Privacy Policy
Effective as of October 30, 2024
This “Privacy Policy” describes the privacy practices of Sema4.ai, Robocorp Technologies, Inc. and their subsidiaries and affiliates (collectively, “Sema4.ai”, “Robocorp”, “we”, “us”, or “our”) in connection with personal information that we collect through our websites on which a link to this Privacy Policy is displayed, any Sema4.ai applications, through our marketing initiatives, when you apply for a job with us, and in connection with other interactions with you (collectively, the “Service” or “Services”).
Please see our Privacy Snapshot below for a high-level overview of our privacy practices.
1. Personal Information We Collect
Information you provide to us. Personal information you provide to us through the Service or otherwise may include:
- Business and personal contact information, such as your first and last name, email and mailing addresses, phone number, professional title and company name.
- Content you choose to upload to the Service, such as text, images, audio, and video, along with the metadata associated with the files you upload.
- Profile information, such as your username and password that you may set to establish an online account with us, your photograph, and your company name.
- Registration information, such as information that may be related to a Service, an account, or an event you register for.
- Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us.
- Demographic information, such as your city, state, country of residence, and postal code.
- Transaction information, such as information about payments to and from you and other details of products or Services you have purchased from us.
- Usage information, such as information about how you use the Service and interact with us, including information associated with any content you upload to the websites or otherwise submit to us, and information you provide when you use any interactive features of the Service.
- Marketing information, when you register to receive marketing communications from us or otherwise provide data for marketing purposes or interact with our marketing communications, we may collect your name, email address and your preferences for receiving communications about our events and details about how you engage with our communications.
- Suppliers/partners and representatives information, such as when you enter into a supplier/partnership agreement or relationship with us or are a representative of a supplier/partner. We may collect your name, company, job role, contact information and the content of your communications with us.
- Job application information, such as when you express interest in, or apply for a job role with us through our website or otherwise. We may collect your name, contact information, job role applied for, CV / résumé information (including education and job history), job expectations, assessment results, interview notes and any other job application related information you provide to us. This may also include diversity information that you voluntarily provide. We use this information to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, to monitor recruitment statistics and to respond to surveys. We may also use this information to provide improved administration of the Service and as otherwise necessary (i) to comply with relevant laws or to respond to subpoenas or warrants served on us, (ii) to protect and defend our or others’ rights or property, (iii) in connection with a legal investigation and (iv) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy or our Terms of Use.
- Other information that you may provide to us that is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.
Information we obtain from social media platforms. We may maintain pages for our Services on third-party platforms. When you visit or interact with our pages on those platforms, the platform provider’s privacy policy will apply to your interactions and their collection, use and processing of your personal information. You or the platforms may provide us with information through the platform, and we will treat such information in accordance with this Privacy Policy.
If you choose to log into the Service via a third-party platform, or otherwise connect your account on the third-party platform to your account through the Service, we may collect information from that platform or network. For example, this information with respect to a third-party platform may include your username, user ID, profile picture, cover photo, and networks to which you belong (e.g., school, workplace). If you sign in via Google, the Terms Specific to Google User Data in Section 4 apply to you. You may also have the opportunity to provide us with additional information via the third-party platform. You can read more about your privacy choices in the “Third party platforms” portion of the “Your Choices and Rights” section below.
Information we obtain from other third parties. We may receive personal information about you from third-party sources. For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our products or services, or the types of products or services we offer. We may obtain your personal information from other third parties, such as marketing partners, publicly-available sources and data providers.
2. Cookies and Other Information Collected by Automated Means
We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Service, such as:
- Device data, including your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, Internet Protocol (IP) address, general location information such as city, state or geographic area; and
- Online activity data, including the website you visited before browsing to our website, information about your use of and actions on the Service, such as pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access. Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.
On our webpages, this information is collected using cookies, browser web storage (also known as locally stored objects, or “LSOs”), web beacons, and similar technologies, and our emails may also contain web beacons.
3. Terms Specific to Google User Data
When using our Services, you may use Google OAuth for authentication and access to certain Google services. The decision to use the Google OAuth for authentication and access to Google services is optional and fully in your control.
When you choose to connect your Google account to our Service, we may request access to certain information from your Google account. This section outlines how we access, use, store, and share Google user data:
A. Access and Use: We access and use Google user data only in response to your direct interactions with our application’s AI agents and solely for the purposes of fulfilling your specific requests. Our Service does not proactively or automatically access your Google data. Instead, it only retrieves and processes the information necessary to complete the tasks you explicitly ask our agents to perform.
i. User-Selected Large Language Model Processing:
- Our Service allows you to integrate a large language model (LLM) of your choice to process your requests and interact with your Google data.
