Cerence Privacy Statement
This Privacy Statement (“Statement”) describes the personal data that Cerence collects, how we use it, and when we share it, as we interact with you, deliver our products and services, and conduct our business operations.
This Statement applies to Cerence Inc., Cerence Operating Company and the other Cerence Inc. affiliates and any wholly owned subsidiaries worldwide, referred to in this Statement as “Cerence.” When we refer to Cerence products, we mean all Cerence products and services.
For the purposes of applicable data privacy legislation, the Cerence affiliate or subsidiary responsible for the collection and use of your personal data is either the affiliate or subsidiary with which you contract or engage, or the affiliate or subsidiary located in the country in which you reside. You may contact us at email@example.com if you wish to confirm the identity of the responsible Cerence affiliate.
What Personal Data Do We Collect?
Cerence collects personal data when we deliver our products, conduct marketing, and run our business operations. The personal data we collect varies based upon whether the data is collected (i) through our websites or applications, including www.cerence.com and their local variations (“Sites”) or (ii) through our products and services, including but not limited to our software, support services, and voice recognition technology products (“Products”).
We may collect personal data directly in the following situations:
When you purchase, download, or register Cerence software, or use our software support services, we may collect contact information such as your name, email address, physical address, telephone number, and financial and payment details, together with information on the Cerence Products you buy, download, or register.
If you engage with Cerence for marketing purposes, such as by expressing interest in Cerence Products through a web form, participating in a promotion, or attending a Cerence or other marketing event, we will collect the information you submit to us, such as your contact details (including name, email address, phone number, organization and job title) and the Cerence Products that interest you.
When you submit an employment application, we collect the personal data disclosed by your application, such as your name, email address, phone number, and employment and education history.
Through our Products, we may collect personal data directly in the following situations:
When you use Cerence voice recognition technology, whether by using Cerence’s own Products or by using third party products that employ Cerence voice recognition technology, we may capture your voice and the words that you speak into the product.
We may also collect other electronic data derived from your use of our Products. This data may include your IP address, usage data, and data showing your registration, installation and use of Cerence software Products. Except for IP address and unique device identifiers, we generally collect this data on an aggregate and non-identifying basis.
Cerence may collect personal data indirectly in certain situations, in particular:
We provide voice recognition, text input, and communications products to corporate customers, and we may collect personal data processed in those products, including voice recordings, text, names, or phone numbers.
We obtain marketing contact information, including name, email address, phone number, organization, and job title, from our resellers and distributors, from public sources, and from third-party mailing lists.
We collect personal data, including employment and education history, from third parties to conduct background and reference checks for employment applications and for applications to establish reseller and distributor relationships with Cerence, subject to your consent where consent is required by law.
We use tracking technologies to:
Manage the experience on our Sites. This enables us to remember you when you return to the Sites. These are also used to store your preferences such as your language choice or job search criteria to display relevant results.
Authenticate access to secure areas of our Sites such as your account or event registration.
Improve the Sites or services by using analytics to understand traffic patterns so we can find popular site content and potential problems.
How We Use Personal Data
General Business Operations
We use contact information to market, sell, and service Cerence Products, subject to your consent where required by law. We allow recipients of marketing messages and collateral to opt out of receiving further communications from Cerence at any time without detriment.
We use your financial or payment information, and your contact details, to support, establish, and conduct customer relationships as necessary for the performance of our terms of service with you (including, for example, completing purchase transactions, fulfillment of an order, order confirmations, responding to requests for information about products and services, and the provision of purchased products and services). If you fail to provide the personal data we need, we may be unable to complete your transaction. We use personal data from employment applications where necessary to support our legitimate interest in processing your application and to contact you if future opportunities arise.
We use personal data of individuals associated with proposed resellers and distributors to conduct reference and background checks ahead of entering into a contract and as necessary for compliance with legal obligations to which we are subject.
