PRIVACY POLICY

General Privacy Policy

At Semos Software LLC, a Delaware limited liability company organized and existing under the laws of the State of Delaware, and with head office located at 405 State Highway 121, Suite A250, Lewisville TX 75067, United States, (Hereinafter as “Semos Cloud”, “we”, “us”, or “our”) we are committed to safeguarding your privacy and protecting your personal data.

Please read this privacy policy carefully as it will help you make informed decisions about sharing your Personal Data with Semos Cloud.

1. When is this Privacy Policy applicable?

This Privacy policy applies when we act in the capacity of a Controller, i.e. when we process your data because:

• You represent a customer or a potential customer (for example as an employee) or you have been indicated as the contact person of our customer or a potential customer;
• You contact us offline, for example by telephone, fax, email, or post
• You visit our website and complete online forms, take part in surveys, or participate in any other interactive area that may appear on our website;
• You express interest and sign up for participation in our webinars;
• You provide us with your personal data in any other way for the data processing purposes set in this Privacy policy.

2. What personal data do we collect and how?

Information we collect automatically

Some information is collected automatically when you visit our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information.
Semos Cloud uses cookies or similar technologies (such as web beacons) to analyze trends, administer the website, monitor how visitors navigate around the websites, and gather demographic information about our user base as a whole. To find out more about how we use cookies on our websites and how to manage your cookie preferences please see our Cookie Policy.

Information we collect from other sources

We may receive information from third-party service providers, our affiliates, customers or potential customers if you are their contact person, our business and solution partners.

We may combine the personal information we collect from you with personal information we receive from other sources, such as third-party providers of business information and publicly available sources (like social media platforms). This may include e-mail addresses, job titles, email addresses, phone numbers, IP addresses, and social media profiles.

3. What are the data processing purposes and the legal basis?

We can process your personal data for various purposes and based on different legal grounds. Please note that we may process certain types of personal data for several purposes at the same time.

Marketing and promotional activities

We may process certain personal data to send you information about our services, and promotional activities and send you personalized offers for your Employer. We collect some of this data using cookies or similar technologies. For more information about cookies, please refer to our Cookie Policy.

We process this data based on your consent to receive marketing and promotional information, as well as our legitimate interest in pursuing direct marketing activities if you or your Employer are interested in our services. Consent can be revoked by using the unsubscribe option in our e-mail messages or sending an e-mail to info@semoscloud.com.

Organizing Webinars

We process your data if you express interest in participating in our webinars. We use this information to organize and manage our webinars effectively, including sending invitations, providing relevant materials, and facilitating communication before, during, and after the event.

The legal basis for processing this data is primarily based on your consent. Additionally, we may rely on our legitimate interests in efficiently managing our webinar activities and providing content to participants.

Communication with you and providing customer service

To communicate with you, provide our customer service, consultations, materials, and answer any inquiries about our Services, we may process your data that we already have (such as your name, contact information, and information about the Service you are using) and the data you provide to us during communication.

We process this data based on our legitimate interests to provide you with quality service and to solve any related problems.

Defending our legal interests

In certain cases, we may process your personal data to pursue and defend our legal interests, such as to prevent fraud or attempted fraud, prove your consent, and resolve any disputes, conflicts, and legal claims.

We process this data based on our legitimate interests to pursue and defend our legal interests.

Analysis and improvement of our Services

We may process your personal data to find out your opinion on our Services, as well as to analyze our Services, maintain client statistics and other analytical information for the purpose of assessing risks, improving the Service, and avoiding deficiencies.

We process this data based on our legitimate interests to analyze and improve our Services.

4. With whom do we share your data?

If reasonably necessary, we may share your data with:

• our affiliates if these entities perform operations for the purposes described in this Policy.
• Third Parties who provide services to support our websites, products, services, and operations. For example, we use service providers for data hosting, application development, marketing, sales support, and customer support and management.
• relevant public authorities if we are required to do so in accordance with the applicable laws or we have received such request from a public authority and in order to protect our legal rights.
  

