The United States protects personal information through a combination of federal and state privacy laws. Several major state privacy statutes — including the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act (CPA), and the Connecticut Data Privacy Act (CTDPA) — grant consumers broad rights over how their personal information is collected, used, and shared. Simbase INC. is committed to complying with all applicable US data privacy requirements.
How we protect your data
In a world of constant connectivity — especially in IoT — having your data properly secured is more important than ever. We at Simbase take data protection very seriously. We have implemented comprehensive administrative, technical, and physical safeguards to protect the personal information entrusted to us.
Our security program is aligned with internationally recognized standards including ISO/IEC 27001 and the NIST Cybersecurity Framework. We employ encryption for data in transit and at rest, maintain strict access controls, conduct regular security assessments, and provide ongoing security training to all employees. Our full security standards are described at simbase.com/terms/data-security-standards.
Are we compliant?
Yes, we have taken all the necessary steps in order to ensure that we are complying with applicable US data privacy laws, including the CCPA/CPRA and other state privacy statutes. We do not sell personal information as defined under applicable law. We have implemented mechanisms for consumers to exercise their privacy rights, and we have established contractual protections with all service providers and subprocessors who handle personal information on our behalf. Our current subprocessor list is available at simbase.com/terms/subprocessors.
What rights do you have?
Depending on your state of residence, you may have the following rights regarding your personal information:
Right to Access. You have the right to request that we disclose what personal information we have collected about you, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared.
Right to Deletion. You have the right to request that we delete the personal information we have collected from you, subject to certain exceptions such as legal obligations and fraud prevention.
Right to Correction. You have the right to request that we correct inaccurate personal information that we maintain about you.
Right to Opt Out. You have the right to opt out of the sale or sharing of your personal information. You also have the right to opt out of targeted advertising and, in some states, certain types of automated profiling.
Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.
Right to Data Portability. In certain states, you have the right to receive a copy of your personal information in a portable, readily usable format.
We respond to all verifiable consumer requests within the timeframes required by applicable law — generally 45 days from receipt, with the possibility of a one-time extension of an additional 45 days if reasonably necessary.
How to exercise your rights
Simbase users can exercise their data privacy rights by contacting us at:
Email: privacy@simbase.com Mail: Simbase INC., [US ADDRESS] Online: You can manage certain data preferences directly through your Simbase dashboard at dashboard.simbase.com.
When submitting a request, we will need to verify your identity before processing it. You may also designate an authorized agent to submit a request on your behalf. If we are unable to fulfill your request, we will explain the reason, and you have the right to appeal our decision.
Simbase as a service provider
Simbase INC. operates primarily as a service provider in relation to the personal information we process on behalf of our customers. Our customers — the businesses that use the Simbase platform to manage their IoT connectivity — are typically the entities that determine how and why personal information is processed.
If you are an end user of a device managed through the Simbase platform and have questions about how your personal information is handled, we encourage you to contact the business that manages your connectivity directly.
Contact us
For more information about our privacy practices, if you have questions, or if you would like to make a request regarding your personal information, please contact us by email at privacy@simbase.com or by mail at:
Simbase INC.
1401 Pennsylvania Ave, Suite 105 Wilmington, DE 19806
