Table Of Content

1.  Name and Address of the Data Protection Officer

For the GDPR or other data protection laws which apply to member states of the European Union, and further provisions related to data protection, the controller is Metam Technologies Ireland.

Contact information for the data controller of all European Union member states:

• •  Address: 2 Dublin Landings, North Wall Quay, Dublin 1, D01 V4A3
  •  Email: data.controller@metam.tech
  •  Website: www.metam.tech

Contact information for the data controller of all jurisdictions outside of the European Union, including but not limited to North America and Canada, including Québec:

• •  Address: 5 Place Ville Marie, Suite 11 10, Montréal, QC H3B 2G2
  •  Website: www.metam.tech
  •  Email: data.controller@metam.tech

2.  Your rights under GDPR, Loi 25 and CCPA legislation

Many countries and regions are enacting stricter regulations to protect user privacy. This privacy statement outlines how Metam Technologies complies with these global privacy laws, including:

•  General Data Protection Regulation (GDPR): Applies to the European Union (EU) and the European Economic Area (EEA).
  •  Act Respecting the Protection of Personal Information in the Private Sector (Law 25): Applies to the province of Quebec, Canada.
  •  PIPEDA is applicable in some instances in the province Quebec, Canada and other provinces.
  •  California Consumer Privacy Act (CCPA): This applies to California residents.

Withdrawal of Consent

For all jurisdictions, if the processing of your data is based on your consent, you can withdraw that consent at any time by contacting Metam Technologies’ Data Privacy Officer. However, this will not affect data processing carried out before the withdrawal of your consent or data that has been processed based on other legal grounds.

If you are a job applicant and wish to exercise your rights concerning the erasure, rectification, or access to your data, you can do so by clicking here. For all other rights, please contact our Data Protection Officer directly at the coordinates provided in Section 1.

Below is a breakdown of each data subject’s entitlements in each region. Metam Technologies is fully committed to complying with the regulations that support the user’s privacy in each jurisdiction.

General Data Protection Regulation (GDPR) Compliance

Metam Technologies is committed to complying with the General Data Protection Regulation (GDPR), which applies to individuals residing in the European Union (EU) and the European Economic Area (EEA). Under the GDPR, individuals have the following rights:

• Right to Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You have the right to request the correction of any inaccurate or incomplete data.
• Right to Erasure: You may request the deletion of your personal data under certain conditions.
• Right to Restriction of Processing: You can request restrictions on how we process your personal data.
• Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format and transfer it to another controller.
• Right to Object: You can object to the processing of your data, including for direct marketing purposes.
• Right to Withdraw Consent: If processing is based on consent, you may withdraw your consent at any time.

If you are an EU/EEA resident and wish to exercise any of your rights under the GDPR, or if you have any questions or concerns regarding your personal data, you may contact the Data Controller using the contact details above.

Québec (Law 25) Compliance:

Metam is dedicated to complying with and supporting the provisions of Law 25. Law 25 is the Act to modernize legislative provisions regarding the protection of personal information in Québec, Canada. Under this law, individuals residing in Québec have the following rights:

• Access and Correction: You have the right to request access to the personal data we hold about you and to correct any inaccuracies.
• Deletionn: Subject to certain legal exceptions, you have the right to request the deletion of your personal data.
• Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format, and request that we transfer it to another organization.
• Consent: You may withdraw your consent to the processing of your personal data at any time, where applicable.
• Data breaches: If there is a breach of your personal data that poses a risk to your privacy, you will be notified in accordance with the requirements of Loi 25.
• File a complaint: If you are unsatisfied with Metam’s data protection practices, you retain the right to file a complaint directly with Metam, or to file a complaint with the Commission d’accès à l’information.

If you are a resident of Québec and wish to exercise any of your rights under Loi 25, or if you have any questions regarding how your data is being handled, you may contact the Data Controller directly using the contact details above.

Any data subject, including residents of Québec, can contact the data controller directly with any questions and suggestions concerning data protection.

California Consumer Privacy Act (CCPA) Compliance

As with the GDPR and Loi 25 regulations, Metam Technologies is also fully committed to supporting the CCPA. The California Consumer Privacy Act (CCPA) applies to residents of California, USA. Under the CCPA, California residents have the following rights:

• Right to Know: You have the right to know what personal information is being collected about you, including the categories of personal data, the sources, the purposes of collection, and whether your data is sold or shared.
• Right to Access: You have the right to request a copy of your personal data that we have collected.
• Right to Deletion: You have the right to request the deletion of your personal data, subject to certain exceptions.
• Right to Opt Out of Sale: You have the right to opt out of the sale of your personal data.
• Right to Non-Discrimination: You will not face discrimination for exercising your rights under the CCPA.