In certain situations, we have a legal obligation to share your information with third parties to comply with legal requirements or requests, as well as to protect our, or a third party’s legal interests. We will also disclose your information to third parties to the extent allowed by applicable law, including:

• to a prospective purchaser or purchaser that acquires all or substantially all of us or our business;
• to a third party if we sell or buy any business or undergo a merger, in which case we may disclose your information to the prospective buyer of such business; and
• to a third party if we partner with other companies or businesses, undergo a reorganization, bankruptcy, or liquidation, or otherwise undertake a business transaction or sell some or all our assets. In such transactions, your information may be among the transferred assets.

Some of the parties mentioned above are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. In the case of international transfer of data, we use a variety of legal mechanisms to safeguard the transfer (for example: entering into Standard Contractual Clauses), including ensuring that the personal data will be transferred in compliance with the requirements of applicable data protection regulations.

5. How long do we retain your personal data?

We will process your personal data as long as one of the legal basis and purposes for data processing exists, as well as while we are required by applicable law to retain your personal data.

When these conditions end, we will delete or anonymize your data. If this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.

6. Privacy Rights

Regardless of your residence, citizenship, or location, we strive to offer the same fundamental privacy rights to all data subjects whose data we process. These rights include, but are not limited to, the right to:

• request access to your personal data;
• correct or amend your data, if you believe that the data, we have on you is outdated, incorrect, or incomplete;
• data portability and receive your data for transmission to another controller; and request the restriction of processing under certain circumstances.
• to object to processing, if we process your personal data based on our legitimate interests. If we receive such an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.
• withdraw your consent for the processing of your data, which is based on consent. Revoking of consent will not affect the lawfulness of processing based on consent before its withdrawal;
• request the erasure of your personal data. Please note that we will not be able to delete the data, that we are obliged to retain in accordance with applicable laws or that we require for the establishment, exercise, or defense of legal claims; and
• submit a complaint to your respective data protection supervisory authority if you believe that we have unlawfully processed your personal data.
• non-discriminatory treatment for the exercise of any of your data protection rights

While we strive to provide consistent privacy rights, there may be instances where legal obligations, governing data protection rights in your country, or restrictions prevent us from fulfilling certain requests and you from exercising certain rights. In such cases, we will transparently communicate the reasons for any limitations imposed.

To exercise your data privacy rights, you can submit a written request to us by sending it to our e-mail address dpo@semoscloud.com. Please note that to protect personal information, we may verify your identity by a method appropriate to the type of request you are making.

7. Important Privacy Statements

B2B Direct Marketing

We are a Business-to-Business (B2B) company, and our primary intention is to engage in direct marketing activities with representatives of current and potential customers in their capacity as business contacts.

Private consumers

Our services are not intended for private consumers. We do not knowingly collect personal data from private consumers, and our data processing practices are oriented toward business-related interactions. If you are a private consumer, we kindly ask that you refrain from using our services.
Children’s Privacy

Our website and services are not designed for or directed at children. We do not knowingly or intentionally collect personal data about children. If you believe that we have inadvertently collected personal data about a child, please contact us promptly at dpo@semoscloud.com, so that we may take the necessary steps to delete such information.

No Sale of Data

We do not sell your data to any third party. Your information remains confidential and is used solely for the purposes provided in this Policy.

Do-not-track Features

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.

Compliance with Data Protection Regulations

Our data processing practices adhere to the requirements of applicable data protection regulations, including but not limited to the General Data Protection Regulation (GDPR). We are committed to respecting your rights and ensuring the lawful and transparent processing of your personal data.

Customer’s data

This Privacy Policy does not apply when we act in the capacity of a Data Processor, and we process personal data on behalf of our Customers i.e. Customer’s Data. If you are an end-user of Semos Cloud Platform/s (JobPts, Nurture, Healthin, or Skills) any data collected and processed is governed by the Agreement with your employer and Semos Cloud.

Job and SaaS Academy Applicants
If you use our website, contact us offline, or use other channels to apply for open job positions or to participate in Academy programs offered by us or our affiliates you should refer to the applicable privacy policy available in the footer of our website under the Privacy Policy section, as some sections of this General Privacy Policy might not be applicable.

Data Protection Officer

To ensure high standards of data protection, we have appointed a Data Protection Officer (DPO). The DPO is available to address your questions or concerns related to data privacy. You can contact our Data Protection Officer by sending an email to dpo@semoscloud.com.

