directly to the owner of the website or service and is subject to that party’s privacy policy. Our Privacy Policy does not apply to such websites or services and we’re not responsible for the content, privacy or security practices and policies of those websites or services. To protect your information we recommend that you carefully review the privacy policies of other websites and services that you access.

Your Choices

You have certain choices about your personal information.  Where you have consented to the processing of your personal information, you may withdraw that consent at any time and prevent further processing by contacting us as described below. Even if you opt out, we may still collect and use non-personal information regarding your activities on our Services and for other legal purposes as described above.

Email Communications

If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to our Terms or this Privacy Policy).

Mobile Devices

We may send you push notifications through our mobile application. You may at any time opt out from receiving these types of communications by changing the settings on your mobile device. We may also collect location-based information if you use our mobile applications. You may opt out of this collection by changing the settings on your mobile device.

“Do Not Track”

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Your Privacy Rights

You can access the personal information associated with your Account via your Account. If you want Bipsync to delete your personal information and/or your Account, you can do so by contacting us at support@bipsync.com. Please note that if you are an Authorized User and you make a request to delete your personal information and that data is necessary for the continuation of Services your organization has purchased, the request will be honored only to the extent it is no longer necessary for any Services purchased or required for our legitimate business purposes or legal or contractual record keeping requirements. We’ll take steps to delete your personal information as soon as is practicable.

In accordance with applicable law, you may have the right to:

• request confirmation of whether we are processing your personal information;
• obtain access to or a copy of your personal information;
• receive an electronic copy of your personal information or ask us to send that information to another company;
• restrict our uses of your personal information, including the right to opt in or opt out of the sale of your personal information to third parties, depending on applicable law;
• seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed personal information; and
• request erasure of personal information held about you, subject to certain exceptions prescribed by law.

If you would like to exercise any of these rights, please use the request form located here. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.

Supplemental Notice for California Residents

This Supplemental California Privacy Notice only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of personal information Bipsync has collected about them and whether Bipsync disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding twelve months. California residents can find this information below:

The categories of sources from which we collect personal information and our business and commercial purposes for using personal information are set forth above.

Additional Privacy Rights for California Residents

“Sales” of Personal Information under the CCPA. For purposes of the CCPA, Bipsync does not “sell” personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age.

Non-Discrimination. California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.

Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. To designate an authorized agent, please contact us as set forth below.

Verification. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include confirming the email address associated with any personal information we have about you.

If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as set forth below. We will process such requests in accordance with applicable laws.

Treatment of Authorized User Personal Information Following Termination

If you are an Authorized User who is utilizing the Bipsync Services under your organization’s Agreement with Bipsync, then following the termination of your or your organization’s access to or use of the Bipsync Services, Bipsync may, if required by the Agreement or your organization, but subject to the requirements of applicable law or any Governmental Authority, deliver to your organization any personal information we have in our possession.

Our Policy Toward Children

Our Services are not directed to children under 13 (or other age as required by local law) and we do not knowingly collect personal information from children. If we learn that we have collected personal information of a child in violation of applicable law, we will take steps to delete such information and terminate the child’s account as soon as possible.

Supervisory Authority

If you are located in the European Economic Area, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law.

Changes to This Privacy Policy

We may modify and revise this Privacy Policy from time to time. If we make any changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services or by sending you an email or other notification as required by law, and we’ll indicate when those changes will become effective. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you use the Services after the updated Privacy Policy is posted on the Services, so please review our Privacy Policy periodically.

Questions?

If you have any questions about our Privacy Policy or if you wish to submit a request to exercise your rights as detailed in this policy, please contact us at:

Bipsync Ltd.

privacy@bipsync.com