Web Privacy Policy
Introduction
We respect the importance of your Personal Data. This Web Privacy Policy (Web Privacy Policy) applies to your personal information or personal data (as such terms or similar term are defined by applicable law, Personal Data) that we collect in connection with the operation of the Atlantic Quantum website located at www.atlantic-quantum.com (the Website).
We want you to understand our Web Privacy Policy and, specifically, what Personal Data is collected in connection with the Website, how Personal Data is used, with whom Personal Data is shared, and how it is protected. We’re accountable for the protection of your Personal Data under our control and are committed to following this Web Privacy Policy and complying with applicable law. This Web Privacy Policy is not a contract between us and you.
In this Web Privacy Policy, Atlantic Quantum, we, us or our means Atlantic Quantum Corp., based in Cambridge, Massachusetts USA, and you or your means a person who accesses or uses the Website.
General
Our approach to the protection of Personal Data we collect is based on the following guiding principles:
• Lawfulness, fairness, and transparency
• Purpose limitation
• Data minimization
• Accuracy
• Storage limitation
• Integrity and confidentiality
• Accountability
Data Controller
Atlantic Quantum Corp. is, under the CCPA, the business, and under the GPDR and UK DPA, the data controller, with respect to Personal Data that is collected under this policy. If you have any questions about this Web Privacy Policy, including any requests to exercise your legal rights, please contact us at [privacy@atlantic-quantum.com].
Categories of Personal Data
Personal Data includes the following, not all of which we collect:
Identifiers. Such as a real name, alias, postal address, unique personal identifier, online identifier, IP address, MAC address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. We collect some of this type of data.
Personal information categories listed in the California Client Records statute (Cal. Civ. Code § 1798.80(e)). Such as a name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some Personal Data included in this category may overlap with other categories. We collect some of this type of data.
“Sensitive Personal Data” under the UK Data Protection Act 2018. Personal Data consisting of information as to: (a) the racial or ethnic origin of the data subject; (b) their political opinions; (c) their religious beliefs or other beliefs of a similar nature; (d) whether they are a member of a trade union; € their physical or mental health or condition; (f) their sexual life; (g) the commission or alleged commission by them of any offence; or (h) any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings. We do not knowingly collect this type of data.
“Sensitive Personal Data” under the GDPR. Data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation. We do not knowingly collect this type of data.
Protected classification characteristics under California or US federal law. Such as age, race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). We do not knowingly collect this type of data.
Commercial information. Such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. We do not knowingly collect this type of data.
Biometric information. Such as genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. We do not knowingly collect this type of data.
Network and Device Information. Such as session ID token, source and destination addressing information, IP address, MAC address, the software you are using, and related device and network information. We collect some of this type of data.
Location data. Information about your location (more specifically, the location of the device that is accessing the Website). We collect some of this type of data.
Sensory data. Audio, visual, thermal, olfactory, or similar information. We do not knowingly collect this type of data.
Inferences drawn from other Personal Data. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. We do not knowingly collect this type of data.
How do we collect Personal Data?
We may collect your Personal Data in different ways, including:
• when you access the Website;
• when you communicate with us, whether by phone, email, “contact us” forms, mail, or by any other means;
• when you sign up for any of our sweepstakes, contests, or promotions;
• when you request any demonstrations, materials, or information about us, our services, or our business;
• when you sign up for or attend any seminars, conferences, or other events we put on, sponsor, host, or attend;
• referrals; and
• through automated means such as communication protocols and cookies (for more about cookies, see below).
Using the Personal Data we collect
You agree that we can, subject to applicable law, use your Personal Data (including, as applicable, sharing relevant Personal Data with our affiliates, resellers, channel partners, service providers, and/or agents) to operate and improve the Website; respond to your requests and inquiries; conduct analysis and research; prevent fraud or misuse; protect our rights or property or the safety of you or others; and send you communications regarding events you have signed up for, information you have requested, or other requests you have made, or for reasonably relevant things we believe you might find to be of interest. We may also disclose Personal Data if we believe in good faith that we are required to do so by law, or that doing so is necessary to comply with legal process, respond to requests from law enforcement or governmental agencies, to respond to claims, or to protect our rights. We do not sell your Personal Data.
Your Personal Data is stored and processed in the countries in which we or our affiliates, resellers, channel partners, service providers/data processors, and/or agents maintain facilities. We reserve the right to transfer and store your Personal Data outside the country in which you reside.
As we continue to develop our business, we might sell or buy subsidiaries or business units. In such transactions, as well as in the event we or part of our business or assets are acquired by a third party, your Personal Data and other information will generally be one of the transferred business assets. We reserve the right to include your Personal Data and other information, collected as assets, in any such transfer to a third party. Additionally, your Personal Data and other information could be disclosed as part of a bankruptcy involving us.
Persons under 18 years of age
The Website is not directed towards persons under 18 years of age and we do not intentionally or knowingly collect Personal Data from persons under 18 years of age. In the event a person under 18 years of age accesses our Website their Personal Data could be collected. We will delete such Personal Data upon being notified.