8. Updates to our Privacy Policy.

We may periodically update this Policy to reflect any changes in our data practices or legal requirements. The updated version will be indicated by an updated date and the updated version will be effective as soon as it is accessible.
Please check this Policy periodically for any updates.
The most recent version of this Policy is as of 01.02.2024.

Contact information

Thank you for entrusting us with your data. If you have any questions or concerns regarding your privacy, feel free to reach out to Semos Cloud at info@semoscloud.com or our Data Protection Officer at dpo@semoscloud.com.

End-Users Privacy Policy

At Semos Software LLC, a Delaware limited liability company organized and existing under the laws of the State of Delaware, and with head office located at 405 State Highway 121, Suite A250, Lewisville TX 75067, United States, (“Semos Cloud”, “we”, “us”, or “our”) we are committed to safeguarding your privacy and protecting your personal data.

This policy outlines how we collect, process, and protect the personal data of employees or otherwise authorized personnel of our Customers (“End-users/Users”, “you,” or “your”) who have been granted access to our cloud services.

Semos Cloud offers the following cloud services to its Customers:

• Total rewards portal that includes: Total Rewards Hub, Rewards and Incentives, Anniversaries and Celebrations, and Recognition Programs
• Employee communications: Surveys and Insights, and Internal Communications

The term “Customer” or “Employer” refers to the legal entity that has subscribed to our cloud services, grants and manages the User’s access to the cloud services, and processes Users personal data in the capacity of a Controller.

1. Applicability

This Policy is applicable when your Employer has granted you access to our cloud services, and you log in to our cloud services using the credential dedicated to you by your Employer.

When you use our cloud services we process your data in the capacity of a processor on behalf of your Employer, who processes your data in the capacity of a Controller. Our Customers, as data controllers, are responsible for complying with any regulations or laws that require providing notice, disclosure, and/or obtaining consent prior to collecting your personal data for the purpose of the Service Agreements.

This Policy does not apply to the Customer (as a data controller) or its use of the User’s data and the cloud services. For any questions related to your Employer’s privacy policies, and how they use your data, either within or outside the cloud services you should contact your Employer.

2. Collection of End-users data

The types of personal data we process might vary depending on the activated cloud services or activated functionalities within the cloud services. Your employer chooses which cloud services with which functionalities will be activated and made available to you.

Mandatory Data for Functionality (The name of the required field might vary depending on the customer’s HRIS):

Unique user ID, username, first name, last name, company email address, department, division, location (city and country), manager’s user ID, general job title, employment status, cost center, company code, and other data that might become mandatory while using the cloud services

Optional Data Processed for Enhanced Features:

• Gender, hire date, job title, personal number, birth date, employee photographs, and other data if provided by the customer or transferred from the customer’s HRIS.

Voluntary User-Generated Data:

• User Interaction Data that might include feedback, platform communication, and interaction with customer support.

System-Generated Data for Security:

• Automatically generated records (logs) to monitor usage patterns, maintain service quality, and address potential issues.

3. Purpose and legal basis of processing

Semos Cloud processes personal data to provide the services under the Customer’s contract with Semos Cloud.

Semos Cloud processes your data based and in accordance with the Data Processing Agreement, we have concluded with the Customer.

It is the Customer’s responsibility to ensure that they have a lawful basis for the collection and processing of your data.

4. Data sharing

We may share your data with:

• The Customer, who is the controller of your data;
• Our affiliates, if these entities perform operations for the purposes described in this Policy and for performance of Customer’s contract with Semos Cloud;
• Subcontractors who assist us in delivering the Platform and Services, such as reward partners, service providers for data hosting, communication, etc.;
• Relevant public authorities if we are required to do so in accordance with the applicable laws or we have received such request from a public authority and in order to protect our legal rights.

We may share your data with the type of subcontractors mentioned above only if the sharing is necessary for the performance of the Customer’s contract with Semos Cloud.

You can find attached a List of subcontractors Semos Cloud shares End-user data with as an appendix to this Policy.

The subcontractors with whom we share your data may vary depending on the activated cloud services by your Employer. For example, we may share data with Rewards Partners only if your Employer has activated the Rewards Program and hasn’t objected to the subcontractor.