If you are a California resident and wish to exercise any of your rights under the CCPA, or if you have any questions about how your data is handled, you may contact the Data Controller using the contact details above.

3.  How Does Metam Technologies Protect your Personal Data?

Metam Technologies values your right to privacy and personal data protection. We aim to ensure that you feel confident that your personal data is well managed when you interact with Metam Technologies.

Metam Technologies protects your personal data in line with applicable laws and our internal data privacy policies. Additionally, we maintain appropriate technical and organizational security protocols to safeguard your personal data against unauthorized or unlawful processing, and to prevent accidental loss, alteration, disclosure, or access, as well as the accidental or unlawful destruction of or damage to your data. Metam also regularly performs third-party penetration testing to ensure robust technical defenses.

All information provided to us by a given data subject is then stored on our secure servers. All payment transactions are encrypted using SSL technology. Where we have given the data subject (or where they have chosen) a password that enables access to certain parts of our site, the data subject has the responsibility of keeping this password confidential. It is essential that you do not share a password with anyone for security reasons.

Unfortunately, the transmission of information via the Internet is not entirely secure. We will do our best to protect your personal data. However, we cannot guarantee the security of your data transmitted to our site. Any transmission of data is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorized access.

4.  Categories of Personal Data We Collect and How We Process Them

Metam Technologies collects personal data from employees, potential employees, clients and their current/former/prospective employees/directors, suppliers, business contacts, shareholders, and website users. If the data we collect is not mentioned in this privacy statement, we will notify individuals (when required by law) of what additional data will be collected and how they will be used.

The categories of personal data we collect include those described in the following sections:

Personal Details, Contact Details, and Identifiers

• Name, pronouns, and all types of identifiers and contact details, such as email, phone numbers, and physical address.
•  Occasionally, when necessary for specific demographic purposes, gender, date of birth, age, and place of birth. This collection is done solely in limited circumstances and when it is required to fulfill specific legal, contractual, or operational purposes.

Commercial Information

 History and records of the products and services you have obtained from Metam Technologies.

 Correspondence between you and us when sent to a dedicated mailbox or via other electronic communication methods (including channels supported by AI, which generate content to assist our personnel during interactions with you) for processing account receivable payments and commercial follow-ups.

Marketing and Research Information

•  Identifiers – IP address, social media handle, or other online identifiers of a person, email address/mobile number used for direct marketing, name, and address.
•  Demographic data – data such as income, family status, age bracket, gender, interests, pets, home ownership, health, current service providers.
• . Browser/web history data and preferences – Expressed through selection/viewing/purchase of goods, services, and content, including information about your mobile device (where available), such as the type of device, device identification number, and mobile operating system.
•  Social media content – Blogs, posts, and anything posted online by an individual or that references an individual.
•  Analytics and profiles –: Based on the data collected about individuals.
•  Voice-enabled services – (Speech-to-Text engines for search requests), without being recorded or stored by the mobile device.

Audiovisual Materials, Including Transcriptions

Photographs, images/footage captured or recorded on CCTV or other audio, video, and related security/monitoring systems, or captured during marketing/public filming events/sessions (including virtual or live workshops or similar events/sessions).

•  Voice search functionality, which allows voice commands to ask questions and display results (functionality enabled for mobile applications only).
•  Audio-video recording and transcription during meetings, training sessions, or other communications for quality assurance or record-keeping purposes.
• Website online chats to contact you in relation to the information requested and quality assurance.

Please be aware that it is the general practice of Metam Technologies to monitor and, in some cases, record such interactions for staff training or quality assurance purposes or to retain evidence of a particular transaction or interaction.

Your personal data will only be stored as long as necessary for its intended purpose. We will ensure timely deletion once no longer needed.

Position and Professional or Employment-Related Information

•  Professional or employment-related information, such as a description of your current position, job title, employer, location, and Metam Technologies contact(s).

System and application access data and Internet and electronic network activity information:

•  Where you are provided access to Metam Technologies’ systems, we may collect information required to access these systems and applications, such as System ID, LAN ID, email accounts, instant messaging accounts, mainframe ID, system passwords, and internet or other electronic network activity information, including access logs, activity logs, and electronic content produced using Metam’s systems.

