1. Introduction
1.1. Commitment. Segern, LLC ("Segern," "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.segern.com), use our Digital Products (like Refold), or engage with our Advisory Services (collectively, the "Services").
1.2. Scope & Consent. Please read this Privacy Policy carefully. By accessing or using our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you consent to our collection, use, and sharing of your information as described herein, subject to applicable laws.
1.3. Relation to Terms of Service and Data Processing Addendum. Your use of our Services is also subject to our Terms of Service and, where applicable, our Data Processing Addendum (“DPA”). Any terms used in this Policy without definition have the definitions given in the Terms of Service or DPA, as applicable.
1.4. Policy Changes. We may update this Privacy Policy from time to time to reflect changes in our practices or relevant laws. We will notify you of significant changes by posting the new policy on our website and updating the "Last Updated" date. We may also provide notice through other means (like email) for material changes. Your continued use of the Services after such changes constitutes your acceptance of the new policy. We encourage you to review this policy and our Terms of Service and Data Processing Addendum periodically.
2. Information We Collect
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or device ("Personal Information").
2.1. Categories of Personal Information Collected. Over the past 12 months, we may have collected the following categories:
- Identifiers: Real name, alias, postal address, unique personal identifier (e.g., user ID), online identifier (e.g., cookie ID, device ID), Internet Protocol (IP) address, email address, account name, unique passwords.
- Contact Information: Name, address, telephone number, email address.
- Commercial Information: Records of products or services purchased, obtained, or considered; subscription tier; engagement details; purchasing or consuming histories.
- Internet or Other Similar Network Activity: Browsing history on our site, search history on our site, referring webpage/source, web page interactions (clicks, scrolls), statistics associated with the interaction between your device/browser and our Services.
- Geolocation Data: General physical location derived from IP address.
- Professional or Employment-related Information: Job title, company name, professional background (if provided, e.g., for Advisory Services or user profiles).
- Inferences: Profiles reflecting preferences or characteristics inferred from service usage or feedback provided.
- Payment Information: Payment card type, last 4 digits of card number, billing address, phone number, email (full card details are processed securely by our third-party payment processors; Segern does not store full card numbers).
- User Content: Information, data, text, or other materials you provide, upload, or generate within our Services (e.g., data entered into Digital Products, materials shared for Advisory Services).
2.2. Sources of Personal Information. We obtain Personal Information from:
- Directly from You: When you create an account, purchase Services, fill out forms, contact customer support, respond to surveys, or provide information via free-form text boxes.
- Indirectly from You: Automatically through your interaction with our Services via cookies and similar technologies (IP address, device/browser information, usage data). If you use location-enabled services, we may receive location information.
- Third Parties: Including Payment Processors (transaction confirmation), Analytics Providers (usage data), Connected Third-Party Services (with your permission), and Publicly Available Sources.
2.3. Sensitive Personal Information. We do not intentionally collect sensitive personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health, medical or genetic data, sexual orientation, or trade union membership) unless it is strictly necessary for a specific Service and you have provided your explicit consent, or collection is otherwise permitted or required by law. If you submit such information unintentionally, please contact us so we may address your request. You must not provide Segern with sensitive personal data unless specifically agreed in writing and as permitted under the DPA and this Privacy Policy.
3. How We Use Your Personal Information
We use your Personal Information for specific, disclosed business purposes:
3.1. Providing, Customizing, and Improving Services. Including creating accounts, processing transactions, providing support, improving services, personalization, security, fraud prevention, and debugging.
3.2. Communication. Including communicating about accounts/transactions, responding to inquiries, sending administrative info, and sending marketing communications (with consent/opt-out).
3.3. Legal and Compliance. Including fulfilling legal obligations, enforcing terms, protecting rights/safety, and investigating issues.
3.4. AI Enhancement. We may use integrated AI services (e.g., OpenAI, Anthropic) to enhance features, support, or analyze feedback, subject to protections outlined in Section 4.2.
