Operative

Operative Privacy Policy

Effective March 6, 2023

1. Introduction

SintecMedia Ltd. d/b/a Operative, SintecMedia NYC, Inc. d/b/a Operative, and our direct and indirect affiliates and subsidiaries (“Operative”, “we”, “us”, or “our”) are committed to protecting your privacy. This privacy policy (this “Privacy Policy”) applies to Operative’s Website, located at www.operative.com (the “Website”), and Operative’s related software and products, software as a service and professional services (collectively, the “Services”). This Privacy Policy aims to inform you about how we collect, use, disclose and store information about you. By using this Website and the Services, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described in this Privacy Policy, you should not use this Website. If you or your employer has a separate agreement with Operative, the terms of such agreement may supersede this Privacy Policy.

This Privacy Policy describes the categories of information that identify or may identify you as an individual (“Personal Information”) that we may collect from you, and how we may process your Personal Information, including how we use your Personal Information , how we secure your Personal Information, when we may disclose your Personal Information to third parties and when we may transfer your Personal Information outside of your home jurisdiction. We will process your Personal Information for the legitimate business purposes described herein. In addition, this Privacy Policy also describes your rights regarding the Personal Information that we hold about you, including how you may access, correct and request erasure of your Personal Information.

We will only process your Personal Information in accordance with this Privacy Policy unless otherwise required by applicable law. We take steps to ensure that the Personal Information that we collect about you is adequate, relevant, not excessive, and processed for the limited purposes set forth herein.

2. Information We Collect

As explained in more detail below, we may collect, store, and process Personal Information to the extent permitted by law in relevant jurisdictions.

2.1  Operative Website and Events

Information You Provide to Operative
We may collect your Personal Information in the following situations:

  • If you choose to sign up for our newsletter, or when you express an interest in receiving additional information about any of the Services, we will collect the Personal Information you voluntarily provide to us for such purposes.
  • If you complete a web form, requesting that we contact you, we collect personal contact information, such as name, company name, address, job title, phone number and email address (“Contact Information”).
  • If you register for, or attend an event or webinar organized or sponsored by us, we will collect the information needed to register you.
  • If you choose to sign up for a giveaway contest that we sponsor, we will collect Contact Information for the purpose of carrying out the giveaway.
  • If you visit our offices, we will collect some Contact Information about you for building security purposes.

Information We Automatically Collect
Through cookies and similar tracking technologies (collectively, “Cookies”), when you browse this Website or access the various Services, we collect certain information related to your device and browsing activities such as your device’s IP address, pages visited, browser language, and browser type. We use the information gathered via Cookies to provide social media features and analyze Website traffic.

We use the following Cookies on this Website: 1) Necessary Cookies, 2) Statistics Cookies and 3) Marketing Cookies.

  • Necessary Cookies are necessary for the Website to function, and do not store any Personal Information.
  • Statistics Cookies help us understand how visitors interact with the Website by collecting and reporting information anonymously (you may accept or reject Statistics Cookies with respect to use of our Website).
  • Marketing Cookies are used to track visitors across websites (you may accept or reject Marketing Cookies with respect to use of our Website).

In addition, we may use a third party to help us gather and analyze information about the areas visited on the Website to evaluate and improve the user experience and the Website. These third parties may use cookies and other tracking technologies.

Our Website does not honor “Do Not Track” signals, but you may consult our Cookies Settings for more information about the types of Cookies we use on the Website, and to manage your use of Cookies on the Website.

2.2  Operative Services

In addition to the above, we collect customer information directly from our customers to provide the Services, including Personal Information that a customer chooses to provide for the purpose of Operative providing the Services. We also may collect contact information from third-party vendors that provide contact information services.

3. How We Use Information We Collect

We will use the information we collect for the purposes described in this Section 3. If we collect your Personal Information, we will process it only to the extent necessary for our legitimate interests and only for the purposes for which the Personal Information was provided, including to:

  • Administer, monitor and improve the experience of the Website.
  • Conduct direct marketing practices via marketing communications and assist with our promotional and marketing efforts.
  • Ensure the security of the Website or the Services by tracking their use, creating aggregated non-personal data, investigating suspicious activity and enforcing our terms and policies.
  • Manage customer relationships.
  • Perform the services requested. For example, if you sign up for our newsletter or interact with this Website, we may use the Contact Information you provided to send you a newsletter or email communications. We may also use your Contact Information to send you information about Operative’s products, events and Services.
  • Provide the Services to which you licensed or subscribed. In this respect, when a customer chooses to provide Personal Information via the Services to Operative, we will process that data in accordance with the customer’s instructions and applicable law.
  • Comply with legal obligations and to cooperate with public and government authorities, courts and regulators in accordance with applicable laws to the extent doing so requires the processing of Personal Information.
  • Comply with judicial proceedings, court orders, respond to lawful requests and for auditing purposes.
  • Aggregate and anonymize (de-identify) Personal Information that does not identify you or any other specific individual.