- You are solely responsible for selecting, configuring, and controlling the LLM you choose to use with our Service.
- When you make a request, your chosen LLM may make “tool calls” to access specific parts of your Google data or services as needed to fulfill your request.
- It is your responsibility to ensure that your chosen LLM processes your data in a manner consistent with your privacy preferences and requirements.
- You are responsible for configuring your LLM to ensure that it does not retain or use your data for purposes other than fulfilling your immediate requests (e.g., for training the model).
ii. Minimal Data Access:
- Our Service employs a principle of minimal data access, meaning it only provides access to the specific data necessary to complete your requested task. For example, if you ask an agent to summarize your recent emails, only then would the application allow (using your LLM) to access your Gmail data, and only to the extent necessary to complete that specific task.
iii. Purpose Limitation:
- Our Service is designed to use your Google data only for providing the user-facing features of our Service that are prominently displayed in our Service’s user interface.
- It is your responsibility to ensure that your chosen LLM’s processing of your data is strictly limited to fulfilling your requests and does not involve any other purposes such as training the model or improving it for other users.
B. Storage: We prioritize your privacy and data security by implementing a local-only storage policy for Google user data:
i. Local Storage Only: Any Google user data retrieved based on your interactions is stored exclusively on your own device or machine. This data never leaves your local environment and is not transferred to our servers or cloud infrastructure.
ii. No Cloud Storage: We do not store any of your Google user data on our cloud servers or any other remote storage systems.
iii. Temporary Processing: When you make a request that requires access to your Google data, our application facilitates the processing of this data locally on your machine by your chosen LLM. Once the task is completed, our application is designed to discard any temporary data used for processing. You are responsible for ensuring your chosen LLM is configured according to your privacy preferences.
iv. Data Retention: Since the data remains on your device, you have full control over its retention. Our application does not maintain any persistent storage of your Google user data beyond what’s necessary for the current session or task.
v. Security Measures: While the data is stored locally on your device, our application implements industry-standard security measures to protect this data during processing. However, the overall security of this data also depends on your device’s security settings, your chosen LLM’s security features, and your own security practices.
C. Sharing: We do not share, sell, or transfer Google user data to third parties.
D. Limited or Prohibited Uses: Our use of Google user data
i. We limit our use of data to providing or improving user-facing features that are prominent in our application’s user interface
ii. We do not allow humans to read the data.
iii. We do not transfer or sell Google user data to advertising platforms, data brokers, or information resellers
iv. We do not use Google user data for serving ads, including retargeting, personalized, or interest-based advertising.
v. We do not use Google user data to determine credit-worthiness or for lending purposes.
vi. We do not use your Google data to develop, improve, or train generalized AI and/or ML models.
E. Data Handling: We adhere to secure data handling practices as required by Google for applications accessing sensitive and restricted scopes. This includes undergoing regular security assessments as mandated by Google.
4. Referrals
Users of the Service may have the opportunity to refer colleagues or other contacts to us. If you are an existing user, you may only submit a referral if you have permission to provide the referral’s contact information to us so that we may contact them.
5. How We Use Your Personal Information
We use your personal information for the following purposes and as otherwise described in this Privacy Policy or at the time of collection:
- Provide, operate and maintain the Services. It is in our legitimate business interests to use personal information to operate, maintain, and provide you with our Services, including ensuring you can use our website and also providing your affiliated company with access to the Services. If we have entered into a contract with you, we will use your personal information as required for us to perform our contractual obligations under the relevant contract.
- Provide information about our products and Services. We may send you direct marketing communications about our products, Services and events that we think may be of interest to you as permitted by law, including by email. You may opt out of our marketing communications as described in the “Opt-out of marketing” section below. Where required by law, we will only send you marketing information if you consent to us doing so at the time you provide us your personal information. Otherwise, we will only send you marketing information if it is in our legitimate business interests to send such information.
- Establish and maintain your user profile on the Services. To perform our contractual obligations to you, or when it is in our legitimate interests to do so, we will use your personal information to facilitate the creation, operation, and maintenance of your user profile as part of the Services for purposes of personalising your user experience.
- Facilitate your login to the Services via third-party identity and access management providers. It is in our legitimate business interests to use personal information to enable you to access our Services through third-party providers, increasing access options and efficiency of using the Services.