We will not collect additional categories or use collected Personal Information for materially different purposes without notice and consent where required.
If we ever need to process your sensitive personal data for a specific purpose, we will obtain your explicit consent in advance, unless otherwise permitted or required by law. If your use of our Services requires us to act as your data processor (for example, as business client subject to relevant data protection laws), our Data Processing Addendum applies in addition to this Privacy Policy.
4. How We Share Your Personal Information
We may disclose Personal Information to third parties for business purposes under contract, requiring confidentiality and limited use.
4.1. Categories of Third Parties Shared With.
- Service Providers: Companies performing services on our behalf (e.g., Hosting, Payment Processing, Analytics, Communication Tools, AI Services, Automation, Fulfillment Partners if applicable, and other tools listed in the Terms of Service and subprocessor list).
- Business Partners: Companies partnered for specific offerings (with your consent).
- Advisors: Professional advisors (lawyers, accountants).
- Parties You Authorize or Authenticate: Third parties you direct us to share with.
- Legal Requirements: As required by law or to protect rights/safety.
- Business Transfers: In connection with M&A, bankruptcy, or asset sale (with notice if policies change).
4.2. AI Service Providers. When using integrated AI services, data you input may be sent for processing under terms typically prohibiting provider viewing/training and limiting retention (~30 days). Your use implies consent.
4.3. Aggregated/De-Identified Data. We may share non-personally identifiable data for analysis or reporting.
4.4. "Sale" or "Sharing" under CCPA/CPRA. We do not sell or share your Personal Information for monetary gain, advertising, or for use by third parties outside our direct service delivery. We only disclose Personal Information to our trusted service providers or business partners as needed to deliver the Services you request, or as required by law. We do not permit our service providers to use or disclose your information for their own purposes.
We do not sell or share your Personal Information with marketers, advertisers, data brokers, or other third parties for cross-context behavioral advertising or analytics.
We may disclose your Personal Information to government, law enforcement, or other parties if (and only if) we believe, in our sole discretion, that it is required to comply with a valid legal request, law, or regulation.
We will never sell, rent, or otherwise disclose your Personal Information to any third party for their marketing, advertising, or independent commercial purposes. All disclosures of data are strictly limited to necessary service provision as described in this Policy or to comply with a valid government/legal request if we determine compliance is required.
5. Cookies and Tracking Technologies
5.1. Use. We use cookies and similar technologies (pixels, beacons) to operate/improve Services, understand usage, personalize experience, and potentially for marketing. We may supplement cookie data with info from third parties.
5.2. Types of Cookies. We may use:
- Essential Cookies: Required for basic functionality (login, security).
- Functional Cookies: Remember choices/settings (language, layout).
- Performance/Analytical Cookies: Help understand usage patterns (via Google Analytics, etc.).
- Marketing Cookies: Used by us or partners (with consent) for relevant ads.
5.3. Your Choices. You can manage cookies via your browser settings or through our on-site cookie consent tool (look for the “Cookie Preferences” link in the site footer). Industry opt-outs (DAA, NAI) are available for interest-based ads. Visit www.allaboutcookies.org for more info. We currently do not respond to “Do Not Track” signals.
6. Data Security
We implement reasonable security measures (administrative, technical, physical) to protect Personal Information. No system is 100% secure. Protect your account credentials.
Summary of Measures: We employ encryption in transit (HTTPS/TLS), access controls, secure credential storage, regular vendor security reviews (e.g., SOC2, ISO27001 where available), and restrict Personal Information access to personnel who need it to perform their job duties. For more detail, see the Data Processing Addendum’s security exhibit.
7. Data Retention
We retain Personal Information as long as necessary for the purposes collected, to provide Services, comply with legal obligations, resolve disputes, and enforce agreements. Aggregated/de-identified data may be kept indefinitely.