4. Sharing of Information Collected

We may share the information we collect as follows:

  • With our social media and analytics partners, who may combine the Website usage information collected from you with other information that they’ve collected for use of their services.
  • With our affiliates and subsidiaries, which include entities controlling, controlled by, or under common control with Operative.
  • With authorized third-party subcontractors, vendors, service providers, agents, contractors, or others (collectively “Vendors”) who perform functions for Operative or on our behalf, as necessary for them to properly perform the requested services. For example, we may contract with Vendors to provide certain services to assist in the development and improvement of the Website and Services, such as hosting and maintenance services, data storage and management and marketing and promotional activities. A list of our current Vendors who may process your Personal Information (“Suprocessors”) is available here.
  • With Vendors, who assist with customer management, and in the management of events sponsored or organized by Operative.
  • As necessary to comply with applicable legal obligations, including requests from law enforcement or other governmental entities.
  • In the event Operative is merged, acquired, or sold, or in the event of a transfer of some or all of our assets, as necessary in connection with such transaction.

Please note that in some of the circumstances above, we may share aggregated and anonymized (de-identified) Personal Information that does not identify you or any other specific individual.

For the avoidance of doubt, we will never sell your Personal Information to any third party.

5. Security of Your Personal Information

Operative recognizes the importance of safeguarding your Personal Information. Accordingly, we use security technologies and procedures to help protect your Personal Information from unauthorized access, use or disclosure. However, by providing us with Personal Information you acknowledge that no data transmission over the internet or other network is guaranteed to be fully secure. As a result, any Personal Information you provide to us is provided at your own risk.

To learn more about measures Operative takes to safeguard your Personal Information, please see Operative’s Security Policy.

6. Your Privacy Rights

You may opt not to disclose information to us. You may, for example, accept or reject Cookies for our Website and/or Services (as applicable) as described above and in the Cookies Settings. You may also opt-out of receiving certain promotional or marketing communications from us at any time by using the unsubscribe link in the e-mail communications we send.

7. The General Data Protection Regulation

In the event we collect Personal Data (as defined in the General Data Protection Regulation (the “GDPR”)) that is subject to the GDPR, this Section 7 will apply. Personal Data will be subject to the GDPR if it relates to a Data Subject (as defined in GDPR) located in the European Union (the “EU”). Terms in this section are meant to be understood in a manner consistent with the GDPR. Such terms may have a different definition or meaning in other portions of this Privacy Policy, as GDPR may not apply to those sections.

For our customers located in the EU or European Economic Area (the “EEA”), Operative will always be considered the Processor, and those customers will always be considered the Controller.

If you, as our customer, are required under the GDPR or any applicable EU legislation to enter into a contract with your data processors, you are requested to contact your Operative business contact, and we will send you a copy of our Data Processing Addendum.

7.1  Legal Basis for Processing

We Process your Personal Data with your consent (where required by law), or pursuant to another authorized legal basis, including but not limited to the performance of a contract or for a legitimate interest. You have the right to withdraw your consent at any time by submitting your request here. The Personal Data collected by Operative originates from the sources referenced in this Privacy Policy, and is Processed for the legitimate interests set forth in Sections 3 and 4 of this Privacy Policy.

