Privacy Policy
SFiCRE ("SFiCRE," "we," "us," or "our") is committed to protecting your privacy and safeguarding personal information. This Privacy Policy explains how we collect, use, disclose, retain, and protect information when you access or use our website, platforms, communications, or related services (collectively, the "Services").
This Policy is intended to comply with applicable data protection and privacy laws, including, where applicable, the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the California Consumer Privacy Act of 2018, as amended ("CCPA").
By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy.
Scope and Applicability
This Privacy Policy applies to:
- Visitors to our website
- Individuals who communicate with us electronically
- Prospective partners, collaborators, and service providers
- Any individual whose personal data is processed by SFiCRE in connection with the Services
This Policy does not apply to third-party websites, services, or platforms that may be linked from our Services. We are not responsible for the privacy practices of third parties.
Information We Collect
We collect information in a manner consistent with the principle of data minimization.
Information You Provide Directly
You may voluntarily provide personal information, including:
- Name
- Email address
- Professional or organizational affiliation
- Information submitted through contact forms, emails, or inquiries
- Any other information you choose to provide
Information Collected Automatically
When you interact with the Services, we may automatically collect certain technical and usage information, including:
- IP address (which may be truncated or anonymized)
- Browser type and version
- Operating system and device type
- Pages viewed, features accessed, and interaction events
- Referring URLs and traffic sources
- Date, time, session duration, and navigation paths
Analytics and Product Insights
We use privacy-focused analytics technologies to understand how users engage with the Services, measure performance, diagnose technical issues, and improve functionality.
These tools may process:
- Pseudonymous identifiers
- Event-based interaction data
- Aggregated usage metrics
We configure such tools to limit the collection of personal data where possible and to support consent-based controls, opt-out mechanisms, and data subject rights in accordance with applicable law.
How We Use Information
We process personal information for the following purposes:
- To operate, maintain, and improve the Services
- To respond to inquiries and communications
- To analyze usage trends and enhance user experience
- To monitor performance, reliability, and security
- To comply with legal, regulatory, and contractual obligations
- To protect against fraud, misuse, or unauthorized access
- To support internal research, planning, and development
We do not use personal information for automated decision-making or profiling that produces legal or similarly significant effects.
Legal Bases for Processing (GDPR)
Where the GDPR applies, we rely on one or more of the following lawful bases:
- Consent - where you have provided clear, affirmative consent
- Contractual Necessity - where processing is required to perform a contract or take steps at your request
- Legal Obligation - where processing is required to comply with applicable law
- Legitimate Interests - where processing is necessary for our legitimate business interests and does not override your fundamental rights and freedoms
You may withdraw consent at any time, without affecting the lawfulness of processing prior to withdrawal.
Disclosure of Information
We do not sell personal information.
We may disclose personal information in the following circumstances:
- Service Providers: to vendors that provide services such as hosting, analytics, security, or infrastructure support, subject to contractual confidentiality and data protection obligations
- Legal and Regulatory Requirements: where required by law, court order, subpoena, or regulatory authority
- Business Transactions: in connection with a merger, acquisition, restructuring, or sale of assets, subject to appropriate safeguards
- Protection of Rights: to protect the rights, property, or safety of SFiCRE or others
Data Retention
We retain personal information only for as long as reasonably necessary to fulfill the purposes described in this Policy, unless a longer retention period is required or permitted by law.
Retention periods depend on:
- The nature of the data
- The purpose for which it was collected
- Legal, regulatory, or compliance requirements
Analytics and usage data may be retained in aggregated or anonymized form for longer periods.
Cookies and Similar Technologies
We use cookies and similar technologies to:
- Enable core website functionality
- Understand usage patterns
- Improve performance and user experience
Where required by law, we provide notice and obtain consent before placing non-essential cookies. You may manage cookie preferences through browser settings or consent controls made available on the Services.
Cookie Policy and Consent Banner
SFiCRE uses essential cookies that are necessary for the site to function. We may also use non-essential, privacy-focused analytics cookies to understand usage and improve performance.
Consent Banner Copy:
"We use essential cookies and limited analytics to operate and improve this site. Under GDPR and CCPA, you can access, delete, or opt out of non-essential analytics. Click Yes to consent to non-essential cookies and analytics. Read the full Privacy Policy for details."
Your Rights
Rights Under the GDPR
If you are located in the European Economic Area or United Kingdom, you may have the right to:
- Access your personal data
- Rectify inaccurate or incomplete data
- Request erasure of your data
- Restrict or object to processing
- Request data portability
- Lodge a complaint with a supervisory authority
Rights Under the CCPA
If you are a California resident, you have the right to:
- Know the categories and specific pieces of personal information collected
- Request deletion of personal information
- Opt out of the sale or sharing of personal information (we do not sell personal information)
- Not be discriminated against for exercising your rights
Authorized agents may submit requests on your behalf where permitted by law.
Analytics Opt-Out and Preferences
Where required, users may opt out of certain analytics tracking or limit data collection through available consent tools, browser settings, or applicable platform controls. Opting out may reduce the functionality or insights available but will not prevent access to the Services.
Data Security
We implement reasonable administrative, technical, and organizational measures designed to protect personal information, including:
- Access controls
- Encryption where appropriate
- Monitoring and security testing
- Limited internal access on a need-to-know basis
No system is completely secure, and we cannot guarantee absolute security.
International Data Transfers
Personal information may be processed in jurisdictions outside your place of residence. Where required, we implement appropriate safeguards to ensure lawful cross-border data transfers, including contractual protections and recognized transfer mechanisms.
Legal Bases for Processing
Where required by law, we rely on one or more legal bases to process personal information, including consent, legitimate interests, compliance with legal obligations, and performance of a contract or pre-contractual steps. Our legitimate interests include operating, securing, and improving the Services and responding to inquiries.
Data Retention
We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, to comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary based on data type, purpose, and legal requirements.
Children's Privacy
The Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us so we can delete it.
Do Not Track
Some browsers offer “Do Not Track” signals. Because there is no uniform industry standard for these signals, we do not respond to them at this time.
Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legal requirements or our practices. Updates will be posted on this page with a revised effective date. Continued use of the Services constitutes acceptance of the updated Policy.
Contact Information
If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us at:
Email: LegalSFiCRE [at] SFiCRE [dot] com
Mail: SFiCRE - Privacy & Data Protection
Jurisdiction: United States