Corporate Website Privacy Policy

ABOUT US

Our Corporate Details

The company Onfocus SAS whose headquarters are located at 450 Rue Baden Powell, 34000 Montpellier, FRANCE is represented by Mr Anh-Tuan GAI in his capacity as President and cofounder of the company. Onfocus SAS operates under the trade name Adagio.

Scope of this Policy

This Corporate Services Privacy Policy (“Policy”) describes how Adagio, as a data controller, collects, shares, and uses personal data we receive from and about you in a business-to-business capacity, such as when you visit our corporate website at https:/adagio.io, submit an application for employment, receive marketing communications from us, or utilize any dashboards or internal tools we make available to our business users (collectively, our “Corporate Services”), and your rights and choices regarding your personal data. 

This Policy only applies to our Corporate Services and does not apply to personal data we collect or process in connection with the operation of our advertising technology services. To review our privacy policy for those services, please visit our Advertising Services Privacy Policy.  

Our Data Protection Officer

Adagio has appointed a data protection officer (our “DPO”) who is responsible for ensuring Adagio complies with all regulations in force in terms of data protection and privacy. Should you have any questions related to this Policy, please contact our DPO by email at dpo@adagio.io or by postal mail at our registered office address indicated above.

TABLE OF CONTENTS

1. WHAT DATA DO WE COLLECT?
2. HOW DO WE COLLECT YOUR DATA?
3. HOW DO WE USE YOUR DATA?
4. LEGAL BASES FOR PROCESSING
5. HOW LONG DO WE STORE YOUR DATA?
6. HOW DO WE SHARE YOUR DATA?
7. INTERNATIONAL DATA TRANSFERS
8. AGGREGATED AND DE-IDENTIFIED INFORMATION
9. YOUR OPT-OUT CHOICES
10. WHAT ARE YOUR DATA PROTECTION RIGHTS?
11. SUPPLEMENTAL U.S. STATE DISCLOSURES
12. NOT DESIGNED FOR MINORS
13. EXTERNAL LINKS
14. DATA SECURITY
15. CHANGES TO THIS PRIVACY POLICY

1- What data do we collect?

The information listed in Section 2 below may be personal data under applicable laws in certain jurisdictions. Some of this information may be collected using cookies and similar tracking technology. 

Personal data generally means any data that identifies or that can be linked to an individual, including pseudonymous personal data which is data that cannot reasonably be linked or attributed to you without the use of additional information. For example, an email address might be altered into a unique code or identifier. Some data, like cookies or other tracking data, is already pseudonymous at the point of collection because it doesn’t directly include your name or contact details but can still be linked back to you when combined with other information.

2- How do we collect your data?

A. Information You Voluntarily Provide

• Contact information such as name, address, telephone number or email address and contact preferences. 
• Your professional information, such as job title, department, or job role.
• Contents of your communications, including email messages and responses when corresponding with us via email or through our website, blogs, event registrations or to sign up for marketing communications, or request a demo. 
• Information to create an account to use the Corporate Services, including user name and password. 
• We or our third-party payment processors may collect your personal data when we collect a payment card number or other payment information. 
• For job applicants, we will collect your resume and information related to your employment and education history, we may collect other personal data typically collected as part of the application process, including background check information. 

B. Information Collected Automatically

We use a variety of tracking technologies, such as cookies, to collect certain information about your activity when visiting our website or using our Corporate Services. The specific types of personal data automatically collected include:

• Device and Browser Information. Your device’s IP address and/or other unique identifiers, browser type, device type, internet service provider, and operating system. 
• Location Information. Your device’s approximate location (derived from your device’s IP address or other general signals that do not provide your precise location). 
• Usage Information. Information about your use of the Corporate Services, including the date and time of your visit, the services that refer you to our websites, the areas or pages of the Corporate Services that you visit, the amount of time you spend viewing or using the Corporate Services. We also create and store logs about our business users. The logged information includes IP addresses, endpoints you use, and if there are any errors, we store information to diagnose and correct any problems with the Products.
• Marketing Information. If you receive an email or other marketing communication from us, information may be collected about your interactions with the message (e.g., whether you opened, forwarded, or clicked through to our website). 
• Analytics. We use third-party analytics and tracking tools to better understand who is using the Corporate Services, how people are using them, and how to improve them.

C. Access to Information Collected by Third Parties 

We may receive access to your personal data collected by other sources, including online advertising networks and analytics providers, social media platforms, and companies such as data aggregators who may provide us with access to marketing lists to supplement the data collected directly from you as a visitor to our website or a user of our Corporate Services. 