Cookies and geolocation data:

Please see our Cookies policy for more details regarding our use of Cookies.

For Recruitment/Employment Purposes and HR Consultancy Services

• In addition, for recruitment/employment purposes and to provide assessment and through the use of HR consultancy services, Metam Technologies may process the personal information outlined in the table below.

Voluntary Data Sharing

Metam prioritizes the collection of your personal information directly from you. We may also obtain certain information regarding you from publicly available sources (such as online registers), Metam employees, contractors, board members, shareholders, Metam’s affiliates, subsidiaries, newly acquired businesses, employers of contractors, clients, public authorities, public websites, social media, previous employers, educational institutions, suppliers, vendors, and third-party data providers.

Except for certain information required by law or by Metam Technologies policies (including the management of an employment relationship with Metam Technologies), your decision to provide any personal data to us is voluntary. You will not be subject to adverse consequences if you choose not to provide your personal data.

However, please note that if you choose to not provide certain information, we may not be able to accomplish some or all of the purposes outlined in this privacy statement, and you may not be able to use certain tools and systems that require the use of such personal data.

If you provide us with the personal data of another person (for instance, a potential employee/referral), you are responsible for ensuring that the person is aware of the information contained in this privacy statement and that they have given their consent for sharing the information with Metam Technologies.

Purposes and Legal Basis for Processing Personal Data

Metam Technologies uses your personal data only for specific purposes. Below is a table detailing (i) the purposes for which Metam Technologies uses your personal data and (ii) the legal basis for each such purpose:

Where the table mentions reliance on legitimate interests, we believe these interests are not overridden by your rights, interests, or freedoms due to (i) transparency in processing activities (ii) a privacy-by-design approach (iii) regular privacy reviews, and (iv) the rights you have regarding processing. If you seek more information on this balancing approach, you can contact Metam Technologies’ Data Privacy Officer.

We do not process your data for any purposes incompatible with those stated unless required by law or in cases of vital interest, such as emergencies.

5.  Data Sharing

Your personal data may be shared with a variety of entities in the course of Metam Technologies’ business operations, including but not limited to service providers, advisors, public authorities, affiliates, or third parties. Such sharing may be necessary for providing you with services, fulfilling contractual obligations, improving our operations, or complying with legal requirements. All data sharing will be conducted under relevant privacy laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), or other applicable data protection laws.

Service Providers and Third-Party Partners

We may share your personal data with trusted third-party service providers or business partners who assist us in various business functions, including:

•  Client Services: Service providers who support us in delivering products or services to you, including IT infrastructure, customer support, payment processors, marketing platforms, and analytics providers.
•  Business Operations: Third parties that help us in performing our internal business operations such as accounting, legal services, and business consultancy.
•  Technical Support: Providers of technical services that enable us to operate and secure our digital platforms, including cloud hosting providers, cybersecurity vendors, and other IT-related services.

These third-party service providers are contractually obligated to use your personal data only to the extent necessary to perform services on our behalf and to comply with all applicable data protection laws.

These third-party service providers are contractually obligated to use your personal data only to the extent necessary to perform services on our behalf and to comply with all applicable data protection laws.

Public Authorities or Legal Obligations

In certain situations, we may be required to share your personal data with government bodies, regulatory authorities, or law enforcement agencies when required by law or to protect our legal rights. For example, we may disclose your data to:

•  Comply with legal obligations: When required by law, court order, or governmental request.
•  To protect vital interests: In situations where disclosure is necessary to protect your or another individual’s life.
•  To enforce legal rights: In the event of legal claims or disputes, we may need to share data to defend our legal rights, protect against fraud, or comply with a legal process.

Affiliates and Subsidiaries

Your data may also be shared with Metam Technologies’ affiliates, subsidiaries, or any newly acquired businesses within the Metam Technologies group for the purposes described in this privacy policy. This may include, for example, cross-border transfers of personal data between entities within the group, where necessary for operational purposes or to provide services to you.

Other Third Parties

We may also share personal data with third parties in specific business transactions such as mergers, asset sales including but not limited to the sale of one of the Metam Technologies websites, initial public offerings, acquisitions, corporate reorganizations, or in the unlikely event of a bankruptcy. If Metam Technologies is involved in such a transaction, we will take appropriate measures to ensure your personal data remains protected under applicable privacy laws.

