Operative Privacy Policy

Effective February 20, 2025

1. INTRODUCTION

SintecMedia Ltd. d/b/a Operative, SintecMedia NYC, Inc. d/b/a Operative, and our direct and indirect affiliates and subsidiaries (“Operative”, “we”, “us”, or “our”) are committed to protecting your privacy. This privacy policy (this “Privacy Policy”) applies to Operative’s Website, located at www.operative.com (the “Website”), and Operative’s related software and products, software as a service and professional services (collectively, the “Services”). This Privacy Policy aims to inform you about how we collect, use, disclose and store information about you. By using this Website and the Services, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, you should not use this Website. If you or your employer has a separate agreement with Operative, the terms of such agreement may supersede this Privacy Policy.

This Privacy Policy describes the categories of information that identify or may identify you as an individual (“Personal Information”) that we may collect from you, and how we may process your Personal Information, including how we use your Personal Information , how we secure your Personal Information, when we may disclose your Personal Information to third parties and when we may transfer your Personal Information outside of your home jurisdiction. We will process your Personal

Information for the legitimate business purposes described herein. In addition, this Privacy Policy also describes your rights regarding the Personal Information that we hold about you, including how you may access, correct and request erasure of your Personal Information.

We will only process your Personal Information in accordance with this Privacy Policy unless otherwise required by applicable law. We take steps to ensure that the Personal Information that we collect about you is adequate, relevant, not excessive, and processed for the limited purposes set forth herein.

2. INFORMATION WE COLLECT

As explained in more detail below, we may collect, store, and process Personal Information to the extent permitted by law in relevant jurisdictions.

2.1 OPERATIVE WEBSITE AND EVENTS

Information You Provide to Operative

We may collect your Personal Information in the following situations:

• If you choose to sign up for our newsletter, or when you express an interest in receiving additional information about any of the Services, we will collect the Personal Information you voluntarily provide to us for such purposes.
• If you complete a web form, requesting that we contact you, we collect personal contact information, such as name, company name, address, job title, phone number and email address (“Contact Information”).
• If you register for, or attend an event or webinar organized or sponsored by us, we will collect the information needed to register you for such event or webinar.
• Subject to your explicit consent, if you download an electronic- book, research paper or other content from our website, we may collect certain Contact Information from you so we can provide you with additional information about our Services.  
• If you choose to sign up for a giveaway contest that we sponsor, we will collect Contact Information for the purpose of carrying out the giveaway.
• If you visit our offices, we will collect some Contact Information about you for building security purposes.

Information We Automatically Collect

Through cookies and similar tracking technologies (collectively, “Cookies”), when you browse this Website or access the various Services, we collect certain information related to your device and browsing activities such as your device’s IP address, pages visited, browser language, and browser type. We use the information gathered via Cookies to provide social media features and analyze Website traffic.

We use the following Cookies on this Website: 1) Necessary Cookies, 2) Preferences Cookies, 3) Statistics Cookies, 4) Marketing Cookies and 5) Unclassified Cookies.

• Necessary Cookies are necessary for the Website to function, and do not store any Personal Information.
• Preferences Cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
• Statistics Cookies help us understand how visitors interact with the Website by collecting and reporting information anonymously (you may accept or reject Statistics Cookies with respect to use of our Website).
• Marketing Cookies are used to track visitors across websites (you may accept or reject Marketing Cookies with respect to use of our Website).
• Unclassified Cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.

In addition, we may use a third party to help us gather and analyze information about the areas visited on the Website to evaluate and improve the user experience and the Website. These third parties may use cookies and other tracking technologies. Our social media and analytics partners may combine the Website usage information collected from you with other information that they’ve collected for behavioral insights.

These include, but are not limited to, the following third-party services:

• Microsoft Clarity: We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our Site through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Site usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

• Google Analytics: To learn more about how Google uses data, visit Google’s Privacy Policy and Google’s page on “How Google uses data from sites or apps that use our services.” You may download the Google Analytics Opt-out Browser Add-on for each web browser you use, but this does not prevent the use of other analytics tools. To learn more about Google Analytics cookies, visit Google Analytics Cookie Usage on Websites.

• LinkedIn Pixels: We use LinkedIn pixels to track user activity on our Site and improve downstream offerings, including interest-based advertising for our services and those of our partners and service providers.

We will store Cookies only if they are necessary for the operation of the Website, and will only store other Cookies with your consent.

Our Website does not honor “Do Not Track” signals, but you may consult our Cookies Settings for more information about the types of Cookies we use on the Website, and to manage your use of Cookies on the Website.