Please note that some Reward Partners (e.g. Amazon) process your data in the capacity of a controller, and in this case, their privacy policies will apply. It is you responsibility to familiarize you self with Privacy Policies of third parties before sharing your data with them.

The subcontractors with whom we share data also depend on your Employer preferences and instructions. For example, when there is a possibility to choose from multiple hosting providers and multiple hosting locations, our Customer will choose which provider and at which location will host the data.

5. Data transfer outside of the EEA

Semos Cloud processes personal data outside of the EEA, and we use Standard Contractual Clauses as a transfer mechanism.

We may further transfer your personal data in countries outside of the European Economic Area (EEA), if your Employer has given Semos Cloud instruction to do so.

We take appropriate measures to ensure that the recipients of your personal data provide an adequate level of data protection, in accordance with the Data Processing Agreement we have in place with you Employer.

6. Third-party websites and Partner Services

Through our platform, you may access third-party websites and partner services. It is important to note that the use of such third-party websites and services is governed by their respective privacy policies. End-users must read and accept those privacy policies before obtaining services from these third parties, as required by the respective third-party privacy policies.

We do not control and are not responsible for the privacy practices of these third-party websites and partners. Any personal data that Users choose to share with these third parties through their website or other methods provided by them is voluntary. By accessing these third-party services, end users acknowledge that they are solely responsible for any data they provide and the consequences thereof.

7. Data Retention

We retain your personal data for as long as necessary to fulfill the services under the service agreement we have In place with our Customers.

After the termination or expiration of the service agreement, we shall, at the instruction of our Customers, either:

• Permanently delete all personal data processed on behalf of the Customer and upon request certify to the Customer that it has done so;
• Retain the data processed on behalf of the Customer for a maximum of 30 days, after which Semos Cloud will delete all personal data and upon request certify to the Customer that we have done so, or return to the Customer all personal data processed on its behalf and delete existing copies.

If the Customer explicitly agrees that anonymization is acceptable instead of deletion, we might anonymize the data and ensure that it cannot be re-identified.

8. Security

Semos Cloud is committed to implementing and maintaining robust information security measures to protect your personal data. In the event of a security incident involving your personal data, we have an obligation to notify the concerned Customers promptly, in which case we will work closely with the Customer to address the incident and take appropriate actions to mitigate any potential harm.

It is the Customer’s discretion to notify End-users of any data breach, as required by applicable data protection regulations.

9. Privacy Rights

As a data subject, depending on your residency, your Employer’s privacy policies, and applicable data protection regulations, you may have certain rights, including:

• The right to access your personal data;
• The right to rectify inaccurate data;
• The right to request the erasure of your data;
• The right to restrict processing;
• The right to data portability;
• The right to withdraw your consent for the processing of your data, which is based on consent;
• The right to object to processing, if your Employer processes your personal data based on legitimate interests.

You can exercise these rights through your Employer, who as the data controller is responsible for handling such requests.

If you submit a request for exercising one of these rights directly to Semos Cloud, we will forward that request to your Employer immediately.

Semos Cloud is not generally authorized to answer End-user requests when exercising their data protection rights.

10. Data Privacy Framework Notice

Semos Cloud complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) when processing personal data of End-users on behalf of our Customers with an establishment in the EU, who act as the Controllers. As a data processor, Semos Cloud processes personal data strictly in accordance with the instructions provided by the Controllers.

End-users should be aware that while Semos Cloud adheres to the DPF Principles regarding the processing of their personal data, their rights under the DPF primarily apply through the Controller, i.e., their Employer. Since the GDPR often provides more comprehensive rights, End-users in may find that their Employer, as the Controller, is better positioned to address any concerns or requests related to their data.

Semos Cloud has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles with regard to the processing of personal data of Users transferred from the EU. In cases where this Policy conflicts with the DPF Principles when processing the personal data of Users, the DPF Principles will govern. For more information about the Data Privacy Framework and to view our certification, please visit https://www.dataprivacyframework.gov/

If your Employer has an establishment in the EU you have the right to request access to the personal data that your Employer holds about you and to request corrections, amendments, or deletions of your personal data if it is inaccurate or processed in violation of the DPF Principles or the GDPR. If you wish to exercise any of your rights, we recommend contacting your Employer as the primary point of contact.

