Legal

Privacy Policy

Effective Date
June 7, 2025

1. Introduction

1.1. Commitment. Segern, LLC ("Segern," "we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.segern.com), use our Digital Products (like Refold), or engage with our Advisory Services (collectively, the "Services").

1.2. Scope & Consent. Please read this Privacy Policy carefully. By accessing or using our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you consent to our collection, use, and sharing of your information as described herein, subject to applicable laws.

1.3. Relation to Terms of Service and Data Processing Addendum. Your use of our Services is also subject to our Terms of Service and, where applicable, our Data Processing Addendum (“DPA”). Any terms used in this Policy without definition have the definitions given in the Terms of Service or DPA, as applicable.

1.4. Policy Changes. We may update this Privacy Policy from time to time to reflect changes in our practices or relevant laws. We will notify you of significant changes by posting the new policy on our website and updating the "Last Updated" date. We may also provide notice through other means (like email) for material changes. Your continued use of the Services after such changes constitutes your acceptance of the new policy. We encourage you to review this policy and our Terms of Service and Data Processing Addendum periodically.

2. Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or device ("Personal Information").

2.1. Categories of Personal Information Collected. Over the past 12 months, we may have collected the following categories:

  • Identifiers: Real name, alias, postal address, unique personal identifier (e.g., user ID), online identifier (e.g., cookie ID, device ID), Internet Protocol (IP) address, email address, account name, unique passwords.
  • Contact Information: Name, address, telephone number, email address.
  • Commercial Information: Records of products or services purchased, obtained, or considered; subscription tier; engagement details; purchasing or consuming histories.
  • Internet or Other Similar Network Activity: Browsing history on our site, search history on our site, referring webpage/source, web page interactions (clicks, scrolls), statistics associated with the interaction between your device/browser and our Services.
  • Geolocation Data: General physical location derived from IP address.
  • Professional or Employment-related Information: Job title, company name, professional background (if provided, e.g., for Advisory Services or user profiles).
  • Inferences: Profiles reflecting preferences or characteristics inferred from service usage or feedback provided.
  • Payment Information: Payment card type, last 4 digits of card number, billing address, phone number, email (full card details are processed securely by our third-party payment processors; Segern does not store full card numbers).
  • User Content: Information, data, text, or other materials you provide, upload, or generate within our Services (e.g., data entered into Digital Products, materials shared for Advisory Services).

2.2. Sources of Personal Information. We obtain Personal Information from:

  • Directly from You: When you create an account, purchase Services, fill out forms, contact customer support, respond to surveys, or provide information via free-form text boxes.
  • Indirectly from You: Automatically through your interaction with our Services via cookies and similar technologies (IP address, device/browser information, usage data). If you use location-enabled services, we may receive location information.
  • Third Parties: Including Payment Processors (transaction confirmation), Analytics Providers (usage data), Connected Third-Party Services (with your permission), and Publicly Available Sources.

2.3. Sensitive Personal Information. We do not intentionally collect sensitive personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, health, medical or genetic data, sexual orientation, or trade union membership) unless it is strictly necessary for a specific Service and you have provided your explicit consent, or collection is otherwise permitted or required by law. If you submit such information unintentionally, please contact us so we may address your request. You must not provide Segern with sensitive personal data unless specifically agreed in writing and as permitted under the DPA and this Privacy Policy.

3. How We Use Your Personal Information

We use your Personal Information for specific, disclosed business purposes:

3.1. Providing, Customizing, and Improving Services. Including creating accounts, processing transactions, providing support, improving services, personalization, security, fraud prevention, and debugging.

3.2. Communication. Including communicating about accounts/transactions, responding to inquiries, sending administrative info, and sending marketing communications (with consent/opt-out).

3.3. Legal and Compliance. Including fulfilling legal obligations, enforcing terms, protecting rights/safety, and investigating issues.

3.4. AI Enhancement. We may use integrated AI services (e.g., OpenAI, Anthropic) to enhance features, support, or analyze feedback, subject to protections outlined in Section 4.2.

We will not collect additional categories or use collected Personal Information for materially different purposes without notice and consent where required.

If we ever need to process your sensitive personal data for a specific purpose, we will obtain your explicit consent in advance, unless otherwise permitted or required by law. If your use of our Services requires us to act as your data processor (for example, as business client subject to relevant data protection laws), our Data Processing Addendum applies in addition to this Privacy Policy.

4. How We Share Your Personal Information

We may disclose Personal Information to third parties for business purposes under contract, requiring confidentiality and limited use.