Operative will not disclose Personal Data to a third party except as stated below:

  • Operative may disclose Personal Data to Vendors or other third parties for legitimate, business purposes reasonably anticipated by Data Subjects, including, administration of the Services; research and analysis and the provisioning of information, updates and other materials generally provided by Operative from time to time.
  • Before disclosing Personal Data to a Vendor or other third-party agents, Operative will obtain contractual assurances from the Vendor that it will: (i) transfer Personal Data only for stated limited and specified purposes; (ii) provide at least the same level of privacy protection as is required by this Privacy Policy and the terms described in applicable contractual agreements; (iii) take reasonable and appropriate steps to ensure that its Vendors and other third-party agents effectively process Personal Data in a manner consistent with their obligations under the GDPR; (iv) require its Vendors and other third-party agents to notify them if such Vendors or third-party agents make a determination that they can no longer meet their obligations to provide protections required by the GDPR; (v) as necessary, take reasonable and appropriate steps to stop and remediate unauthorized Processing; (vi) provide a summary or a representative copy of the relevant privacy provisions of contracts with its Vendors and other third-party agents to the Supervisory Authorities (as defined in GDPR) upon request and (vii) respond to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements, or in the event of a merger or acquisition.

7.2  Data Integrity

Operative is responsible for ensuring that: (i) when Operative is the Controller, the Personal Data collected is accurate, complete, current and reliable for its intended uses and (ii) Personal Data is retained only for as long as is necessary to accomplish the legitimate business purposes disclosed to you and for any compatible purposes. We will cooperate with reasonable requests, and in accordance with applicable law for assistance in meeting these obligations.

7.3  Retention of Personal Data

Personal Data collected by Operative is Processed in a manner consistent with the purposes specified in this Privacy Policy. Operative will request only the minimum amount of information required to perform Services and will retain such information only for as long as necessary to provide the Services or for compatible purposes, such as to provide additional Services, to comply with legal requirements and/or to preserve or defend Operative’s lawful rights and interests.

We store your Personal Data for different periods of time depending on the type of Personal Data. To determine the appropriate retention period for Personal Data, we consider a variety of factors, including the nature, sensitivity, and potential risk of unauthorized disclosure or use of the Personal Data, what is necessary for the purpose of the Processing and on the basis of applicable legal requirements, including relevant statutes of limitation. In some cases, information might be deleted or retained automatically based on specific retention periods while other information might be retained for a certain length of time pursuant to a contract we have with you or your employer. In addition, we might retain information for business practices based on our legitimate interest or legal purposes, such as network improvement, fraud prevention, record-keeping or enforcing our legal rights.

7.4  Right of Access to your Personal Data

You have the right to access the Personal Data that Operative holds about you. If your Personal Data is inaccurate or you believe it to be Processed in violation of the GDPR, you may also request that your Personal Data be corrected, amended, or deleted.

If you would like to access, review, update, rectify, or delete any Personal Data we hold about you, or exercise any other rights available to you under the GDPR, you may complete this Web Form. Our privacy team will examine your request and respond to you as quickly as possible.

7.5  Choice

You may choose not to disclose your Personal Data to us, but please keep in mind that some Personal Data may be necessary in certain instances such as for the use of the Services, or if you wish to register for an event organized by Operative.

You may accept or reject Cookies for the Website by visiting our Cookies Settings.

You may opt-out of receiving certain marketing communications from us by using the unsubscribe link in the e-mails we send.

If you wish to limit the use or disclosure of your Personal Data, please submit your request here.

7.6  International Transfer of Information

Operative has global operations. Therefore, we may transfer and access Personal Information from around the world. To the extent any Personal Data of individuals based in the EU/EEA is provided by you or by a customer to any of Operative’s entities based in the EU and transferred to any of Operative’s entities outside of the EU/EEA or to any other recipient outside the EU/EEA, we will conduct the transfer in compliance with the GDPR by ensuring that an adequate level of protection is given to that Personal Data and that adequate technological and organizational safeguards are in place to protect the same. As an example, the Operative entities have entered into the EU Standard Contractual Clauses with one another and ensure that any Vendors that process Personal Data of EU/EEA individuals on Operative’s behalf adhere to one of the required methods for meeting the adequate protections under the GDPR.

7.7  Contact Us

If you would like to exercise information about the Personal Data we Process, or exercise any of your individual rights under the GDPR, please submit your request here.

If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Alyssa Greenspan
Chief Privacy Officer
Privacy@Operative.com

8. The California Consumer Privacy Act

Under the California Consumer Privacy Act as amended by the California Privacy Rights Act (the “CCPA”), California residents have certain rights regarding Personal Information that businesses have about them. This includes the rights to request access, correction, or deletion of your Personal Information, as well as the right to direct a business to stop selling or sharing your Personal Information (as those terms are defined in the CCPA).