2.2 OPERATIVE SERVICES

In addition to the above, we collect customer information directly from our customers to provide the Services, including Personal Information that a customer chooses to provide for the purpose of Operative providing the Services. We also may collect contact information from third-party vendors that provide contact information services.

3. HOW WE USE INFORMATION WE COLLECT

We will use the information we collect for the purposes described in this Section 3. If we collect your Personal Information, we will process it only to the extent necessary for our legitimate interests and only for the purposes for which the Personal Information was provided, including to:

• Administer, monitor and improve the experience of the Website.
• Conduct direct marketing practices via marketing communications and assist with our promotional and marketing efforts.
• Ensure the security of the Website or the Services by tracking their use, creating aggregated non-personal data, investigating suspicious activity and enforcing our terms and policies.
• Manage customer relationships.
• Perform the services requested. For example, if you sign up for our newsletter or interact with this Website, we may use the Contact Information you provided to send you a newsletter or email communications. We may also use your Contact Information to send you information about Operative’s products, events and Services.
• Provide the Services to which you licensed or subscribed. In this respect, when a customer chooses to provide Personal Information via the Services to Operative, we will process that data in accordance with the customer’s instructions and applicable law.
• Comply with legal obligations and to cooperate with public and government authorities, courts and regulators in accordance with applicable laws to the extent that doing so requires the processing of Personal Information.
• Comply with judicial proceedings, court orders, respond to lawful requests and for auditing purposes.
• Aggregate and anonymize (de-identify) Personal Information that does not identify you or any other specific individual.

4. SHARING OF INFORMATION COLLECTED

We may share the information we collect as follows:

• With our social media and analytics partners, who may combine the Website usage information collected from you with other information that they’ve collected for behavioral insights.
• With our affiliates and subsidiaries, which include entities controlling, controlled by, or under common control with Operative.
• With authorized third-party subcontractors, vendors, service providers, agents, contractors, or others (collectively “Vendors”) who perform functions for Operative or on our behalf, as necessary for them to properly perform the requested services. For example, we may contract with Vendors to provide certain services to assist in the development and improvement of the Website and Services, such as hosting and maintenance services, data storage and management and marketing and promotional activities. A list of our current Vendors who may process your Personal Information (“Subprocessors”) is available here.
• With Vendors, who assist with customer management, and in the management of events sponsored or organized by Operative.
• As necessary to comply with applicable legal obligations, including requests from law enforcement or other governmental entities.
• In the event Operative is merged, acquired, or sold, or in the event of a transfer of some or all of our assets, as necessary in connection with such transaction.

Please note that in some of the circumstances above, we may share aggregated and anonymized (de-identified) Personal Information that does not identify you or any other specific individual.

5. SECURITY OF YOUR PERSONAL INFORMATION

Operative recognizes the importance of safeguarding your Personal Information. Accordingly, we use security technologies and procedures to help protect your Personal Information from unauthorized access, use or disclosure. However, by providing us with Personal Information you acknowledge that no data transmission over the internet or other network is guaranteed to be fully secure. As a result, any Personal Information you provide to us is provided at your own risk.

To learn more about measures Operative takes to safeguard your Personal Information, please see Operative’s Security Policy.

6. YOUR PRIVACY RIGHTS

Depending on where you live, you may have the following rights with respect to your Personal Information under applicable data protection laws:

• Access – The right to request access to and obtain a copy of any Personal Information we may have about you.

• Deletion – The right to delete your Personal Information that we have collected or obtained, subject to certain exceptions.

• Correction – The right to request that we correct any inaccuracies in your Personal Information, subject to certain exceptions.

• Opt Out of Certain Processing – The right to: (a) opt out of the processing of your Personal Information for purposes of targeted advertising, (b) opt out of the sale or sharing of your Personal Information; (c) limit the use of your sensitive Personal Information (if applicable), and (c) opt out of profiling in furtherance of decisions that produce legal or similarly significant effects.

• Objection/Restriction of Processing – The right to object or restrict us from processing your Personal Information in certain circumstances.

• Withdraw Consent – The right to withdraw your consent where we are relying on your consent to process your Personal Information.

• Automated Decision-Making – The right to know when you are subject to automated decision-making, the Personal Information used to render the decision, the principal factors and parameters involved in the decision, and human review or correction of the decision (or its underlying data, where appropriate). You may also have the right to consent or opt out of this automated decision-making, depending on your location.

• Lodge a Complaint ­– The right to lodge a complaint with a supervisory authority or other regulatory agency if you believe we have violated any of the rights afforded to you under applicable data protection laws. We encourage you to first reach out to us so we have an opportunity to address your concerns directly before you do so.

To exercise any of the privacy rights afforded to you under applicable data protection laws submit a request through our Web Form.

