Privacy Policy

Last updated: August 04, 2025

This Privacy Policy explains how Confiz Limited (“Confiz”, “we”, “our”, or “us”) collects, uses, discloses, and protects your personal data when you access or use our services, including our website www.confiz.com. It also outlines your privacy rights and how applicable laws safeguard them.

By using our services, you agree to the practices described in this Privacy Policy.

 

Interpretation and definitions

 

Interpretation

The terms defined below apply consistently throughout this Privacy Policy, regardless of whether they are used in singular or plural form.

 

Definitions

For the purposes of this Privacy Policy:

  • Account: A unique profile created to access specific features or parts of our services.
  • Business (under CCPA): Refers to Confiz Limited, the legal entity responsible for collecting and determining the purpose of personal data processing in California. ·
  • Company (also “we”, “us”, or “our”): Refers to Confiz Limited, located at 3120 139th Avenue Southeast, Suite 500, Bellevue, WA 98005. For GDPR purposes, the Company is the Data Controller.
  • Consumer (under CCPA): A California resident, as defined by the California Consumer Privacy Act.
  • Cookies: Small data files stored on your device to track and improve user experience.
  • Country: Refers to the United States (specifically Washington State).
  • Data Controller: The entity (Confiz) that determines how and why personal data is processed (under GDPR).
  • Device: Any internet-connected tool such as a smartphone, tablet, or computer used to access our services.
  • Do Not Track (DNT): A browser setting that signals your preference not to be tracked across websites.
  • Personal Data: Any information that identifies or can be linked to an individual. This includes names, identifiers, IP addresses, location data, or behavioral information, as per GDPR and CCPA.
  • Sensitive Personal Information (SPI): Under CPRA, includes precise geolocation, racial or ethnic origin, health data, and similar categories. We do not collect SPI unless explicitly required and consented.
  • Sale (under CCPA): The exchange of personal data for monetary or other valuable considerations.
  • Sharing (under CPRA): Disclosure of personal data for cross-context behavioral advertising. · Service: The Confiz website and related offerings accessible via https://www.confiz.com.
  • Service Provider: Third parties contracted by Confiz to process data on our behalf (data processors under GDPR).
  • Third-Party Social Media Service: External platforms (e.g., Google, LinkedIn, Facebook) through which users may access or register for our services.
  • Usage Data: Automatically collected data on how the service is accessed and used, such as page visits and device information.
  • You: The individual using our service or the organization on whose behalf the individual is acting. Under GDPR, this refers to the “Data Subject.”

 

Collecting and using your personal data

 

Types of data collected

 

1.Personal data

When you use our services, we may collect personal information that identifies you. This includes, but is not limited to:

  • Full name
  • Email address
  • Phone number
  • Company Name
  • Designation
  • Workplace Mailing address (city, state/province, ZIP/postal code)

You may provide this information through account registration, contact forms, subscriptions, or direct communication.

 

2.Usage data

We collect data automatically when you access our services. This may include:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent
  • Referrer URLs and clickstream data
  • Mobile identifiers and diagnostic information (when accessed via mobile)

This data helps us improve performance, enhance security, and better understand user behavior.

 

3. Data from Social Media Platform

You may register or log in to our services using your social media accounts, including:

  • Google
  • Facebook
  • Twitter (X)
  • LinkedIn
  • Microsoft
  • GitHub
  • Instagram

When you authenticate via one of these platforms, we may receive profile information associated with your account, such as:

  • Your name
  • Email address
  • Profile photo
  • Contact list or connections (if you grant permission)
  • Job title, company, or public bio (when available)

This data is used only in accordance with this Privacy Policy. You may revoke access at any time through your social platform’s settings.

 

Job Applications and Applicant Tracking

When you apply for a position through our careers page, your personal information is collected and processed using Simplicant, a third-party Applicant Tracking System (ATS). This data is used exclusively for recruitment purposes and is not shared with external parties outside the hiring process.

All applicant data is stored securely and handled in compliance with applicable privacy regulations. The collection, processing, and retention of applicant information are also governed by Simplicant’s Privacy Policy, which you can review here: Simplicant’s Privacy Policy.