Upon account closure or Service termination, your Personal Information will be deleted or returned as described in the DPA and Terms of Service, unless longer retention is required by law.
8. Your Privacy Rights
Depending on your location and applicable law (e.g., GDPR, CCPA/CPRA, PDPA), you may have rights regarding your Personal Information.
8.1. Common Rights May Include:
- Right to Access/Know: Request details and a copy of your data.
- Right to Rectification (Correction): Request correction of inaccuracies.
- Right to Erasure (Deletion): Request deletion, subject to exceptions.
- Right to Restrict Processing: Request limits on processing.
- Right to Object: Object to processing (legitimate interests, direct marketing).
- Right to Data Portability: Request data in a portable format.
- Right to Withdraw Consent: Withdraw consent where applicable.
- Right to Non-Discrimination: Not be discriminated against for exercising rights.
- Rights Related to Automated Decision-Making: If applicable.
- Right to Limit Use and Disclosure of Sensitive Information: Where provided by law, you have the right to instruct us to limit the use and disclosure of your sensitive personal information.
8.2. Exercising Your Rights. Contact us (Section 13). We will verify your identity and respond within legally required timeframes. Authorized agents may make requests subject to verification.
8.3. Jurisdiction-Specific Information
8.3.1. European Economic Area (EEA), UK, Switzerland (GDPR). If GDPR applies, you have GDPR rights. We act as controller for data collected directly, and may act as processor for client data in SaaS; where we are your processor, our DPA applies. Lawful bases include Contract Necessity, Legitimate Interest, Consent, and Legal Obligation. You can complain to supervisory authorities. Data transfers use appropriate safeguards (see Section 9).
8.3.2. California (CCPA/CPRA). If CCPA/CPRA applies, rights include: Know/Access, Deletion, Correction, and Opt-Out of Sale/Sharing (not applicable; we do not sell or share your Personal Information). Use of certain cookies may be considered "sale/sharing" under California law. The "Shine the Light" law may also apply.
8.3.3. Other Jurisdictions. Residents elsewhere (Canada, Singapore, Brazil, etc.) may have rights under local laws (PIPEDA, PDPA, LGPD, etc.). Contact us to inquire.
If any term of this Privacy Policy conflicts with your local law or grants you fewer rights or remedies than your local regulation requires, your local rights and remedies shall prevail to the extent required by law.
9. International Data Transfers
Services operate primarily in the U.S If you are outside the U.S., your Personal Information will be transferred to/processed in the U.S and potentially other countries. Laws may differ. Your use consents to this. We use appropriate safeguards (like Standard Contractual Clauses (SCCs) and the UK Addendum) for transfers where required by laws like GDPR.
If you are a business customer requiring a data transfer agreement, you may opt into our DPA at any time by following instructions at https://www.segern.com/legal/dpa or by contacting us.
10. Children's Privacy
Services are not for children under 13 (or applicable higher age). We do not knowingly collect their data. Contact us if you believe we have, so we can delete it.
11. Third-Party Websites
This policy doesn't cover third-party sites linked from our Services. Review their policies.
12. Local Consumer and Privacy Rights
Nothing in this Privacy Policy limits or excludes any rights or remedies you may have as a consumer under the laws of your country, state, or region of residence. This includes, but is not limited to, statutory rights relating to privacy, data access, erasure, and correction, as well as product returns, cancellation, or withdrawal periods, as required by applicable law (such as EU GDPR, the UK Data Protection Act, the UK Consumer Rights Act, California CPA/CPRA, or similar laws). Where local law grants you additional rights or conflicts with this policy, those rights will prevail to the extent required by law.
13. Contact Information
If you have questions about this Privacy Policy or your rights, please contact us:
Segern Care Team
Email: [email protected]
Subject Line: Privacy Policy Question
Segern, LLC
12600 Hill Country Boulevard
Ste R-130 #5033
Austin, TX 78738
United States