In compliance with the DPF Principles, Semos Cloud is committed to resolving any DPF Principles-related complaints about our collection and use of your personal data. We will investigate and attempt to resolve any such complaints within 45 days. You can refer any inquiries or complaints regarding our handling of personal data received under the DPF Principles by contacting us at the following e-mail: dpo@semoscloud.com.

If you do not receive a timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your complaint to your satisfaction, you can file a complaint with your local DPA. For more information on how to contact your local DPA or to file a complaint, please visit the European Commission’s website: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.html. The services of the DPAs are provided at no cost to you.

Under certain conditions, as more fully described on the DPF website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. The Federal Trade Commission has jurisdiction over Semos Cloud’s compliance with the DPF Principles.

In the context of onward transfers, Semos Cloud is responsible for the processing of Personal Data it receives under the DPF Principles and subsequently transfers to a third party acting as an agent on our behalf. Semos Cloud will remain liable under the DPF Principles if our agent processes your personal data in a manner inconsistent with the DPF Principles unless Semos Cloud is not responsible for the event giving rise to the damage.

Semos Cloud is not liable for onward transfers to Reward Partners which Semos Cloud has performed under the written instruction of the Customer or the End-user in order to provide the services in accordance with the Service Agreement and the Data Processing Agreement.

Please note that under certain circumstances, we may be required to disclose your Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

11. Changes to the Privacy Policy

Semos Cloud may periodically update this Policy, including the Appendix to this Policy, to reflect any changes in our data practices, legal requirements, or contractual arrangements between Semos Cloud and the Customer.

12. Contact information

If you have any questions or concerns regarding your privacy, feel free to reach out to Semos Cloud at info@semoscloud.com or our Data Protection Officer at dpo@semoscloud.com

APPENDIX: LIST OF SUBCONTRACTORS

Name	Address / Location	Description of services/processing	Data processed
Affiliated Companies
Semos Cloud DOO Skopje	North Macedonia	Operations and support	End-user data available within cloud services
Rewards Partners
SwagUp, Inc	New Jersey, USA	fulfilling orders for rewards	End-user data necessary for fulfilling orders for rewards, handling shipping logistics, and providing customer support related to these services (e.g. name, surname, email address, shipping address, phone number, and other relevant contact information)
Carlton One Engagement Corporation	Ontario, Canada
*Viator, Inc.	Massachusetts USA
Shutterfly LLC	California, USA
*Amazon	Washington USA or Luxembourg, depending on the End-user location
Hosting Services
Business Objects Software Limited T/A SAP Solutions	Dublin, Ireland	Hosting services; Personal data is stored in data centers whose geographical location is chosen by the Customer	End-user data available within cloud services
Microsoft Corporation (Microsoft Azure)	Washington, USA
Communication and Cloud Services
Microsoft Corporation	Washington, USA	e-mail communication, customer service, cloud storage	End-user ID data for managing end-users requests and inquiries and personal data necessary for creating and delivering reports upon the Customer’s request
Unlayer	California, USA	e-mail builder	Name and surname, e- mail address, received message
SendGrid (Twilio)	Colorado, USA	e-mail delivery services and SMS functionality	Name, surname, business e-mail address, received recognitions and awards
LINK Mobility Bulgaria EAD	Bulgaria

*These sub-contractors process personal data in the capacity of a Controller in accordance with applicable data protection regulations and their internal privacy policies. The End-user understands that Semos Cloud cannot influence these sub-contractor’s data processing activities. The End-user is independent in settling data relation matters with these sub-contractors.

SaaS Academy Privacy Policy

This Privacy Policy explains how Semos Cloud LLC Skopje with registration number 7154399 (“Semos Cloud”, “we”, “us”, or “our”) as the personal data controller process information about you during the recruitment process when you apply for admission to Semos Cloud SaaS Academy (“Academy”) and if you are admitted to participating in the Academy.

1. What personal data do we process?

When you apply for admission to the Academy, we may process different types of personal data for multiple purposes, according to the provisions of this Policy.