 

4.Cookies and Tracking Technologies

We use cookies to enhance your browsing experience, improve site functionality, and analyze traffic. Cookies also help us remember your preferences and deliver content tailored to your interests.

Cookies may be stored in your browser for the duration of your session (Session Cookies) or remain on your device for a defined period until they expire or are deleted (Persistent Cookies).

  • To learn more about how we use these and your choices in relation to these tracking technologies, please refer to our Cookie Policy.

You’re always in control regarding what type of cookies you want to give access to. When you first visit our site, a cookie banner will appear—allowing you to accept or reject all cookies (excluding essential ones) or customize your preferences. Please note that if you continue browsing without selecting, all cookies may be activated by default. But the consent banner will appear on every page during your visit on our website, until or unless you select.

If you ever change your mind, you can revisit your cookie settings by clicking the “consent preference” icon at the bottom left of the page.

When you opt out, your preference is stored in a cookie that is specific to the web browser you are using. The opt-out cookie has an expiration date of up to five years. If you delete the cookies on your device, you need to opt out again.

 
Third-Party Cookies

Some cookies on our website are set by trusted third-party service providers. These cookies help us deliver enhanced functionality, measure website performance, analyze user behavior, and support advertising and marketing efforts.

Examples of third-party cookies may include:

  • Necessary Cookies: These cookies are essential for the website to function correctly. They enable core features such as page navigation, secure access, and fraud prevention. Without these cookies, certain services or features may not be available.
  • Analytics Cookies: These cookies collect information about how visitors interact with our website, such as which pages are visited most often and how users navigate the site. The data helps us improve site performance, usability, and content relevance.
  • Advertising Cookies: Advertising cookies are used to deliver ads that are relevant to your interests. They may also be used to measure the effectiveness of advertising campaigns and limit how often you see a particular ad.
  • Social Media Cookies: These cookies allow you to share content from our site through social media platforms (such as LinkedIn or Twitter) and may be used by those platforms to track your browsing activity when you interact with embedded content or share buttons.

Third-party cookies operate under the privacy policies of the respective providers. We encourage you to review their privacy policies for more details on how your information is used.

You may opt out of or manage third-party cookies through your browser settings or via the “consent preferences” icon on the bottom left corner of the page.

 
Use of Web Beacons and Electronic Tags

We may use web beacons (also known as tracking pixels or pixel tags) and electronic tags provided by third-party platforms such as LinkedIn, Google, Meta (Facebook), or others. These technologies help us analyze user behavior on our website, for example, understanding which pages are visited or whether our emails are opened.

Electronic tags may include JavaScript code or SDKs that collect data for analytics, advertising performance, and personalization purposes. These tools work alongside cookies to improve your user experience and provide us with insights into how our website and content are performing. You can manage your preferences regarding these technologies through our cookie banner.

Tracking Through Bots Confiz does not use automated bots, AI crawlers, or similar technologies to track, monitor, or collect personal data from users. We do not share user information with any bot-based tracking systems. Any analytics or performance monitoring is conducted through secure, lawful, and transparent methods in compliance with applicable privacy laws.

 

Use of your personal data

Confiz may use your personal data for the following purposes:

  • Service delivery and maintenance: To operate, maintain, and monitor the use of our services.
  • Account management: To manage user registrations, enable account functionality, and provide user support.
  • Contract performance: To fulfill and manage contracts for purchases, subscriptions, or other agreements.
  • Communications: To contact you via email, phone, SMS, or app notifications regarding service updates, security alerts, or transactional information.
  • Marketing and promotions: To share relevant offers, product updates, and event information, unless you opt out.
  • Request management: To respond to your inquiries, feedback, or support tickets.
  • Personalized advertising: To serve relevant content and ads based on your interests and usage, and to measure ad effectiveness.
  • Business transitions: To support business transfers such as mergers, acquisitions, or asset sales.
  • Analytics and improvement: To analyze data, identify trends, and improve services, performance, and user experience.

Consent Management and Withdrawal

Where required by law (e.g., GDPR, CPRA), we obtain your consent before collecting or processing your personal data for marketing, analytics, or cross-context advertising. You may withdraw your consent at any time by:

  • Adjusting your preferences in our Privacy Preferences Center
  • Using the “unsubscribe” link in marketing emails
  • Contacting us directly via email at marketing@confiz.com Withdrawal of consent does not affect the lawfulness of processing carried out prior to your withdrawal.