- Enable security features of the Services, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in. It is in our legitimate interests to keep our Services safe for our users.
- Facilitate social features of the Services, such as by identifying and suggesting connections with other users of the Services and providing chat or messaging functionality. It is in our legitimate interests to enable such communications to provide for the best user experience when interacting with our Services.
- Communicate with you about the Services, including by sending you announcements, updates, security alerts, and support and administrative messages. To perform our contractual obligations to you, or when it is in our legitimate interests to do so, we will use your personal information to respond to your requests, questions and feedback, and communicate with you about our Services, including by sending announcements, updates, security alerts and support and administrative messages.
- Improve, monitor, personalize, and protect our Services. It is in our legitimate business interests to improve and maintain the quality of our Services, which includes:
- understanding your needs and interests, and personalize your experience with the Services and our communications; and
- providing support and maintenance for the Services;
- For research and development. We may use personal information for research and development purposes in our legitimate business interests to analyze and improve the Services and to develop new products and Services, including by studying user demographics and use of the Services.
- For compliance and protection. We use your personal information to comply with our legal obligations and to defend us against legal claims or disputes where it is in our legitimate business interests to do so, including to:
- Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- Audit our internal processes for compliance with legal and contractual requirements and internal policies;
- Enforce the terms and conditions that govern the Services; and
- Protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
- To create anonymous, aggregated or de-identified data. It is in our legitimate business interests to create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated or de-identified data by removing information that makes the data personally identifiable to you. We may use this anonymous, aggregated or de-identified data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.
6. How We Disclose Your Personal Information
We do not disclose your personal information to third parties without your consent, except in the following circumstances or as described in this Privacy Policy:
Affiliates. We may disclose your personal information to our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
Service providers. We may disclose your personal information to third party companies and individuals that provide services on our behalf or help us operate the Services (such as customer support, hosting, analytics, email delivery, communication channels, marketing, and database management services). These third parties may use your personal information only as directed or authorized by us and in a manner consistent with this Privacy Policy, and are prohibited from using or disclosing your information for any other purpose.
Partners. We may sometimes disclose your personal information to partners or enable partners to collect information directly via our Service but only for the purposes of providing you with the Service.
Third-party platforms. If you have enabled features or functionality that connect the Services to a third-party platform (such as by logging in to the Services using your account with the third-party, providing your API key or similar access token for the Services to a third-party, or otherwise linking your account with the Service to a third-party’s services), we may disclose the personal information that you authorized us to share. Please refer to the third-party’s privacy policy for more information about how they use your personal information.
Other users of the Service and the public. We may provide functionality that enables you to disclose personal information to other users of the Services or the public. For instance, you may be able to maintain a user profile with information about yourself that you can make available to other users or the public. You may also be able to submit content to the Services (such as tutorials), and we will display your name, username, and a link to your user profile along with the content you submit and choose to make publicly available. We do not control how other users or third parties use any personal information that you make available to other users or the public.
Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
For compliance, fraud prevention and safety. We may disclose your personal information for the compliance, fraud prevention and safety purposes described above.
Business transfers. We may sell, transfer or otherwise disclose some or all of our business or assets, including your personal information, in connection with a business transaction (or potential business transaction) such as a corporate divestiture, merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy or dissolution.
7. Retention
We retain personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we use personal information and whether we can achieve those purposes through other means, any permissions you give us with regards to your personal information, and the applicable legal and regulatory requirements.
When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.
8. Cross-Border Data Transfer
We are headquartered in the United States and have service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country.
Where there are cross border transfers of your personal information we will ensure that relevant safeguards are in place to afford adequate protection for your personal information, and we will comply with applicable data protection laws, by relying on an adequacy decision by the European Commission or the UK Government, or on pre-approved contractual protections for the transfer of your personal information. For more information about how we transfer personal information internationally, please contact us as set out in the “How to Contact Us” section below.
9. Your Choices and Rights
Access or update your information. If you have registered for an account with us, you may review and update certain personal information in your account profile by logging into the account.
Opt-out of marketing communications. You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of our marketing emails, or by contacting us at [email protected]. You may continue to receive service-related and other non-marketing emails.
Limit online tracking. We may allow service providers and other third parties to use cookies and similar technologies to track your browsing activity over time and across the Service and third party websites. For more details in setting your cookie preferences, see our Cookie Policy below. Some internet browsers can be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Personal information requests. We offer you choices that affect how we handle the personal information that we control. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to personal information:
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correction. Update or correct inaccuracies in your personal information.
