Privacy Policy

Privacy Policy

Last updated: 20 May 2026

1. Data Controller

The controller responsible for data processing on this website is:

Vigience, Inc.
415 Mission St, 37th Floor
San Francisco, CA 94105
United States

European contact address:
Vigience AG
Tödistrasse 48
8810 Horgen
Switzerland

Email: support@vigience.com

Representative in the European Union under Art. 27 GDPR:
A representative under Art. 27 GDPR is currently being appointed. Until appointment, please contact us at our European address or by email at support@vigience.com.

2. General Information on Data Processing

We process the personal data of our users only to the extent necessary to provide a functional website and to deliver our content and services. Processing generally takes place only with the user’s consent, or in cases where obtaining prior consent is not possible for factual reasons and processing is permitted by law.

3. Your Rights as a Data Subject

You have the following rights regarding the personal data we process about you:

• Right of access (Art. 15 GDPR)
• Right to rectification (Art. 16 GDPR)
• Right to erasure (Art. 17 GDPR)
• Right to restriction of processing (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR)
• Right to object to processing (Art. 21 GDPR)
• Right to withdraw consent with effect for the future (Art. 7 (3) GDPR)

To exercise your rights, please contact: support@vigience.com

Right to lodge a complaint with a supervisory authority: You have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data.

4. Provision of the Website and Creation of Log Files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing device:

• User’s IP address
• Date and time of access
• Page accessed
• Browser type and version
• Operating system
• Referrer URL

Legal basis: Art. 6 (1) lit. f GDPR (legitimate interest in the technically error-free provision of the website).

Storage period: The data is deleted as soon as it is no longer required for the purpose of its collection, at the latest after 7 days.

5. Cookies

Our website uses cookies. Cookies are text files stored in the user’s browser. We distinguish between:

• Technically necessary cookies (legal basis: Art. 6 (1) lit. f GDPR)
• Analytics and marketing cookies (legal basis: Art. 6 (1) lit. a GDPR — consent)

On your first visit to our website, we request your consent for non-essential cookies via our cookie consent banner. You can withdraw your consent at any time via the cookie settings on our website.

6. Contact

If you contact us by email or through a contact form, your information will be stored to process the request and in case of follow-up questions.

Legal basis: Art. 6 (1) lit. b GDPR (initiation of contract) or Art. 6 (1) lit. f GDPR (legitimate interest in responding to the inquiry).

Storage period: Until the inquiry has been resolved, but no longer than 24 months after the last contact, unless statutory retention periods require longer storage.

7. Use of Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).

Google Analytics uses cookies that enable analysis of how the website is used. The information generated by the cookie about your use of this website is generally transmitted to a Google server in the United States and stored there. We have enabled IP anonymization, so your IP address is shortened by Google within the EU/EEA beforehand.

Legal basis: Art. 6 (1) lit. a GDPR (consent via cookie banner).

Third-country transfer: Data is transferred to the United States. Google is certified under the EU-US Data Privacy Framework.

Storage period: 14 months.

You can object to data collection by Google Analytics at any time by installing the browser add-on available at: https://tools.google.com/dlpage/gaoptout

8. Use of Salesforce Pardot (Marketing Cloud Account Engagement)

This website uses Pardot (now: Marketing Cloud Account Engagement), a marketing automation platform provided by Salesforce.com, inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Pardot uses cookies and tracking pixels to record the behavior of users on our website and analyze it for marketing purposes. Information collected includes pages visited, time spent, clicks, and — for identified contacts — the attribution of this behavior to the individual.

Data processed: IP address, cookie ID, browser information, pages visited, interaction with emails (opens, clicks), and for form submissions: name, email, company, and other data voluntarily provided.

Legal basis: Art. 6 (1) lit. a GDPR (consent) or Art. 6 (1) lit. b GDPR for form submissions related to the initiation of a contract.

Third-country transfer: United States. Salesforce is certified under the EU-US Data Privacy Framework. Standard Contractual Clauses are additionally in place.

Storage period: Until consent is withdrawn, but no longer than 36 months after the last contact.

9. Embedding of Vimeo Videos

We embed videos from Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA on our website.

We use Vimeo’s privacy-friendly “Do-Not-Track” variant or the enhanced privacy embedding feature. When a page containing an embedded Vimeo video is accessed, a connection to Vimeo’s servers is established. Your IP address and possibly other browser information are transmitted to Vimeo.

Legal basis: Art. 6 (1) lit. a GDPR (consent) or Art. 6 (1) lit. f GDPR (legitimate interest in an appealing presentation of our content).

Third-country transfer: United States. Further information: https://vimeo.com/privacy

10. Use of Consensus

We use the demo platform Consensus, provided by Consensus Sales, Inc., 2600 Executive Pkwy, Suite 510, Lehi, UT 84043, USA, to offer interactive product demonstrations on our website.

When you use a Consensus demo, personal data (such as name, email, company, and interaction with the demo) is transmitted to Consensus and processed there. This data is also shared back with us so we can follow up with interested prospects.

Legal basis: Art. 6 (1) lit. a GDPR (consent through active use of the demo) or Art. 6 (1) lit. b GDPR (initiation of contract).

Third-country transfer: United States. Further information: https://www.goconsensus.com/privacy-policy/

11. Salesforce CRM (Contact Processing)

Contact inquiries, form submissions, and demo requests are processed in our CRM system Salesforce, provided by Salesforce.com, inc., Salesforce Tower, 415 Mission Street, San Francisco, CA 94105, USA.

Data processed: All data you provide to us via forms, email, or in the course of business contact (name, email, phone, company, position, communication history).

Legal basis: Art. 6 (1) lit. b GDPR (initiation and performance of a contract) or Art. 6 (1) lit. f GDPR (legitimate interest in efficient customer management).

Third-country transfer: United States. Salesforce is certified under the EU-US Data Privacy Framework.

Storage period: For the duration of the business relationship, after which data is retained in accordance with statutory retention obligations (generally up to 10 years under the German Commercial Code (HGB) and Fiscal Code (AO) for contract-relevant data).

12. Transfer of Data to Third Countries

As described in the sections above, we transfer data to the United States. From a data protection perspective, the United States is classified as a third country requiring special safeguards. We secure such transfers through:

• Certification of the respective providers under the EU-US Data Privacy Framework, where available
• Standard Contractual Clauses of the EU Commission pursuant to Art. 46 (2) lit. c GDPR
• Additional technical and organizational measures, where necessary

13. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy to ensure it always complies with current legal requirements or to reflect changes to our services in the Privacy Policy.