You will not be discriminated against in any way by virtue of your exercise of the rights listed in this Notice. However, should you withdraw your consent or object to processing of your Personal Information, or if you choose not to provide certain Personal Information, we may be unable to provide some, or all, of our Services to you.

Only you, or an authorized agent that you authorize to act on your behalf, may make a request related to your Personal Information. We must verify your identity before fulfilling your requests, and if we cannot verify your identity, we may request additional information from you. If you are an authorized agent making a request on behalf of another person, we will also need to verify your identity, which may require proof of your written authorization or evidence of a power of attorney. We endeavor to respond to requests within the time period required by applicable law. If we require more time, we will inform you of the reason and extension period in writing.

We do not charge a fee to process or respond to your requests unless they are excessive or repetitive. If we determine that a request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. We may deny certain requests, or only fulfill some in part, as permitted or required by law. If you are not satisfied with the resolution of your request and you are afforded a right to appeal such decision, you will be notified of our appeal process in our response to your request.

7. THE GENERAL DATA PROTECTION REGULATION

In the event we collect Personal Data (as defined in the General Data Protection Regulation (the “GDPR”)) that is subject to the GDPR, this Section 7 will apply. Personal Data will be subject to the GDPR if it relates to a Data Subject (as defined in GDPR) located in the European Union (the “EU”). Terms in this section are meant to be understood in a manner consistent with the GDPR. Such terms may have a different definition or meaning in other portions of this Privacy Policy, as GDPR may not apply to those sections.

For our customers located in the EU or European Economic Area (the “EEA”), Operative will always be considered the Processor, and those customers will always be considered the Controller.

If you, as our customer, are required under the GDPR or any applicable EU legislation to enter into a contract with your data processors, you are requested to contact your Operative business contact, and we will send you a copy of our Data Processing Addendum.

7.1 LEGAL BASIS FOR PROCESSING

We Process your Personal Data with your consent (where required by law), or pursuant to another authorized legal basis, including but not limited to the performance of a contract or for a legitimate interest. You have the right to withdraw your consent at any time by submitting your request here. The Personal Data collected by Operative originates from the sources referenced in this Privacy Policy and is Processed for the legitimate interests set forth in Sections 3 and 4 of this Privacy Policy.

Operative will not disclose Personal Data to a third party except as described in this Privacy Policy. Operative may disclose Personal Data to Vendors or other third parties for legitimate, business purposes reasonably anticipated by Data Subjects, including, administration of the Services; research and analysis and the provisioning of information, updates and other materials generally provided by Operative from time to time.

Before disclosing Personal Data to a Vendor or other third-party agents, Operative will obtain contractual assurances from the Vendor that it will: (i) transfer Personal Data only for stated limited and specified purposes; (ii) provide at least the same level of privacy protection as is required by this Privacy Policy and the terms described in applicable contractual agreements; (iii) take reasonable and appropriate steps to ensure that its Vendors and other third-party agents effectively process Personal Data in a manner consistent with their obligations under the GDPR; (iv) require its Vendors and other third-party agents to notify them if such Vendors or third-party agents make a determination that they can no longer meet their obligations to provide protections required by the GDPR; (v) as necessary, take reasonable and appropriate steps to stop and remediate unauthorized Processing; (vi) provide a summary or a representative copy of the relevant privacy provisions of contracts with its Vendors and other third-party agents to the Supervisory Authorities (as defined in GDPR) upon request and (vii) respond to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements, or in the event of a merger or acquisition.

7.2 DATA INTEGRITY

Operative is responsible for ensuring that: (i) when Operative is the Controller, the Personal Data collected is accurate, complete, current and reliable for its intended uses and (ii) Personal Data is retained only for as long as is necessary to accomplish the legitimate business purposes disclosed to you and for any compatible purposes. We will cooperate with reasonable requests, and in accordance with applicable law for assistance in meeting these obligations.

7.3 INTERNATIONAL TRANSFER OF INFORMATION

Operative has global operations. Therefore, we may transfer and access Personal Information from around the world. To the extent any Personal Data of individuals based in the EU/EEA is provided by you or by a customer to any of Operative’s entities based in the EU and transferred to any of Operative’s entities outside of the EU/EEA or to any other recipient outside the EU/EEA, we will conduct the transfer in compliance with the GDPR by ensuring that an adequate level of protection is given to that Personal Data and that adequate technological and organizational safeguards are in place to protect the same. As an example, the Operative entities have entered into the EU Standard Contractual Clauses with one another and ensure that any Vendors that process Personal Data of EU/EEA individuals on Operative’s behalf adhere to one of the required methods for meeting the adequate protections under the GDPR.