Sharing Your Personal Data

We may share your personal data under the following conditions:

  • With service providers: To facilitate analytics, advertising, communications, and other business operations.
  • During business transitions: If involved in a merger, acquisition, or asset transfer.
  • With affiliates and partners: For joint service delivery or promotional purposes, under privacy-compliant agreements.
  • With other users: If you interact in public areas or through linked social media accounts such as Google, Facebook, Twitter (X), LinkedIn, Instagram, or others.
  • With your consent: When you provide explicit permission for a specific purpose.

Behavioral Advertising and Opt-Out Rights

We use third-party tools for behavioral advertising, including:

  • Google Ads
  • Facebook/Meta Platforms
  • LinkedIn

These tools may collect your data through cookies and tracking pixels.

To opt out, you can: 

Note: These options are provided in accordance with the California Consumer Privacy Act (CCPA) and apply only to residents of California.

 

Retention of your personal data

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to comply with legal, regulatory, tax, and accounting requirements.

Marketing-related information is retained until you withdraw your consent or become inactive, while contractual and transactional records are maintained in accordance with legal and financial obligations.

Usage data may be retained for a longer period for purposes such as analytics, system security, or improving our services, unless retention is prohibited by applicable laws.

 

Transfer of your personal data

Your personal data may be transferred to and maintained on servers located outside your region. We ensure appropriate safeguards (such as standard contractual clauses) are in place to protect your data in compliance with applicable privacy laws.

 

Disclosure of your personal data

  • Legal obligations: We may disclose data to comply with legal requirements, government requests, or court orders.
  • To protect rights and safety: We may share data to protect the rights, property, and safety of users or the public.

Security of Personal Data

We use administrative, technical, and organizational safeguards to protect your personal data. However, no online transmission or storage system is fully secure. We encourage you to take steps to protect your own data.

Analytics and Advertising

We use tools such as Google Analytics to collect usage data and analyze trends. To opt out of Google Analytics, visit: https://tools.google.com/dlpage/gaoptout

We may use email platforms like Mailchimp for sending newsletters and promotional content. You may unsubscribe at any time via email footer links or by contacting us directly.

Behavioral Remarketing

We use remarketing services such as Google Ads, Facebook, Twitter (X), LinkedIn, and Instagram to display targeted ads across websites.

You can manage ad preferences and opt out using:

  • Network Advertising Initiative
  • YourOnlineChoices (EU)
  • Digital Advertising Alliance

For more about specific vendors’ practices:

 

Compliance with Global Privacy Laws

We process your personal data in accordance with applicable privacy laws, including:

  • The General Data Protection Regulation (GDPR) for individuals in the EU/EEA and UK
  • The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents

These laws provide you with rights over your personal data, and we are committed to supporting them.

 

General Data Protection Regulation (GDPR) – EU/EEA

We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and UK GDPR under the following lawful bases:

  • Consent: You have given clear permission for us to process your personal data for one or more specific purposes.
  • Contractual necessity: Processing is necessary to fulfill a contract with you or to take steps prior to entering into a contract.
  • Legal obligation: We are required to process your personal data to comply with applicable law.
  • Vital interests: Processing is necessary to protect someone’s life.
  • Public task: Processing is necessary to perform a task in the public interest or under official authority.
  • Legitimate interests: Processing is necessary for our legitimate business interests, provided these are not overridden by your rights.

Your Rights under GDPR:

As an EU or UK resident, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccuracies in your data
  • Erase your data (“right to be forgotten”)
  • Restrict processing under certain conditions
  • Object to processing based on legitimate interests or for direct marketing
  • Data portability – to receive your data in a structured, machine-readable format
  • Withdraw consent at any time for processing based on consent
  • Object to automated decision-making, including profiling, and request human intervention

Automated Decision-Making & Profiling

We may use automated tools for analytics, ad targeting, or customer segmentation. These do not produce legal effects or similarly significant impacts on individuals. Under GDPR, you may object to such processing or request human intervention by contacting us.