Reviewing your application

We process the data and information you have added to the Academy application, information provided to us during behavioral interviews on the “open day” or when you communicate with us, including but not limited to:

• your name, surname,
• contact details,
• other personal data in your CV, application, or cover letter,
• information on your skills, experience, qualifications, and other information you have made publicly available on social networking sites such as LinkedIn.

Admission into the Academy

If admitted to participating in the Academy, we may request additional information essential for SaaS Academy Agreement finalization, processing fee payments, issuing certificates, and fulfilling administrative requirements. This may include but is not limited to:

• banking information for payment processing,
• identification number,
• registered address,
• ID document, and
• emergency contact information

Proper functioning of the Academy

During the whole duration of the Academy, we process the data and information you voluntarily provide during the sessions of the program including project work, presentations, discussions, or any other interactive elements within the program.

Protecting our interests and legal rights

In case we need to enforce or defend our legal rights or take part in any other legal process, we may process the personal data we have collected about you during the Academy. We will process this information based on our legitimate interests to protect our rights, resolve disputes, prevent illegal activities such as fraud or abuse, and protect our legal interests.

2. On what legal basis do we process your personal data?

We will process the information provided during the application process based on your consent and our legitimate interests in carrying out the recruitment process and evaluating your application.

If you are admitted to the Academy, we will process your data to undertake the necessary steps before signing the SaaS Academy Agreement, for the performance of such agreement (of which you are a party), and to serve our legitimate interests in conducting the Academy and evaluating your progress.

3. How long do we keep your personal data?

We retain your data for as long as is necessary for the above-mentioned purposes, our legitimate interests as well as applicable laws and regulations. There are different data retention periods, depending on the type of data and the purpose of its processing. Upon termination or the fulfillment of the SaaS Academy Agreement, we will retain only the data we may require to protect our legitimate interests, as well as the data we are required to retain in accordance with applicable laws and regulations (for example, in accordance with the Law on Personal Data Protection, the Law on Obligations, the Law on Accounting, the Law on Archive Material, etc.)

4. Who can receive your personal data?

If reasonably necessary, during the recruitment process and the whole duration of the Academy we may share your data with:

• our affiliates, for example, if these entities assist in the selection and admission process;
• third parties who provide services during the selection and admission process (for example,
• hosting and data storing services, HR tools and systems, CRM tools and systems, legal, IT, and other advisors, when reasonably required);
• Trainers and other staff engaged to conduct the Academy sessions;
• relevant public authorities if we are required to do so in accordance with the applicable laws or we have received such request from a public authority and in order to protect our legal rights,

If any of the service providers are located outside the European Union or there are other legitimate

reasons, we may need to transfer data outside the European Union. In such cases, the personal data will be transferred in compliance with the requirements of applicable data protection regulations.

5. Do you know your rights?

As a data subject, you have the right to:

• request access to your personal data;
• correct or amend your data, if you believe that the data, we have on you is outdated, incorrect, or incomplete;
• data portability and receive your data for transmission to another controller; and
• request the restriction of processing under certain circumstances.
• to object to processing, if we process your personal data based on our legitimate interests. If we
• receive such an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests,
• rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.
• withdraw your consent for the processing of your data, which is based on consent. Revoking of consent will not affect the lawfulness of processing based on consent before its withdrawal;
• request the erasure of your personal data. Please note that we will not be able to delete the data, that we are obliged to retain in accordance with applicable laws or that we require for the establishment, exercise, or defense of legal claims; and
• submit a complaint to the Data Protection Agency of RNM if you believe that we have unlawfully processed your personal data.

6. Updates to our SaaS Academy Privacy Policy

We may periodically update this Policy to reflect any changes in our data practices or legal requirements.

The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible.

The most recent version of this Policy is as of 01.12.2023.

Have more questions about your personal data? We’re here to help!

If you have any further questions, please don’t hesitate to get in touch with our Data Protection Officer by simply sending an e-mail to dpo@semoscloud.com

Recruitment Privacy Policy

This Privacy Policy explains how Semos Software LLC, and Semos’s Cloud affiliated companies, all doing business as Semos Cloud (“Semos Cloud”, “we”, “us”, or “our”) as the personal data joint controllers process information about you during the recruitment process when you apply for a vacancy at Semos Cloud.