8. THE CALIFORNIA CONSUMER PRIVACY ACT

In the event we collect Personal Information that is subject to the CCPA in our capacity as a “business” covered by the CCPA, this Section 8 will apply with the exception of Personal Information collected from employees and job candidates which is separately addressed in Operative’s Employee Privacy Policy and Candidate Privacy Policy. Terms in this section are meant to be understood in a manner consistent with the CCPA; such terms may have different definitions or meanings in other portions of this Privacy Policy, as the CCPA may not apply to those sections. When you exercise your rights under the CCPA, including requests to access, correct, or delete Personal Information, we have an obligation to verify your identity by matching the identifying information provided by you to the Personal Information maintained by Operative.

8.1 PERSONAL INFORMATION WE COLLECT

The CCPA requires that we detail the categories of Personal Information that we collect. We collect the following categories of Personal Information:

• Identifiers – Identifiers we may collect include, but are not limited to:
• Personal contact details such as real name, alias/nickname, postal addresses, unique personal identifiers, online identifiers, email address, phone number, company or account name, address and job title.
• Personal information categories listed in the California Customer Records statute – Personal information categories listed in the California Customer Records statute we may collect include, but are not limited to: Name, mobile telephone number, employment, credit card number, debit card number, or any other financial information.
• Commercial Information – Commercial Information we may collect includes but is not limited to: Records of products or services purchased, obtained or considered or other purchasing or consuming histories or tendencies.
• Internet or other similar network activity – Internet or other similar network activity information we may collect includes but is not limited to: Information such as your device’s IP address, Cookie information, pages visited, browser language, and browser type. We use the information gathered via Cookies to analyze Website traffic and marketing program performance. Information collected from third parties to help us gather and analyze information about the areas visited on the Website to evaluate and improve the user experience and the Website. These third parties may use cookies and other tracking technologies.
• Sensitive Personal Information – Sensitive Personal Information to provide the Services (e.g., credentials such as user names and passwords).

8.2 TO WHOM WE DISCLOSE YOUR PERSONAL INFORMATION

Operative shares Personal Information as necessary for certain business purposes. This includes sharing Personal Information with Service Providers for hosting and maintenance services; customer relationship management; data management and storage, as well as marketing and promotional efforts. In addition, Operative shares Personal Information as described in Section 4 of this Privacy Policy. We do not use or disclose Sensitive Personal Information for reasons other than those set forth in the CCPA.

Operative does not sell or share (as those terms are defined in the CCPA) Personal Information in exchange for any monetary consideration.

9. DATA RETENTION

We retain Personal Information for only as long as is reasonably necessary to fulfill or in relation to the purposes for which we collected and processed such Personal Information, and as required for the purpose for which the Personal Information was provided to us, or otherwise as required by applicable laws or regulations.

We store your Personal Information for different periods of time depending on the type of Personal Information. To determine the appropriate retention period for Personal Information, we consider a variety of factors, including the nature, sensitivity, and potential risk of unauthorized disclosure or use of the Personal Information, what is necessary for the purpose of the processing and on the basis of applicable legal requirements, including relevant statutes of limitation. In some cases, information might be deleted or retained automatically based on specific retention periods while other information might be retained for a certain length of time pursuant to a contract you have with us. In addition, we might retain information for business practices based on our legitimate interest or legal purposes, such as network improvement, fraud prevention, record-keeping or enforcing our legal rights.

10. LINKS TO THIRD PARTY WEBSITES

We are not responsible for the practices employed by any websites or services linked to or from our Site, including the information or content contained within them. We encourage you to investigate and ask questions before disclosing Personal Information to third parties, since any Personal Information disclosed will be handled in accordance with the applicable third party’s privacy policy.

In some cases, we offer links to social media platforms (like Facebook, Instagram, Pinterest, X (formerly known as Twitter)) that enable you to easily connect with us or share information on social media. Any content you post via these social media pages is subject to the Terms of Use and Privacy Policies for those platforms.

11. CHILDREN

Our Website and Services are not intended to, nor do they seek to receive information from children under the age of 16.

12. CHANGES TO THIS PRIVACY POLICY

We may revise this Privacy Policy from time to time. You should visit this page periodically to review our current Privacy Policy so that you will always know what information we gather and how we may use that information. Your continued use of the Website will be subject to the terms of the then-current Privacy Policy.

13. MANAGING YOUR INFORMATION

Should you have any questions regarding this Privacy Policy or our privacy practices, please contact us at:

Alyssa Greenspan Chief Privacy Officer
Privacy@Operative.com

If you would like to exercise any of your individual privacy rights, please complete this Web Form.