4.1. Categories of Third Parties Shared With.

  • Service Providers: Companies performing services on our behalf (e.g., Hosting, Payment Processing, Analytics, Communication Tools, AI Services, Automation, Fulfillment Partners if applicable, and other tools listed in the Terms of Service and subprocessor list).
  • Business Partners: Companies partnered for specific offerings (with your consent).
  • Advisors: Professional advisors (lawyers, accountants).
  • Parties You Authorize or Authenticate: Third parties you direct us to share with.
  • Legal Requirements: As required by law or to protect rights/safety.
  • Business Transfers: In connection with M&A, bankruptcy, or asset sale (with notice if policies change).

4.2. AI Service Providers. When using integrated AI services, data you input may be sent for processing under terms typically prohibiting provider viewing/training and limiting retention (~30 days). Your use implies consent.

4.3. Aggregated/De-Identified Data. We may share non-personally identifiable data for analysis or reporting.

4.4. "Sale" or "Sharing" under CCPA/CPRA. We do not sell or share your Personal Information for monetary gain, advertising, or for use by third parties outside our direct service delivery. We only disclose Personal Information to our trusted service providers or business partners as needed to deliver the Services you request, or as required by law. We do not permit our service providers to use or disclose your information for their own purposes.

We do not sell or share your Personal Information with marketers, advertisers, data brokers, or other third parties for cross-context behavioral advertising or analytics.

We may disclose your Personal Information to government, law enforcement, or other parties if (and only if) we believe, in our sole discretion, that it is required to comply with a valid legal request, law, or regulation.

We will never sell, rent, or otherwise disclose your Personal Information to any third party for their marketing, advertising, or independent commercial purposes. All disclosures of data are strictly limited to necessary service provision as described in this Policy or to comply with a valid government/legal request if we determine compliance is required.

5. Cookies and Tracking Technologies

5.1. Use. We use cookies and similar technologies (pixels, beacons) to operate/improve Services, understand usage, personalize experience, and potentially for marketing. We may supplement cookie data with info from third parties.

5.2. Types of Cookies. We may use:

  • Essential Cookies: Required for basic functionality (login, security).
  • Functional Cookies: Remember choices/settings (language, layout).
  • Performance/Analytical Cookies: Help understand usage patterns (via Google Analytics, etc.).
  • Marketing Cookies: Used by us or partners (with consent) for relevant ads.

5.3. Your Choices. You can manage cookies via your browser settings or through our on-site cookie consent tool (look for the “Cookie Preferences” link in the site footer). Industry opt-outs (DAA, NAI) are available for interest-based ads. Visit www.allaboutcookies.org for more info. We currently do not respond to “Do Not Track” signals.

6. Data Security

We implement reasonable security measures (administrative, technical, physical) to protect Personal Information. No system is 100% secure. Protect your account credentials.

Summary of Measures: We employ encryption in transit (HTTPS/TLS), access controls, secure credential storage, regular vendor security reviews (e.g., SOC2, ISO27001 where available), and restrict Personal Information access to personnel who need it to perform their job duties. For more detail, see the Data Processing Addendum’s security exhibit.

7. Data Retention

We retain Personal Information as long as necessary for the purposes collected, to provide Services, comply with legal obligations, resolve disputes, and enforce agreements. Aggregated/de-identified data may be kept indefinitely.

Upon account closure or Service termination, your Personal Information will be deleted or returned as described in the DPA and Terms of Service, unless longer retention is required by law.

8. Your Privacy Rights

Depending on your location and applicable law (e.g., GDPR, CCPA/CPRA, PDPA), you may have rights regarding your Personal Information.

8.1. Common Rights May Include:

  • Right to Access/Know: Request details and a copy of your data.
  • Right to Rectification (Correction): Request correction of inaccuracies.
  • Right to Erasure (Deletion): Request deletion, subject to exceptions.
  • Right to Restrict Processing: Request limits on processing.
  • Right to Object: Object to processing (legitimate interests, direct marketing).
  • Right to Data Portability: Request data in a portable format.
  • Right to Withdraw Consent: Withdraw consent where applicable.
  • Right to Non-Discrimination: Not be discriminated against for exercising rights.
  • Rights Related to Automated Decision-Making: If applicable.
  • Right to Limit Use and Disclosure of Sensitive Information: Where provided by law, you have the right to instruct us to limit the use and disclosure of your sensitive personal information.

8.2. Exercising Your Rights. Contact us (Section 13). We will verify your identity and respond within legally required timeframes. Authorized agents may make requests subject to verification.

8.3. Jurisdiction-Specific Information

8.3.1. European Economic Area (EEA), UK, Switzerland (GDPR). If GDPR applies, you have GDPR rights. We act as controller for data collected directly, and may act as processor for client data in SaaS; where we are your processor, our DPA applies. Lawful bases include Contract Necessity, Legitimate Interest, Consent, and Legal Obligation. You can complain to supervisory authorities. Data transfers use appropriate safeguards (see Section 9).