 

California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) – United States

If you are a California resident, your rights under the CCPA and CPRA include:

  • Right to Know: You may request details on the personal data collected, including:
  • Categories and specific pieces of personal information
  • Categories of sources
  • Purpose of collection
  • Categories of third parties with whom data is shared
  • Right to Delete: Request deletion of your personal data (subject to legal exceptions)
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out of Sale or Sharing: Direct us not to sell or share your personal data for cross-context behavioral advertising
  • Right to Limit Use of Sensitive Personal Information: Restrict use of sensitive information to essential services
  • Right to Non-Discrimination: Exercise your rights without being denied goods/services or charged different prices

Personal Data Collected:

We may collect identifiers (e.g., name, email, IP), internet activity (e.g., pages viewed), and other data as detailed in this policy.

Sources: Data is collected directly from users, automatically via cookies or tracking tools, and from service providers.

We do not sell personal data of consumers under 16 years of age.

To exercise your rights, including opting out of sale or sharing of data, email us at marketing@confiz.com. Only you or an authorized agent may make a verifiable consumer request

Verification Requirements:

  • Provide sufficient information to verify your identity
  • Describe your request in detail to enable accurate response

We will respond within 45 days of receiving a verifiable request. The period may be extended once for an additional 45 days with notice.

Browser and Mobile Settings: You may also limit tracking and advertising through your device or browser:

  • “Limit Ad Tracking” on iOS
  • “Opt-out of Ads Personalization” on Android

Do Not Track: Our website does not respond to browser based “Do Not Track” signals. However, you may manage your tracking preferences using third-party tools linked above.

California “Shine the Light” & Minor Privacy Rights: California residents may request information about data shared with third parties for marketing purposes. Minors under 18 may request removal of content posted publicly on our site, subject to limitations.

For all requests related to California privacy rights, contact us at marketing@confiz.com.

Your Rights Under CPRA:

Do Not Sell or Share My Personal Information.

If you are a California resident, you have the right to direct us not to sell or share your personal information for cross-context behavioral advertising. You can exercise this right by reaching out to us at marketing@confiz.com.

We do not knowingly sell or share the personal data of individuals under 16 years of age. You may also use our cookies banner to signal your preference, such as the Global Privacy Control (GPC) signal, which we honor in compliance with applicable laws.

Limiting Use of Sensitive Personal Information

We may collect Sensitive Personal Information (SPI) such as geolocation data, racial or ethnic origin, or health-related data when necessary to provide our services. You have the right to limit the use and disclosure of your SPI for purposes necessary for providing requested services. To exercise this right, contact us directly at marketing@confiz.com.

United Arab Emirates (UAE PDPL)

Confiz complies with the UAE’s Personal Data Protection Law (PDPL) by ensuring that all personal data is processed lawfully and with the consent of the data subject. We maintain safeguards for cross-border data transfers in line with UAE requirements and implement robust measures to ensure the secure collection, storage, and handling of personal information.

Saudi Arabia (PDPL)

In accordance with the Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL), Confiz processes personal data with full transparency and respect for the rights of individuals. Where applicable, we adhere to data localization requirements, ensuring that data stored or processed within the Kingdom meets legal standards. We also ensure that data subjects can exercise their rights related to access, correction, and deletion of personal data.

Costa Rica (Law No. 8968)

Confiz operates in compliance with Costa Rica’s Law No. 8968 on the Protection of Individuals Against the Processing of Their Personal Data. This includes the lawful collection of personal information, obtaining informed consent before processing, and implementing security controls to protect data from unauthorized access, alteration, or loss.

 

Children’s Privacy

Our services are not intended for children under the age of 13 (or 16 in certain jurisdictions), and we do not knowingly collect personal information from minors. If you believe that a child has provided us with personal information without parental consent, please contact us immediately so we can delete the data.

 

International Users and Data Transfers

If you are accessing our services from outside the United States, your data may be transferred to, stored, and processed in a country where data protection standards may differ. Regardless of where you are, we apply safeguards to ensure your personal data is treated with care and in accordance with applicable legal requirements.

 

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal obligations. Any changes will be posted on this page with an updated “Last Updated” date.

We encourage you to review this policy regularly. If material changes are made, we will provide additional notice (e.g., via email or prominent notice on our website).

 

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: ·