D. Sensitive Personal Data

Depending on applicable law, sensitive personal data (also known as "special categories of personal data" under certain privacy laws) may include: (1) government-issued identification numbers (such as social security numbers, driver’s license numbers, or passport numbers); (2) financial account credentials; (3) precise geolocation data; and (4) information about racial or ethnic origin, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, or data concerning sex life or sexual orientation. 

We do not use tracking technologies to collect sensitive personal data and we do not use sensitive personal data with our Marketing Activities.

As a job applicant, employee, or business user of our Corporate Services, you may voluntarily provide us with your sensitive personal data and we may use it for the purpose for which it was collected. We do not process this information for purposes other than the purposes for which it was originally collected unless required by law.

3. how do we use your data?

We use your personal data for the business and commercial purposes listed below. 

A. Business Purposes: To operate our Corporate Services

• To create and maintain your account with us.
• To fulfill your orders and process your payments.
• To communicate with you and respond to your inquiries.
• To develop and improve our Corporate Services.
• To monitor, protect, and maintain the security and integrity of our Corporate Services, such as protecting against and preventing fraud, unauthorized transactions, claims and other liabilities.
• To establish, exercise, or defend legal claims and protect our rights, privacy, safety, property and/or those of others.
• To comply with applicable laws and regulations and respond to lawful requests for personal data.
• To carry out the sale or transfer of some or all of our business, such as a merger, acquisition, or bankruptcy proceeding.
• To process job applications. 
• We process sensitive personal data only for the purposes disclosed at the time of collection unless otherwise required by law. We will not use your sensitive personal data except as described in this Policy or as permitted by applicable law. 
• To fulfill any other purposes disclosed to you at the time of collection. 

B. Commercial Purposes: Marketing Activities

We engage third parties to provide analytics services, serve targeted advertising and perform marketing services to promote our company and our Products (“Marketing Activities”). 

4. LEGAL BASES FOR PROCESSING

The personal data collected automatically via cookies or tracking technologies on our website is processed based on your consent, except for essential cookies which are necessary for the functioning of our website and are processed based on our legitimate interests. Please visit our cookie tool for more information about the specific cookies we use and to manage your preferences.

For most of our processing activities described in Section 3 above (our Business Purposes and our Commercial Purposes) we may rely on our legitimate interests, except where such interests may be overridden by your interests or fundamental rights and freedoms. 

5. How Long do we store your data?

We will retain your personal data for as long as reasonably necessary to provide you with the Corporate Services, unless you opt out as described in this Policy. We may, however, retain information following your opt-out or withdrawal of consent where legally permitted or required (e.g., for legal compliance, auditing, or accounting reasons). 

For your personal data collected via tracking technologies on our website, please visit our cookie tool for further information

6. how do we share your data?

We may disclose your personal data to the following categories of recipients.

A. Business Recipients

• Processors/Service Providers. We disclose your personal data to service providers that provide business, professional, or technical support services to us, help us operate the Corporate Services, or administer activities on our behalf. We maintain Data Processing Agreements with all processors that ensure they only process personal data on our documented instructions, implement appropriate technical and organizational measures, assist with data subject requests, and meet all requirements under applicable data protection laws. A list of our key service providers and their processing activities is available upon request.  
• Third Parties as Part of a Corporate Transaction. In the event of a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with a bankruptcy or similar proceeding), we may disclose or transfer your personal data to certain third parties, such as the acquiring entity and its advisers.
• Legal Obligations, Security, and Safety. We will disclose your personal data as we believe necessary or appropriate to: (a) comply with applicable law; (b) enforce our terms and conditions; (c) protect our operations; (d) protect our rights, privacy, safety, or property, and/or those of you or others; and (e) allow us to pursue available remedies or limit damages that we may sustain. 
• Competent Governmental, Regulatory, and Public Authorities. We may disclose personal data to governmental or law enforcement authorities to comply with valid legal or regulatory obligations or requests. 
• Other Disclosed Purposes. We will disclose your personal data to other third parties at your direction or with your consent. 

B. Commercial Recipients

• Analytics Vendors. We disclose personal data to analytics vendors and help us measure the effectiveness of the Corporate Services, including our Marketing Activities.
• Marketing and Advertising Vendors. We disclose personal data to vendors for Marketing Activities, including social media platforms, third-party advertising networks, and other parties that assist us in tailoring, serving, and optimizing our ads.

