Sima Labs, Inc. Privacy Policy

Effective date: September 21, 2024

This Privacy Policy is designed to help you, as a website visitor or user of our services, understand how Sima Labs, Inc. (“Sima Labs”) collects, uses, and shares your information to operate, improve, develop, and protect our services.

Introduction

Sima Labs, Inc. helps businesses align with HIPAA, SOC 2, and other compliance frameworks. Our B2B SaaS platform guides customers through compliance processes and may include audit management, virtual CISO services, and more.

About this Policy

This policy explains the data Sima Labs, Inc. collects, uses, and shares. It only applies to our services — not to third-party websites, platforms, or services. It also doesn’t apply to Sima Labs employees, contractors, or job candidates.

Data We Collect

Identifiers

Full name, business legal name, business address, email, and phone number.

Service provider authentication data

Logins or tokens (e.g. GitHub, AWS) to allow integration.

Device data

IP address, location, hardware, OS, browser data, network info, preferences, and settings.

User activity

Time spent on pages, buttons clicked, platform usage data.

Data from service providers

Identifiers and commercial info shared by your tools to help Sima Labs operate.

Derived data

Inferred info like geolocation or income estimates.

Cookies

May be collected/shared with third parties for better web experience. See the “Cookies” section below.

Social networks and other sources

Info from marketing campaigns, social platforms, referrals, or third-party datasets.

How We Use Your Data

To provide Sima Labs’ services

Communicate with you

Support and troubleshooting

Prevent fraud and verify identity

Assist legal and compliance professionals

Improve existing services

Develop new features

Respond to your support or survey requests

Keep business records

Handle referrals and audits

Conduct marketing

Notify you of new products/services

Investigate misuse

Legal purposes (e.g., claims, mergers)

Any use you authorize or consent to

How We Share Your Data

We do not sell data. We share it with third parties only as permitted:

With service providers to integrate tools like GitHub, AWS, etc.

To deliver services using cloud hosting, etc.

With auditors or consultants for your compliance process

To prevent fraud or abuse (with law enforcement, if needed)

Cookies and tracking tools for analytics and UX

To improve services (e.g. ChatGPT or analytics tools)

Anonymized or aggregated data for research and insights

Data Protection

We use encryption (in transit and at rest), access controls, monitoring, backups, and strict internal access rules to protect your data. Our third-party partners are required to meet equivalent standards.

Notes for EEA and UK End Users

We only process personal data when there’s a legal basis:

To fulfill contracts

To comply with legal obligations

For legitimate business interests

Based on your consent (which you can withdraw anytime)

Information Retention and Deletion

We retain data only as long as necessary. Periodic reviews ensure it’s still needed. Exceptions include:

Continued service delivery

Legal requirements

Preventing fraud or abuse

Support or privacy protection

If you consent to longer retention

If data is anonymized

For deletion, refer to the “How to Exercise Rights” section.

How to Exercise Rights in Your Data

You may request to:

Access your data

Learn what we’ve collected in the last 12 months

Correct or update your data

Delete or restrict your data (in some cases)

Object to processing (if legally allowed)

Withdraw consent

Get your data in a portable format

You’ll need to verify your identity. Some data may be exempt due to legal obligations. You can also file a complaint with relevant data protection authorities (e.g. ICO, EDPB, or Canada’s OPC).

Children

We don’t knowingly collect data from children under 16. If you believe a child provided info, please contact us to have it deleted.

Contacting Sima Labs, Inc.

Sima Labs, Inc.

185 Channel St., San Francisco, CA 94158

If you believe your privacy rights were violated, contact us. We will investigate and respond. You may need to verify your identity.

Policy Changes

We may update this policy. New versions will be posted at the same URL with the updated effective date.

Policy Changes

We may update this policy. New versions will be posted at the same URL with the updated effective date.

©2025 Sima Labs. All rights reserved

©2025 Sima Labs. All rights reserved

©2025 Sima Labs. All rights reserved