In the event we collect Personal Information that is subject to the CCPA in our capacity as a “business” covered by the CCPA, this Section 8 will apply with the exception of Personal Information collected from employees and job candidates which is separately addressed in Operative’s Employee Privacy Policy and Candidate Privacy Policy. Terms in this section are meant to be understood in a manner consistent with the CCPA; such terms may have different definitions or meanings in other portions of this Privacy Policy, as the CCPA may not apply to those sections. When you exercise your rights under the CCPA, including requests to access, correct, or delete Personal Information, we have an obligation to verify your identity by matching the identifying information provided by you to the Personal Information maintained by Operative.

8.1  Personal Information We Collect

The CCPA requires that we detail the categories of Personal Information that we collect. We collect the following categories of Personal Information:

  • Identifiers
    Identifiers we may collect include, but are not limited to:

    • Personal contact details such as real name, alias/nickname, postal addresses, unique personal identifiers, online identifiers, email address, phone number, company or account name, address and job title.
  • Personal information categories listed in the California Customer Records statute
    Personal information categories listed in the California Customer Records statute we may collect include, but are not limited to:

    • Name, mobile telephone number, employment, credit card number, debit card number, or any other financial information.
  • Commercial Information
    Commercial Information we may collect includes but is not limited to:

    • Records of products or services purchased, obtained or considered or other purchasing or consuming histories or tendencies.
  • Internet or other similar network activity
    Internet or other similar network activity information we may collect includes but is not limited to:

    • Information such as your device’s IP address, Cookie information, pages visited, browser language, and browser type.
    • Information collected from third parties to help us gather and analyze information about the areas visited on the Website to evaluate and improve the user experience and the Website. These third parties may use cookies and other tracking technologies.
  • Sensitive Personal Information
    Sensitive Personal Information to provide the Services (e.g., credentials such as user names and passwords).

8.2  Why We Collect Your Personal Information

We use Identifiers and Personal Information categories listed in the California Customer Records statute, and Commercial Information to:

  • Provide the Services to which you licensed or subscribed.
  • Provide access to Operative webinars and events.
  • Conduct direct marketing practices via marketing communications and assist with our promotional and marketing efforts.
  • Send newsletters or e-mail communications.

We use Identifiers and Personal Information categories listed in the California Customer Records statute, and Internet or other similar network activity information to:

  • Administer, monitor and improve the experience of the Website.
  • Ensure the security of the Website or the Services by tracking their use, creating aggregated non-Personal Information, investigating suspicious activity and enforcing our terms and policies.

8.3  How We Collect Your Personal Information

We collect Identifiers, Personal information categories listed in the California Customer Records statute, and Commercial Information directly from our customers.

We collect Identifiers and Internet or other similar network activity automatically from your usage of the Website, and also may collect identifiers such as contact information from third-party vendors that provide contact information services.

8.4  To Whom We Disclose Your Personal Information

Operative shares Personal Information as necessary for certain business purposes. This includes sharing Personal Information with Service Providers for hosting and maintenance services; customer relationship management; data management and storage, as well as marketing and promotional efforts. In addition, Operative shares Personal Information as described in Section 4 of this Privacy Policy. We do not use or disclose Sensitive Personal Information for reasons other than those set forth in the CCPA.

Operative does not sell or share (as those terms are defined by the CCPA) Personal Information in exchange for any monetary consideration.

8.5  Right to Access or Correct

You have the right to request that Operative disclose certain information to you about our collection, use, and disclosure of your Personal Information. Below is a list of the information that you may request.

  • The categories of Personal Information that Operative has collected about you.
  • The categories of sources from which Operative has collected the Personal Information.
  • The business or commercial purpose for collecting, selling, or sharing the Personal Information.
  • The categories of third parties with whom Operative has disclosed, sold or shared the Personal Information.
  • The categories of Personal Information that Operative has disclosed, sold or shared about you for a business purpose.
  • The specific pieces of Personal Information that Operative has collected about you.

You also have the right to request that Operative correct any inaccurate Personal Information we have collected about you.

If you would like to exercise your right to access or correct, please complete this Web Form. Our privacy team will examine your request and respond to you as quickly as possible.

8.6  Right to Request Deletion

You have the right to request that Operative delete any Personal Information about you that Operative has collected from you. Please note that there are exceptions where Operative is not required to fulfill a request to delete information, such as when the deletion of information would impede compliance with a legal obligation.