7. INTERNATIONAL DATA TRANSFERS

In order to provide our Corporate Services, we may transfer personal data to, and process personal data in, countries outside the European Union (EU), the European Economic Area (EEA) and the United Kingdom (UK). We have implemented appropriate safeguards including Standard Contractual Clauses adopted by the European Commission and supplementary measures as required under applicable data protection laws. For transfers to the United States, we ensure recipients are certified under the EU-U.S. Data Privacy Framework where applicable. A list of countries where your data may be transferred and a copy of the safeguards can be obtained by contacting our DPO at dpo@adagio.io.

8. Aggregated and De-Identified Information 

We may aggregate and/or de-identify your personal data using technical measures that prevent re-identification, in accordance with applicable law. We may use and disclose such aggregated or properly de-identified information that cannot reasonably be used to identify you for any business purpose. We contractually prohibit recipients from attempting to re-identify such information and implement technical and organizational measures to prevent re-identification.

9. YOUR OPT-OUT CHOICES

A. Unsubscribing from our Marketing Emails

From time to time, we may send you marketing emails where we have your consent or where permitted by law. If you no longer wish to receive such messages, you may opt out at any time by following the unsubscribe link included in any email you receive from us or by contacting us at privacy@adagio.io. If you opt out, we may still send you service-related emails necessary for our ongoing business relations. We will honor your request to opt-out regardless of your location, though additional or different legal rights may apply based on your jurisdiction.

B. Your Choices Regarding Cookies and Tracking Technologies 

Adagio uses common information gathering tools such as cookies and similar tracking technologies to automatically collect information as you navigate our websites, your account, or when you interact with emails we send to you. This makes your use of our Corporate Services more efficient, easy and meaningful for you. You may elect to limit the collection of your personal data via these tracking technologies. However, doing so may disable many of the portions, features, or functionality of the Corporate Services. 

These choices apply only to the specific browser, device, or application from which you opt out, and you will need to opt out separately on each browser, device, or application you use. If you delete or reset your cookies or mobile identifiers, change browsers, or use a different device, any opt-out cookie or tool may no longer work and you will have to opt out again. Where technically feasible, we will honor Global Privacy Control (GPC) signals and other automated privacy control signals in accordance with applicable law. 

i. Manage Your Choices via our Cookie Consent Tool 

Adagio uses a consent management tool, which you can utilize to customize your cookie preferences. When you visit our website for the first time, a cookie consent banner will pop up and ask you to customize your cookie preferences. If you decide to change your preferences at a later date, you can do so by clicking on the “Cookie Choices” link at the bottom of our website. Please note that essential cookies cannot be disabled and if you decide to opt-out of functional cookies, certain functionality of our websites or your account may be impacted.  Any choices concerning cookies are browser and/or device specific. If you clear your cookies from your browser on any of your devices, your choices will need to be reset.

ii. Manage cookies via your browser, device, or application settings

You may also opt-out of the automatic collection of personal data through your settings in your browser or mobile device. Each browser and device manufacturer is different, so check your settings in each browser or device to learn how to set your privacy preferences. Please note that certain essential features of our services may not function properly if you disable all cookies. 

iii. Enable the Global Privacy Control

For visitors to our website from the United States, we support the Global Privacy Control which is a preference you can set in your web browser or in certain applications to inform the pages you visit that you do not want to be tracked. To set up the GPC on your device, visit the Global Privacy Control page. If you use different browsers or applications, you will have to enable the signal on each browser or application.

iv. Opt-Out of Use of Advertising Cookies using Third Party Tools

To learn more about how to opt out of interest based targeted advertising in general, you can visit opt-out pages operated by the Digital Advertising Alliance (United States) and the EDAA (Europe). These opt-out tools are provided by third parties, not Adagio. We do not control or operate these tools or the choices that others provide through these tools. Even if you choose to opt out using these tools, you may still receive some interest-based advertising due to technical limitations of these third-party tools.

10. WHAT ARE YOUR DATA PROTECTION RIGHTS?

In accordance with applicable regulations in the European Economic Area, Switzerland, and the United Kingdom, you have certain rights to control your personal data, including rights of access, erasure, objection, rectification, portability, restriction of processing, and withdrawal of consent. 

Process for exercising your rights 

If you’re interested in exercising your privacy rights under this Policy regarding our use of your personal data as part of our Corporate Services, please contact us at privacy@adagio.io with your request. Please put the statement “Privacy Rights Request” in the subject field of your email and provide us with your country or state of residence. 

We may take reasonable steps to verify your identity before responding to your request. Submitting a privacy rights request does not require you to create an account with us. We will only use any identification information you provide for verification purposes.