1. What personal data do we process?

When you apply for a position at Semos Cloud, we may process different types of personal data for multiple purposes.

Reviewing your application

We process the data and information you have added to the job application, and information you provided to us during the job interview or when you communicate with us, including but not limited to:

• your name, surname,
• contact details,
• other personal data in your CV, application, or cover letter,
• information on your skills, experience, qualifications, and other information you have made publicly available on social networking sites such as LinkedIn, and
• additional information when a particular position requires it.

Collecting references

If you have provided such information, we may contact your previous colleagues or other referees to find out more about your suitability for a particular vacancy. We will only contact the referees you have indicated. For this purpose, we will process the name, surname, and contact details of the referee, and the information provided about you. We will process this data based on your and the referee’s consent.

Protecting our interests and legal rights

In case we need to enforce or defend our legal rights or take part in any other legal process, we may process the personal data we have collected about you during the Academy. We will process this information based on our legitimate interests to protect our rights, resolve disputes, prevent illegal activities such as fraud or abuse, and protect our legal interests.

2. What’s the legal basis for processing?

We will process your data based on your consent and our legitimate interests in carrying out the recruitment process and evaluating your application.

3. How long do we keep your personal data?

We retain your data for as long as is necessary for the above-mentioned purposes, our legitimate interests as well as applicable laws and regulations.

There are different data retention periods, depending on the type of data and the purpose of its processing.

Upon finalizing the recruitment process, we will retain only the data we may require to protect our legitimate interests, as well as the data we are required to retain in accordance with applicable laws and regulations (for example, in accordance with the Law on Personal Data Protection, the Law on Obligations, the Law on Labor Relations, the Law on Archive Material, etc.).

4. Who can receive your personal data?

If reasonably necessary, during the recruitment process we may share your data with:

• our affiliates, for example, if these entities provide assistance in the recruitment process or if the position is located in one of our affiliates.
• third parties who provide services during the recruitment process (for example, hosting and data storing services, HR tools and systems, CRM tools and systems, legal, IT, and other advisors, when reasonably required).
• relevant public authorities if we are required to do so in accordance with the applicable laws or we have received such request from a public authority and in order to protect our legal rights,

If any of the service providers are located outside the European Union or there are other legitimate reasons, we may need to transfer data outside the European Union. In such cases, the personal data will be transferred in compliance with the requirements of applicable data protection regulations.

5. Do you know your rights?

As a data subject, you have the right to:

• request access to your personal data;
• correct or amend your data, if you believe that the data, we have on you is outdated, incorrect, or incomplete;
• data portability and receive your data for transmission to another controller; and request the restriction of processing under certain circumstances.
• to object to processing, if we process your personal data based on our legitimate interests. If we receive such an objection, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims.
• withdraw your consent for the processing of your data, which is based on consent. Revoking of consent will not affect the lawfulness of processing based on consent before its withdrawal;
• request the erasure of your personal data. Please note that we will not be able to delete the data, that we are obliged to retain in accordance with applicable laws or that we require for the establishment, exercise, or defense of legal claims; and
• submit a complaint to your respective data protection supervisory authority if you believe that we have unlawfully processed your personal data.

6. Updates to our Recruitment Privacy Policy.

We may periodically update this Policy to reflect any changes in our data practices or legal requirements. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible.

The most recent version of this Policy is as of 04.12.2023.

Have more questions about your personal data? We’re here to help!

If you have any further questions, please don’t hesitate to get in touch with our Data Protection Officer by simply sending an e-mail to dpo@semoscloud.com

Cookie Policy

Semos Software LLC, a Delaware limited liability company organized and existing under the laws of the State of Delaware, with tax number 47-2005064, and with head office located at 405 State Highway 121, Suite A250, Lewisville TX 75067, United States, (Hereinafter as “Semos Cloud”, “we”, “us”, or “our”) issued this Cookie Policy to explain how we use browser cookies, web beacons, and similar technologies (we refer to them collectively as “Cookies”) when you visit our website (such as https://semoscloud.com/), and/or any related online services, sales, marketing or events (we refer to them collectively as the “Services“).