8.3.2. California (CCPA/CPRA). If CCPA/CPRA applies, rights include: Know/Access, Deletion, Correction, and Opt-Out of Sale/Sharing (not applicable; we do not sell or share your Personal Information). Use of certain cookies may be considered "sale/sharing" under California law. The "Shine the Light" law may also apply.

8.3.3. Other Jurisdictions. Residents elsewhere (Canada, Singapore, Brazil, etc.) may have rights under local laws (PIPEDA, PDPA, LGPD, etc.). Contact us to inquire.

If any term of this Privacy Policy conflicts with your local law or grants you fewer rights or remedies than your local regulation requires, your local rights and remedies shall prevail to the extent required by law.

9. International Data Transfers

Services operate primarily in the U.S If you are outside the U.S., your Personal Information will be transferred to/processed in the U.S and potentially other countries. Laws may differ. Your use consents to this. We use appropriate safeguards (like Standard Contractual Clauses (SCCs) and the UK Addendum) for transfers where required by laws like GDPR.

If you are a business customer requiring a data transfer agreement, you may opt into our DPA at any time by following instructions at https://www.segern.com/legal/dpa or by contacting us.

10. Children's Privacy

Services are not for children under 13 (or applicable higher age). We do not knowingly collect their data. Contact us if you believe we have, so we can delete it.

11. Third-Party Websites

This policy doesn't cover third-party sites linked from our Services. Review their policies.

12. Local Consumer and Privacy Rights

Nothing in this Privacy Policy limits or excludes any rights or remedies you may have as a consumer under the laws of your country, state, or region of residence. This includes, but is not limited to, statutory rights relating to privacy, data access, erasure, and correction, as well as product returns, cancellation, or withdrawal periods, as required by applicable law (such as EU GDPR, the UK Data Protection Act, the UK Consumer Rights Act, California CPA/CPRA, or similar laws). Where local law grants you additional rights or conflicts with this policy, those rights will prevail to the extent required by law.

13. Contact Information

If you have questions about this Privacy Policy or your rights, please contact us:

Segern Care Team

Email: [email protected]

Subject Line: Privacy Policy Question

Segern, LLC

12600 Hill Country Boulevard

Ste R-130 #5033

Austin, TX 78738

United States

Segern's Trademarks

Description

Max Logo™

Logo, Logomark. Workmark, Symbol

Max™

Platform / Application Program

Refold™

Platform / Application Program

Ritual™

Publication / Media

Reverie™

Media / Publication

Whtmód™

Apparel / Fashion + Accessories

Vale of Design™

Curation / Publication / Media

Whtmód Logo™

Logo, Logomark. Workmark, Symbol

Vale of Design Logo™

Logo, Logomark. Workmark, Symbol

Unstandard Pages™

Media / Publication

Unstandard Muse™

Media / Publication

Unstandard Logo™

Logo, Logomark. Workmark, Symbol

Stav Logo™

Logo, Logomark. Workmark, Symbol

Unstandard Audio™

Media / Publication

Unstandard™

Media / Publication

Shoppli™

Software

Stav™

Walking Stick / Accessory

Showroom™

Art / Consumer Goods

Showroom Logo™

Logo, Logomark. Workmark, Symbol

Shoppli Logo™

Logo, Logomark. Workmark, Symbol

Segern Logo™

Logo, Logomark. Workmark, Symbol

Pritonus Logo™

Logo, Logomark. Workmark, Symbol

Segern™

Creative Innovation / Product Design / Identity Design / Environmental Design etc.

Pritonus™

Art / Consumer Goods

Interfaces™

Ecommerce Platform / Design Resources

Oquis Logo™

Logo, Logomark. Workmark, Symbol

EverydayUnicorns™

Publication / Digital Platform / Media

Persona™

Apparel / Fashion + Accessories

Persona Logo™

Logo, Logomark. Workmark, Symbol

Oquis™

Ecommerce Platform

Pages™

Media / Publication

Interfaces Logo™

Logo, Logomark. Workmark, Symbol

CreativeOnset Logo™

Logo, Logomark. Workmark, Symbol

EverydayUnicorns Logo™

Logo, Logomark. Workmark, Symbol

Enclave™

Publication / Media

CreativeOnset™

Ecommerce Platform

Candrly Logo™

Logo, Logomark. Workmark, Symbol

Blkmód™

Apparel / Fashion + Accessories

Behind Castle Walls Logo™

Logo, Logomark. Workmark, Symbol

Candrly™

Platform / Application Program

Blkmód Logo™

Logo, Logomark. Workmark, Symbol

Behind Castle Walls™

Publication / Digital Platform / Consumer Goods

Company

Description

Location(s)

Cal.com, Inc.

Scheduling / Booking

United States

ViDesigns, Ltd.

Forms / Surveys

United States / Global

Zoho Corporation Pvt. Ltd.

Communication / CRM

United States / India / Global

Vercel, Inc.