If you make a privacy rights request, we will respond to your request without undue delay and in any event within the time frame required by applicable law. This period may be extended as permitted under applicable law where necessary, taking into account the complexity and number of requests. We will inform you of any such extension where required by applicable law, together with the reasons for the delay.

Please note that the process for exercising your rights set forth in this Policy applies to personal data collected through our Corporate Services. Please visit our Advertising Services Privacy Policy for information on how to submit a request in connection with our collection or use of consumer personal data with our advertising technology services.  

If you wish to to exercise your opt-out rights for personal data collected through our Corporate Services, including to opt-out of the “sale” or “share” of your personal data, or the use or disclosure of your personal data for targeted advertising please see Section 9 above. 

Authorized agents 

If applicable privacy laws in your jurisdiction permit, you may authorize someone to make a privacy rights request on your behalf (an authorized agent). Only you, or someone legally authorized to act on your behalf, may submit a request related to your personal data. Authorized agents will need to demonstrate that you’ve authorized them to act on your behalf. We may request confirmation directly from you confirming that the agent is authorized to make such a request, or to request additional information to confirm the agent’s identity. 

Limitations

Please note that we may decline a request if: (1) we cannot verify your identity or your agent's authority despite reasonable efforts, (2) we cannot confirm the personal data relates to you, or (3) an exemption applies under applicable law. We will explain any denial in writing.

We may withhold these rights only where specifically permitted by applicable law. Any fees we charge will be reasonable, transparent, and limited to the administrative costs of fulfilling your request as permitted by applicable privacy laws.

Right to lodge a complaint

You have the right to file a complaint with any supervisory authority in the EU/EEA, particularly in your Member State of residence, place of work, or place of the alleged infringement. A list of the European data protection authorities can be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en. Adagio's lead supervisory authority under Article 56 of the GDPR is the Commission Nationale de l'Informatique et des Libertés (CNIL) in France. 

If a State Privacy Law applies, you may have the right to appeal our decision to not take action on a request. If we deny your appeal and depending on your state of residence, you may have the right to further appeal our decision to the State Attorney General or other state regulator in your state. Please visit this page for current information on the State Privacy Laws and your rights under them.   

We respectfully request that you contact us first at privacy@adagio.io before submitting a complaint with a supervisory authority. 

We will not discriminate against you for exercising your rights, including by denying goods or services, charging different prices or rates, providing a different level or quality of goods or services, or suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

11. Supplemental U.s. State Disclosures

Various U.S. states including but not limited to California, Colorado, Connecticut, Delaware, Iowa, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia, have enacted privacy laws that give certain rights to residents of those states (the “State Privacy Laws”). Depending on where you reside and to the extent a State Privacy Law applies, the supplemental disclosures in this section may apply to you.       

Where we collect, use, and disclose your personal data for Commercial Purposes for our Marketing Activities as described in this Policy, including personal data collected by cookies on our website, such disclosures may be considered “sales”, “sharing” or use of personal data for targeted advertising under certain State Privacy Laws. Our collection, use, and disclosure of personal data for these purposes is set forth in the chart below.

12. NOT DESIGNED FOR MINORS

We do not direct our Corporate Services to minors under the age of eighteen (18), nor do we knowingly collect or process any personal data from minors. If we learn that we have inadvertently collected personal data from a minor, we will promptly delete such information from our systems. If you are under 18 please do not use our website. If you are a parent or legal guardian and believe your child has provided us with their personal data, please contact us at privacy@adagio.io and we will use reasonable efforts to remove such information.

13. EXTERNAL LINKS

Please note that our website and other Corporate Services may include links to other websites or applications, including social media platforms. This Policy does not apply to the data practices of third parties and we are not responsible for their privacy practices. When you click on such links, you will leave our services and should review the privacy policies of those third parties, as their data practices may differ from ours. We encourage you to read the privacy notices available on other websites you visit.

14. DATA SECURITY

We have implemented physical, administrative, and technical safeguards to maintain the security, confidentiality, and integrity of your information. While we implement appropriate technical and organizational measures to protect your information, no transmission of information over the internet is absolutely secure. We therefore cannot guarantee the complete security of your information but will notify you of security incidents as required by applicable law.

15. CHANGES TO THIS PRIVACY POLICY

Adagio may change or update this Policy at any time. Any changes or updates we may make will be posted on this website. If we make material changes to this Policy, we will notify you through prominent notice on our website and, where you have an account with us or have provided your contact information, through direct communication at least 30 days before such changes take effect.

Accessibility Statement

Please email us at privacy@adagio.io if you have difficulty using or accessing any part of this site and we will make reasonable efforts to meet your needs. 

Prior versions:

• August 27th, 2024