Links to third party websites
To the extent the Website contains links to third party websites, this Web Privacy Policy does not cover how those websites collect and process Personal Data. We encourage you to read the applicable privacy policy for any third party website you visit.
Analytics
When you use the Website, we may use one or more third-party services to collect standard internet log information and details of visitor behavior patterns. We do this to find out things such as the number of visitors to the various parts of the Website. We do not make, and do not allow the operators of these services, in their capacity as our data processor, to make, any attempt to find out the identities of those visiting our website through such analytics information.
Marketing
If you requested, or opted-in to receive, marketing or other communications from us, from time-to-time we may send you information about Atlantic Quantum news, events, promotions, services, and other information. You may request us to stop contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please click the unsubscribe link in the email we sent you or send a request to [privacy@atlantic-quantum.com] asking to be unsubscribed.
Consent for Electronic Communications
We use the contact information you provide to us to communicate with you. By providing this contact information, you consent to receive such communications at such e-mail address, mailing address, and/or telephone number.
What are Cookies and how do we use them?
Cookies are pieces of information that are transferred to your computer or mobile device through a browser. For further information, visit www.allaboutcookies.org. We may use cookies to collect and store certain information. We may use both session cookies (which expire when you close your web browser) and persistent cookies (which stay on your device until you delete them).
It is possible that you may be able to access third party websites, online services, or apps from the Website. The use of cookies, web beacons, or similar technologies on such other websites, online services, or apps is subject to any applicable privacy policies that they may have, not this Web Privacy Policy.
How we treat “Do Not Track” or similar signals?
Some browsers provide you with “do not track” options. Because there is not yet a common understanding of how to interpret the “do not track” signal, we do not currently respond to the browser “do not track” signals when you access our website.
How long is the Personal Data kept?
We retain your Personal Data only for as long as is necessary to maintain records until they cannot be lawfully challenged, and legal proceedings may no longer be pursued; carry out marketing activities; comply with applicable law, regulatory requests, and relevant orders from government authorities; and fulfill any of the other purposes detailed in this Web Privacy Policy.
Do we use any service provides/data processors?
Yes, we have service providers/data processors that act on our behalf that process your Personal Data. These service providers/data processors do not have our permission to extract or use your Personal Data for other purposes.
International processing
We may share your Personal Data with Atlantic Quantum’s affiliates, resellers, channel partners, service providers/data processors, and/or agents who are located, or who process such data, outside of the US. We will take steps to ensure that your Personal Data receives an adequate level of protection in jurisdictions in which it is processed. When we share Personal Data with such third parties, we do so in a manner consistent with our privacy protocols and in compliance with applicable law.
Data security
We take commercially reasonable physical, organizational, and technical measures to protect your Personal Data in our possession. We limit access to your Personal Data to those employees, affiliates, resellers, channel partners, service providers/data processors, agents, and other third parties who have a business need to know. They are permitted to only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.
We cannot guarantee the absolute security of our database, nor can we guarantee that any information supplied will not be intercepted while being transmitted over wireless networks or the Internet. We have procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Legal basis for processing
If you are in the EU or UK, the legal basis we rely on to process your Personal Data is article 6(1)(f) of the GDPR or the UK DPA, as applicable, which allows us to process Personal Data when it is necessary for the purposes of our legitimate interests.
Data rights for EU and UK residents:
Your right of access
You have the right to ask us for copies of your Personal Data.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure
You have the right to ask us to erase your Personal Data in certain circumstances. This right enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your Personal Data to comply with applicable law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons, which will be notified to you, if applicable, at the time of your request.
Your right to restriction of processing
You have a limited right to ask us to restrict the processing of your information in certain circumstances. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) where you have contested the accuracy of your data, processing will be restricted until we have determined the accuracy of the data; (b) where you have objected to processing of your data, processing will be restricted until we have determined the outcome of your objection; (c) where our use of the data is unlawful but you want us to restrict processing rather than erasing the data; or (d) where you require data for the purpose of a legal claim, you can request restriction even when we no longer need the data. Where you have obtained restriction of processing of your data, we will inform you before lifting the restriction.
Your right to object to processing
You have the right to object to certain types of processing of your Personal Data. You have the right to object to processing of your Personal Data where the processing is carried out in connection with tasks: in the public interest; under official authority; or in the legitimate interests of others. You also have a right to object to processing of your Personal Data where the processing relates to direct marketing. Where we are using your Personal Data for the purpose of marketing something directly to you, or profiling you for direct marketing purposes, you can object at any time, and we will stop processing as soon as we receive your objection. You may also object to processing of your Personal Data for research purposes, unless the processing is necessary for the performance of a task carried out in the public interest. To object to processing, you must contact us and state the grounds for your objection. These grounds must relate to your particular situation. Where you have made a valid objection, we will cease processing your Personal Data, unless we can provide compelling legitimate reasons to continue processing your Personal Data. We can also lawfully continue to process your Personal Data if doing so is necessary for certain types of legal claims.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organization to another or give it to you. This right only applies where processing of Personal Data (supplied by you) is carried out by automated means, and where you have either consented to processing, or where processing is conducted in connection with a contract between you and us. This right only applies to the extent that it does not affect the rights and freedoms of others.