Sensitive Data

While Metam Technologies generally avoids collecting sensitive data unless necessary, in certain circumstances we may need to process sensitive personal data (e.g., health information, racial or ethnic data, biometric data). This will be done only when:

• It is necessary for the performance of a contract, to fulfill our legal obligations, or for specific legitimate interests that do not override your rights and freedoms.
•  We have obtained your explicit consent, where required by applicable law.
• For instance, sensitive data may be collected in situations such as health-related accommodations for events, security measures involving biometric identification, or employment-related health assessments.

International Transfers and Storage of Your Data

For indviduals residing in the EU: The data which we collect from you may at times be transferred to, and stored at, a destination internationally or outside the European Economic Area (“EEA”). This data may also require processing by staff operating outside the EEA who work for one of our suppliers or us. Such staff may be engaged in the fulfillment of your order, the processing of your payment details, and the provision of support services among other things. By submitting your data, you agree to this transfer, storing, or processing. We take all steps reasonably necessary to ensure that your data is kept secure as outlined in this privacy policy.

For individuals residing in the province of Quebec: The data we collect on you may be communicated outside of the province of Quebec.

6.  Data Retention

We will only retain your personal data as long as necessary. Our data retention policies ensure that personal data is deleted according to the following criteria:

•  We retain data as long as we have an ongoing relationship with you (e.g., while your account is active or while providing services to you).
•  Data is retained as long as required to comply with global legal and contractual obligations.

For more information related to our data retention periods, please contact our Data Protection Officer.

7.  General Information

Do We Send Targeted Emails?

Yes, we send commercial emails to individuals at our client companies or other businesses with whom we aim to establish or maintain a relationship, in compliance with applicable marketing laws. Our targeted email messages often include web beacons, cookies, and similar technologies to track whether you open, read, or delete the message and monitor which links you click.

When you click a link in a marketing email from Metam Technologies, we may use cookies to log the pages you view and the content you download from our site, even if you are not registered or signed in.

These emails may also include additional data privacy information as required by law. You can manage your contact preferences at any time through the Metam Preference Center.

Do We Send Push Notifications?

If you use our mobile applications, you may receive notifications related to topics you’ve chosen to follow or information about live events. With your consent granted through app permission/settings, we may send push notifications or alerts to your mobile device even when you are not logged in. You can manage your push notification preferences or disable them by adjusting the notification settings in the app or your device settings.

Do We Maintain Customer Relationship Management (CRM) Databases?

Like most companies, Metam Technologies utilizes customer relationship management (CRM) technology to manage and track our marketing and account management efforts. Our CRM databases include the personal data of individuals from our client companies or those with whom we wish to build relationships. The personal data in our CRM may include:

• Contact information
•  Publicly available information (e.g., board memberships, published articles, press releases, relevant social media posts)
•  Responses to targeted emails (including web activity following links from our emails).
•  Website activity of registered users
•  Additional business information gathered from personal interactions with our professionals

By employing these strategies, we aim to foster meaningful connections and provide relevant information to our audience while respecting their privacy rights.

Do We Combine and Analyze Personal Data?

Yes, we may combine data from publicly available sources and various interactions with you, including information gathered through our emails, websites, and personal interactions. This includes data collected across our different websites, such as our careers and corporate sites, and information obtained when you sign up or log on to our sites or connect using your social media credentials (e.g., LinkedIn and Xing).

We combine this data to better assess your experience with Metam Technologies and to perform the activities outlined in our privacy policy. You can manage your contact, content, and data preferences at any time by contacting us directly or through the preferences in our email campaigns.

Purpose of AI Use

We employ AI tools to analyze user interactions and preferences, allowing us to tailor content more effectively to meet your needs. This may involve generating recommendations, improving user engagement, and personalizing user experiences.

8.  Contact Us

For any inquiries or concerns, please reach out to us if you:

•  Have a general question about how Metam Technologies protects your personal data.
•  Wish to exercise your rights concerning your personal data (as outlined in the sections “Which Rights Do You Have Concerning the Processing of Your Personal Data?” and “Your Rights Regarding Marketing Communications”).
•  Wish to make a complaint regarding Metam Technologies’ use of your data.

For all queries related to data control, contact us at any time (preferably electronically) at data.controller@metam.tech or by mailing a letter marked for the attention of the Data Privacy Officer to the following address: 2 Dublin Landings, North Wall Quay, Dublin 1, D01 V4A3, Ireland or A 3 Place Ville Marie, suite 400, Montréal, QC H3B 2E3. Please allow up to 5 working days upon receipt of the request for a response.