We or authorized third parties may use Cookies on our website to recognize your computer or device and to store certain types of information when you interact with our Services. Cookies enable automatic activation of the features on the website and tailor your online experience accordingly.

1. What are cookies?

Cookies are small text files that websites store on a computer or other device (but don’t access its contents). Cookies are generally used for the proper operation of the features and functionalities of the website, to keep track of movements within the website, to remember visitor’s preferences, and login details, or to enhance your experience.

A first-party cookie is a kind of cookie that goes back and forth between your computer or device and the website. The cookie allows the website to store your preferences. Unlike First – party, Third-party cookies typically travel between your computer or device and a website other than the one you are visiting, usually an ad-serving company, that is a different site from the one you are visiting.

Cookies can be “session cookies” or “persistent cookies”. Session cookies are temporary cookies that are erased once you close your browser and leave the site. They are created temporarily while you are visiting the website and they are not stored on your computer or device. On the other hand, persistent or permanent cookies are stored on your computer or other devices for a predetermined length of time when you visit the website. They stay on your computer or other device until you manually delete them or until your browser deletes them based on the duration period specified in the persistent cookie file. These kinds of cookies are activated automatically, once you visit the website that stores the cookie.

2. Types of cookies used on our website

Strictly Necessary Cookies provide the technical operation of the website and allow you to move around the website more freely and securely. These cookies do not gather personal information and cannot be used for marketing or advertising purposes. Since they make the website or product work, they cannot be turned off.

Performance/Statistic cookies collect information on the performance of a website such as counting the visits and traffic sources, so we can measure and improve the performance of our Services. They help us know, which pages of the website are visited most often, time spent, or any error messages. These kinds of Cookies do not collect any personal information, they gather anonymous and aggregate data.

Functionality/Preference cookies allow the website to remember visitor’s choices or preferences regarding the region, language, text size, font, etc. These kinds of cookies help to increase the usability of the website while providing personalized features. Functionality cookies may store certain types of personal information if needed to provide some functionalities.

We use Targeting/Marketing cookies to track the efficiency of our online advertising campaigns and marketing communication and to assign personalized advertisements for you. While you are browsing our Services, these cookies use ad-tracking functionality that collects data about you, including what kind of advertisements you view and how you interact. These kinds of cookies help us or third-party advertisers to display advertisements that are most relevant to you.

Apart from the above-stated types of cookies, we use Other/Unclassified Cookies on our website which serve various purposes and durations, enhancing user experience and functionality through unclassified mechanisms that contribute to the site’s performance.
You can always manage your cookie preferences.

3. Use of Similar Technologies (Web Beacons)

We may also use from time to time, some other similar technologies like web beacons (also called “tracking pixels” or “clear gifts”) in addition to, or in combination with, cookies. Web beacons are tiny graphics files with unique identifiers placed on a website or in an email. They help us to better understand the behavior of visitors on our websites and the recipients of our e-mail.

4. Why do we use cookies?

Through the cookie file stored on your computer or other device, we identify your access to our Services when you are interacting with our website, and it tells us how and when you visit the Services.
We use Cookies for different purposes. We use cookies to provide and improve our Services, to track your behaviors through our Services, to distinguish the visitors on our website, and to make your online experience much easier and more appropriate.
We may also use cookies to ensure that the contents of our Services are presented in the most suitable manner according to your preferences, to provide analytics related to the usage of our Services, compile anonymous and aggregate statistics, or to enable us to market our services on third party websites through our marketing partners.

5. Third-Party Cookies and Tracking Technologies

We have no control over and are not responsible for the cookies or similar tracking technologies of third-party services posted on our website. For more information about the cookies used on third-party services, or if you would like to disable cookies from any third-party service, please refer to the privacy policy or cookies information on the relevant service on their website.

6. Updates to Our Cookie Policy

We may periodically update this Cookie Policy to reflect any changes in our data practices or legal requirements. The updated version will be effective as soon as it is accessible.

The most recent version of this Policy is as of 29.02.2024.

7. Have more questions about cookies? We’re here to help!

If you have any further questions, please don’t hesitate to get in touch with our Data Protection Officer by simply sending an e-mail to dpo@semoscloud.com