Your rights in relation to automated decision making
You have the right to not be subject to a decision based solely on automated processing. Processing is “automated” where it is carried out without human intervention and where it produces legal effects or significantly affects you. Automated processing is permitted only with your express consent, when necessary for the performance of a contract, or when authorized by the EU or Member State law.
Withdraw consent at any time when we are relying on consent to process your Personal Data
This will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain information, materials, goods, or services to you. We will advise you if this is the case at the time you withdraw your consent.
Processing Personal Data for criminal law enforcement purposes
If we are processing your Personal Data for criminal law enforcement purposes, your rights are slightly different.
Exercising your rights
Contact us at [privacy@atlantic-quantum.com] if you wish to exercise any or your rights. Be as specific as possible in relation to your request and the specific Personal Data involved. You may be asked to provide evidence of your identity. We generally have one (1) month to respond to you, but this period may be extended in certain circumstances. You are not required to pay any charge for exercising your rights, but where requests from you are considered ‘manifestly unfounded or excessive’ we may either charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested, or refuse to act on your request.
Data rights for California residents:
The California Consumer Privacy Act (CCPA) provides persons who are California residents with specific rights regarding their Personal Data. Other states may have similar requirements.
If you reside in California, you may exercise the following rights:
• A right to know about the Personal Data we have collected, used, shared, or sold about you, and why we collected, used, shared, or sold it.
• A right to delete your Personal Data collected by us (subject to certain exceptions outlined below).
• A right to receive Personal Data in a format that will allow its transfer to third parties by you.
• A right to opt-out of the “sale” of Personal Data, where a “sale” under the CCPA means “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s Personal Data to another business or a third party for monetary or other valuable consideration.” We do not sell your Personal Data.
• A right to sue for security breaches of Personal Data.
Access to specific information and data portability rights
You have the right to request that we disclose to you your Personal Data we have collected about you over the past twelve (12) months from the date of your request. Once we receive and confirm your request, we will disclose to you, as applicable:
• The categories of Personal Data we collected about you.
• The categories of sources for the Personal Data we collected about you.
• Our business and commercial purposes for collecting that Personal Data.
• The categories of third parties with whom we shared that Personal Data.
• The specific pieces of Personal Data we collected about you.
• If we “sold” or disclosed your Personal Data for a business purpose, up to two separate lists disclosing: 1) If we “sold” your Personal Data, identifying the Personal Data categories that each category of recipient “purchased”; and 2) If we disclosed your Personal Data for a business purpose, identifying the Personal Data categories that each category of recipient obtained.
• That we have not “sold” any of your Personal Data.
Deletion request rights
You have the right to request that we delete any of Personal Data that we collected from you and retained, subject to certain Exceptions (as listed below). Once we receive and confirm your request, we will delete your Personal Data from our records except to the extent an Exception applies.
We may deny a deletion request if retaining the information is necessary for us or our service provider(s) for the following Exceptions:
• to complete the transaction for which we collected the Personal Data, provide information, materials, goods, or services that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise respond to your requests;
• to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
• to debug products to identify and repair errors that impair existing intended functionality;
• to exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
• to comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.);
• to engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
• to enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
• to comply with a legal obligation; or
• to make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
• deny you goods or services;
• charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
• provide you a different level or quality of goods or services; or
• suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may still offer you certain financial incentives that can result in different prices, rates, or service quality levels as permitted by the CCPA. We do not currently offer such financial incentives.
Exercising access, data portability, and deletion rights
To exercise your rights described above, please submit a request to us that specifies your request type (disclosure, deletion, etc.) as detailed below. Requests may be sent by email to [privacy@atlantic-quantum.com].
Only you, or someone legally authorized to act on your behalf, may make a request related to your Personal Data. You may also make a request on behalf of your minor child. We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. You may be required to provide additional information necessary to confirm your identity before we can respond to your request. You may only make a request for access or data portability twice within a twelve (12) month period. The request must:
• provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative; and
• describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Making a request does not require you to create an account with us. Also, we will only use Personal Data provided in a request to verify the requestor’s identity or authority to make the request.
Your authorized agent
You have the right to designate an authorized agent to make a request under the CCPA on your behalf.
Response timing and format
We will confirm that we received your request within ten (10) days and will respond within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. We will deliver our written response electronically or, at your option, by mail.
Any disclosures we provide will only cover the twelve (12) month period preceding our receipt of the request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Can this Web Privacy Policy be modified?
We reserve the right to modify this Web Privacy Policy at any time. Accessing the Website after we have published a modified Web Privacy Policy constitutes acceptance of such modified policy.
How we notify you of modifications?
We will publish a link to the modified Web Privacy Policy on the footer of the Website. The modified Web Privacy Policy becomes effective upon publishing. If the modifications are material, we will provide more prominent notice as appropriate under the circumstances (for example, for a period following publication the icon or link to the Web Privacy Policy may be highlighted or include the word such as “modified,” “revised,” “updated,” or similar).
How can we be contacted?
You can contact us by email at [privacy@atlantic-quantum.com].
Last revised: 1 March 2025 © 2025 Atlantic Quantum, Inc. All rights reserved.