- Deletion. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restriction. Restrict the processing of your personal information.
- Objection. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
- Opt-out of the sharing of your personal information or use of your information for interest-based advertising. To exercise this right, you can click the “Do Not Sell or Share My Personal Information” link on the footer of our website.
- Appeal our denial of your personal information request.
You may submit these requests by email to [email protected] or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. We may ask for specific information from you to help us confirm your identity. Depending on where you reside, you may be entitled to empower an authorized agent to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.
Choosing not to disclose your personal information. Where we are required by law to collect your personal information, or where we need your personal information in order to provide the Services to you, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with our Services. We will tell you what information you must provide to receive the Services by designating it as required at the time of collection or through other appropriate means.
Third-party platforms. If you choose to connect to the Services via a third-party platform, you may have the ability to limit the information that we may obtain from the third-party at the time you login to the Services using the third-party’s authentication service or otherwise connect your account. Subsequently, you may be able to control your settings through the third-party’s platform or service. If you withdraw our ability to access certain information from a third-party platform, that choice will not apply to information that we have already received from that third-party.
10. Other sites, and services
The Services may contain links to other websites and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or online services that are not associated with us. We do not control third party websites or online services, and we are not responsible for their actions. Other websites and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites and online services you use.
11. Security practices
The security of your personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
12. Children
As a general rule, children are not allowed to use the Service, and we do not collect personal information from them. If we learn that we have collected personal information of a child without the consent of the child’s parent or guardian, we will delete it. We encourage parents with concerns to contact us.
13. Changes to this Privacy Policy
We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting it on the Service. We may, and if required by law will, also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via e-mail (if you have an account where we have your contact information) or another manner through the Service.
Any modifications to this Privacy Policy will be effective upon our posting the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.
14. How to Contact Us
Sema4.ai and Robocorp Technologies, Inc. are controllers of your personal information under this Privacy Policy. Please direct any questions or comments about this Policy or privacy practices to [email protected]. You may also write to us via postal mail at:
Sema4.ai
3340 Peachtree Rd NE, Suite 2200
Atlanta, Georgia 30326
The contact information for our representative in Europe is: Sampo Ahokas, [email protected].
Privacy Snapshot
Below is a high-level snapshot of how we collect, use, and disclose your personal information when you use the Service, but you need to read the entire Privacy Policy for complete information.
Data Categories Collected | How We Collect | Primary Purposes of Processing | Key Recipients/Disclosures | Can You Limit Sharing? |
Identifiers, such as real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name | When you visit or use our Service; from third-party sites or services; from referrals; when you apply for a job with us | To provide our Service; to improve, monitor and personalize our Service; to communicate with you, for marketing and advertising; to process your job application | Service providers | No |
Advertising partners | Yes | |||
Internet or other electronic network activity information, including but not limited to browsing history and search history | When you visit or use our Service | To provide our Service; to improve, monitor and personalize our Service; to communicate with you, for marketing and advertising | Service providers | No |
Advertising partners | Yes | |||
Characteristics of protected classifications under California or federal law | When you apply for a job with us | To process your job application | Service providers | No |
Sensitive personal information (as defined in CA Civil Code 1798.140 (ae)) | When you apply for a job with us | To process your job application | Service providers | No |
Commercial information, including but not limited to records of personal property, products or services purchased, obtained or considered | When you visit or use our Services | To provide our Services; to improve, monitor, and personalize our Service; communicate with you; for marketing and advertising | Service providers | No |
Advertising partners | Yes | |||
Personal information categories listed in the California Customer Records Statute (e.g., name, contact details) | When you visit or use our Services; from third-party sites and services; when you apply for a job with us | To provide our Service; to improve, monitor, and personalize our Services; communicate with you; for marketing and advertising; to process your job application | Service providers | No |
Advertising partners | Yes | |||
Professional or employment-related information | When you visit or use our Services; from public or third-party information sources; when you apply for a job with us | To provide our Service; to improve, monitor, and personalize our Services; to process your job application | Service providers | No |
*As described further in our Privacy Policy, we may disclose all categories of personal information with our service providers, affiliates, and professional advisors for the purposes described in the Privacy Policy. We also may disclose personal information with authorities and others for legal and compliance purposes, and with business transferees in the context of an acquisition or the sale of our business or another corporate transaction.