If you would like to exercise your right to delete, please complete this Web Form. Our privacy team will examine your request and respond to you as quickly as possible.

8.7  Right to Appeal

You have the right to appeal a decision we make regarding a request by you to access, correct, or delete your Personal Information. Within 60 days of our receipt of such a request to appeal, we will respond with a decision inclusive of information regarding how to refer your concern to the attorney general.

If you would like to exercise your right to appeal, please complete this Web Form. Our privacy team will examine your request and respond to you as quickly as possible.

8.8  The Right to Non-Discrimination

Operative will not discriminate against you (e.g., through denying goods or services, or providing a different level of quality of goods or services) for exercising any of the rights afforded to you by the CCPA.

8.9  Contact Information

In compliance with the CCPA, we commit to resolving complaints about your privacy and our collection or use of your Personal Information. California residents with inquiries or complaints regarding this Privacy Policy or our privacy practices should contact us at:

Alyssa Greenspan
Chief Privacy Officer
Privacy@Operative.com

If you would like to exercise any of your individual privacy rights, please complete this Web Form. You may also submit individual privacy rights requests to the email listed above.

Only you, or someone legally authorized to act on your behalf (i.e., your authorized agent), may make a request related to your Personal Information. Operative may require an agent to provide verification that they are acting on your behalf when they submit a request related to your Personal Information.

All requests to access, correct, or delete (whether made by you or an authorized agent) must (i) provide sufficient information for us to reasonably verify you by providing two to three pieces of personal information which we will match with personal information we maintain in our records, and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

9. Virginia Consumer Data Protection Act

Under the Virginia Consumer Data Protection Act (“VCDPA”), Virginia residents have certain rights with respect to their Personal Information, or personal data as defined under VCDPA. In particular, Virginia residents have the right:

  • to confirm whether or not Operative is processing their personal data and to access such personal data;
  • to correct inaccuracies in their personal data, taking into account the nature of the personal data and the purposes of the processing of the personal data;
  • to delete personal data collected by Operative;
  • to obtain a copy of their personal data in a portable and, to the extent technically feasible, readily usable format that allows them to transmit the data to another controller, where Operative’s processing is carried out by automated means;
  • to opt-out of the processing of their personal data for purposes of (i) targeted advertising, (ii) the sale of personal data, or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects concerning the resident;
  • to appeal Operative’s decision with respect to a resident’s request to exercise any of these rights. Within 60 days of our receipt of such a request to appeal, we will respond with a decision inclusive of information regarding how to refer your concern to the attorney general.

In compliance with the VCDPA, we commit to resolving complaints about your privacy and our collection or use of your Personal Information. Virginia residents with inquiries or complaints regarding this Privacy Policy or our privacy practices should contact us at:

Alyssa Greenspan
Chief Privacy Officer
Privacy@Operative.com

If you would like to exercise any of your individual privacy rights, please complete this Web Form.

10. Data Retention

We retain Personal Information for only as long as is reasonably necessary to fulfill or in relation to the purposes for which we collected and processed such Personal Information, and as required for the purpose for which the Personal Information was provided to us, or otherwise as required by applicable laws or regulations.

We store your Personal Information for different periods of time depending on the type of Personal Information. To determine the appropriate retention period for Personal Information, we consider a variety of factors, including the nature, sensitivity, and potential risk of unauthorized disclosure or use of the Personal Information, what is necessary for the purpose of the processing and on the basis of applicable legal requirements, including relevant statutes of limitation. In some cases, information might be deleted or retained automatically based on specific retention periods while other information might be retained for a certain length of time pursuant to a contract you have with us. In addition, we might retain information for business practices based on our legitimate interest or legal purposes, such as network improvement, fraud prevention, record-keeping or enforcing our legal rights.

11. Children

Our Website and Services are not intended to, nor do they seek to receive information from children under the age of 16.

12. Changes to this Privacy Policy

We may revise this Privacy Policy from time to time. You should visit this page periodically to review our current Privacy Policy so that you will always know what information we gather and how we may use that information. Your continued use of the Website will be subject to the terms of the then-current Privacy Policy.

13. Managing your Information

Should you have any questions regarding this Privacy Policy or our privacy practices, please contact us at:

Alyssa Greenspan
Chief Privacy Officer
Privacy@Operative.com

If you would like to exercise any of your individual privacy rights, please complete this Web Form.

Prior Versions

Last Updated February 1, 2023