CDN / Hosting

United States / Global

UserMetric

Analytics / Monitoring

United States / Global

Webstudio, Inc.

Website Hosting

United States / Global

Webflow, Inc.

Website Hosting

United States / Global

Stripe, Inc.

Payments / Billing

United States / Global

Taku

Notifications / Engagement

United States / Global

Trafft, Ltd.

Scheduling / Booking

United States / Global

Swipe One

Communication / CRM

United States / Global

SupaHub

Data / Analytics

United States / Global

SuperOkay, B.V.

Project Management

United States / Global

Sellix, S.R.L

E‑commerce

United States / Global

Slack Technologies, LLC

Communication

United States / Global

Socialscribe

Signup

United States / Global

Reoon Technologies

Email Verification

United States / Global

Pushover, LLC

Notifications

United States / Global

Polar Software, Inc.

Payments / Billing

United States / Global

OpenAI, LLC

Artificial Intelligence

United States

Plutio, Ltd.

Project Management

United States / Global

Formaloo, Inc.

Forms / Database

United States / Global

Perplexity AI, Inc.

Artificial Intelligence

United States

LogSnag

Notifications / Analytics

United States / Global

Nocode, Ltd. ("LateNode")

Automation / Integration

United States / Global

Lityx, LLC

Analytics / Data

United States / Global

Linko

Link Management

United States / Global

Heartbeat, Inc.

Community Platform

United States / Global

Linke

Link Management

United States / Global

Linear Orbit, Inc. ("Linear")

Project Management

United States / Global

Formspark

Forms

United States / Global

Helpcrunch, Inc.

Customer Messaging

United States / Global

Gumlet, Inc.

Media Optimization

United States / Global

Google, LLC

Analytics / Cloud / Email

United States / Global

Fourthwall, Inc.

Ecommerce

United States / Global

Dodo Payments, Inc.

Payments / Billing

United States / Global

Cloudflare, Inc.

CDN / Security Services

United States / Global

Apple, Inc.

Device / Platform Integration

United States / Global

Activepieces, Inc.

Automation / Integration

United States / Global

Butter, Inc.

Meeting Software

United States / Global

AI Inspire Labs, LLC ("Straico")

AI / Data Tools

United States / Global

Anthropic, PBC

Artificial Intelligence

United States

Chatbase, Inc.

Chat Support

United States

Annex I: Standard Contractual Clauses Details

Section

Information

Data exporter

Customer – contact details per account/signature page

Data importer

Segern, LLC – [email protected], 12600 Hill Country Blvd Ste R130 #5033, Austin, TX 78738, USA

Categories of Data Subjects

See Exhibit A

Categories of Personal Data

See Exhibit A

Sensitive data

Not intentionally processed. Customer must not provide such data unless Section 2.3 requirements are met.

Frequency of transfer

Continuous, as initiated by Customer

Nature & purpose

Provision of Services; maintenance; security; support

Onward transfers

Authorised Sub‑Processors in Exhibit B and Sub-processors.

Competent authority (EEA)

Irish Data Protection Commission (unless Customer is in another EU/EEA state; then that authority)

Exhibit B: Authorized Sub-Processors

For a current list of all Authorized Sub-processors, visit our Sub-processors list. This list may be updated per Section 3.2; material changes will be notified to Customer.

Exhibit A: Details of Processing

Topic

Information

Nature & Purpose

Processing Personal Data to provide, maintain, secure, and improve Services; legal and contractual compliance.

Duration

For the term of the Agreement or as required by law.

Categories of Data Subjects

Customer’s end users, employees, contractors, and users of Customer’s products/services.

Categories of Personal Data

Name, email, age, phone, payment info, general location, service usage data, IP address, device identifiers, and other Customer-provided fields.

Special Categories

Not intentionally processed. Customer must not provide without Segern’s prior written consent and DPA amendment.

Recipients & Transfers

Segern; Authorised Sub‑Processors (Exhibit B and https://www.segern.com/legal/subprocessors); as legally required.

Frequency

As initiated by Customer during Service use.

Exhibit C (Annex Il): Technical & Organisational
Security Measures

Measure Type

Details

Pseudonymization & Encryption

Personal Data is encrypted in transit (HTTPS/TLS). Encryption at rest is implemented where supported by underlying providers.

Confidentiality, Integrity, Availability, Resilience

Logical access controls, authentication, role-based authorization, logging, monitoring, secure deletion protocols, incident response plan, employee background checks and NDAs, security training, regular vulnerability scanning, patch management, annual third-party penetration tests.

Restore Availability & Access

Vendor security vetting and monitoring, review of third-party audits (SOC 2, ISO 27001, PCI DSS, etc.) as noted in Section 4.2 and summarized in the Privacy Policy.

Testing & Evaluation

ssss