Privacy Policy
Last Updated: January 2025
1. Introduction
Sigma Portal ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
2. Information We Collect
2.1 Information You Provide
We collect information you provide directly to us, including:
- Account Information: Email address, password, name, company information
- Profile Information: Profile picture, bio, preferences
- Payment Information: Billing address, payment method details (processed by secure third-party providers)
- Data You Upload: Datasets, models, analyses, and other content you create or upload
- Communications: Messages, support requests, feedback
2.2 Information We Collect Automatically
When you use our Service, we automatically collect:
- Usage Data: Pages visited, features used, time spent, click patterns
- Device Information: IP address, browser type, operating system, device identifiers
- Log Data: Server logs, error reports, performance data
- Cookies and Tracking: Session tokens, preferences, analytics data
2.3 Information from Third Parties
We may receive information from:
- Single sign-on providers (Google, Microsoft)
- Payment processors
- Analytics and security service providers
- Public databases and data enrichment services
3. How We Use Your Information
We use the information we collect to:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Provide and maintain the Service | Account, usage, uploaded data | Contract performance |
| Process payments and billing | Payment information, usage data | Contract performance |
| Improve and optimize our Service | Usage data, feedback | Legitimate interest |
| Provide customer support | Account, communications, usage data | Contract performance |
| Send important notifications | Contact information | Contract performance |
| Ensure security and prevent fraud | All data types | Legitimate interest |
| Comply with legal obligations | All data types as required | Legal obligation |
4. Information Sharing and Disclosure
We do not sell your personal information. We may share your information in the following circumstances:
4.1 Service Providers
We share information with trusted third-party service providers who help us operate our Service, including cloud hosting, payment processing, analytics, and customer support tools.
4.2 Legal Requirements
We may disclose information if required by law, court order, or government request, or to protect our rights, property, or safety.
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.
4.4 Consent
We may share information with your explicit consent or at your direction.
5. Data Security
We implement comprehensive security measures to protect your information:
- Encryption: Data is encrypted in transit (TLS) and at rest (AES-256)
- Access Controls: Strict access controls and authentication requirements
- Infrastructure: Secure cloud infrastructure with regular security audits
- Monitoring: 24/7 security monitoring and incident response
- Compliance: SOC 2 Type II and GDPR compliant practices
6. Data Retention
We retain your information for as long as necessary to provide our Service and fulfill legal obligations:
- Account Data: Retained while your account is active plus 90 days after deletion
- Usage Data: Retained for up to 2 years for analytics and service improvement
- Uploaded Data: Retained according to your data retention settings
- Financial Records: Retained for 7 years for tax and legal compliance
- Support Communications: Retained for 3 years
7. Your Rights and Choices
You have the following rights regarding your personal information:
7.1 Access and Portability
You can access and export your personal data through your account settings or by contacting us.
7.2 Correction and Updates
You can update your personal information through your account settings.
7.3 Deletion
You can delete your account and personal data by contacting us. Some information may be retained as required by law.
7.4 Marketing Communications
You can opt out of marketing emails by clicking unsubscribe or updating your preferences.
7.5 Cookies
You can control cookies through your browser settings, though this may affect Service functionality.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:
- Adequacy decisions by relevant authorities
- Standard contractual clauses
- Binding corporate rules
- Certification schemes
9. Children's Privacy
Our Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected such information, we will take steps to delete it promptly.
10. Third-Party Services
Our Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties. We encourage you to review their privacy policies.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through our Service. Your continued use after such changes constitutes acceptance of the updated policy.
12. Regional Privacy Rights
12.1 European Union (GDPR)
If you are in the EU, you have additional rights including the right to object to processing, restrict processing, and lodge complaints with supervisory authorities.
12.2 California (CCPA)
California residents have the right to know about, delete, and opt-out of the sale of personal information (though we do not sell personal information).
Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
Email: privacy@sigmaportal.com
Data Protection Officer: dpo@sigmaportal.com