Data Processed Within Our Products
We use the personal data that is processed within our Products, such as voice data within voice recognition products, personal data processed in communications products, and any personal data contained within product usage data we collect, to deliver our Products under applicable terms and for our legitimate interests in tuning, maintaining, enhancing, and developing Products. We never use this data, referred to as “Product Personal Data,” for marketing purposes and we never sell or transfer your data to third parties for the third party’s marketing purposes.
We use aggregated, non-identifying, electronic data collected from use of our Sites and Products to operate, analyze, improve, and develop our Sites and Products. This information is not used to inform decisions about specific individuals; rather, it is processed to understand how different categories of users interact with our Sites and Products so that we can consistently improve our Products.
When We Share Personal Data
We may share Product Personal Data in the following situations:
With our affiliates and subsidiaries and with vendors acting on our behalf to support the Sites or the delivery of Products;
With the customer on whose behalf and at whose direction we are processing the data; and
When we have your consent to use your Personal Data for a specific purpose.
We may share personal data with our affiliates, subsidiaries, resellers, suppliers, subcontractors, and distributors, and with vendors acting on our and their behalf, to service our customers and perform any contract we enter with you (including, for example, with resellers who support our management of potential clients and vendors who conduct transcription in connection with our products and services).
We may share aggregated, anonymous, or non-identifiable electronic data with our affiliates and with vendors acting on our behalf.
We may share personal data derived from Sites usage (excluding Product Personal Data), with analytics and search engine providers that assist us in the improvement of our Sites, subject to the cookie section of this Privacy Statement. Our Sites may use Google Analytics. The way Google collects and processes data when delivering Google Analytics is described here: www.google.com/policies/privacy/partners/.
We may share personal data from employment applications with vendors acting on our behalf who help us in recruitment, background check and human resources matters. If we share your personal data (including Product Personal Data) with affiliates or with vendors acting on our behalf, we do so under binding agreements that require the third party to use and protect the personal data in accordance with the principles described in this Privacy Statement. These third parties are authorized to use your personal data only as necessary to provide these services to us.
We may also share personal data to comply with law and legal process, to respond to governmental inquiries and lawful requests from by public authorities (including to meet national security or law enforcement requirements), and to protect life, property, or the security of Cerence or its customers. If Cerence enters any merger, acquisition, or asset sale of all or any part of its business, personal data held by Cerence may be transferred to a buyer or successor entity.
Control of Your Personal Data
You can change your preferences to opt out of marketing communications at any time by contacting us at firstname.lastname@example.org. Alternatively, please follow the opt-out instructions in the relevant communication. If you opt out, we will retain your email address to confirm that we do not send you further communications.
If you have submitted an employment application to Cerence or if your personal data has been collected by Cerence to review a proposed reseller or distributor relationship, you may contact us at email@example.com to request deletion of your data. We will respond to your request within a reasonable timeframe.
If you wish to access, correct, or request deletion of your Product Personal Data, you may contact us at firstname.lastname@example.org. Cerence generally processes Product Personal Data on behalf of our customers. If you contact us, we may direct your inquiry to our customer on whose behalf the Product Personal Data is being processed. We will make reasonable efforts to delete your Product Personal Data upon your request within a reasonable timeframe. Cerence may refuse your request to access, request or delete Product Personal Data where entitled to do so under applicable law.
If you have submitted Product Personal Data to Cerence using your own user account which allows you to control your own data, you may delete the data you submitted by logging into your account and following the guidelines in the help system.
Location of Processing and Cross--Border Transfers
Cerence operates in over 35 countries. We may transfer personal data across international borders and may process personal data in jurisdictions other than the jurisdiction of original collection.
We may transfer personal data that we collect to other Cerence affiliates or other companies performing support functions on our behalf (each as described above) based in other countries including to the United States, India or the Philippines or other countries outside the European Economic Area or your country of residence and this personal data may be stored and/or processed in such countries. Whether your personal data is processed within your country of residence or beyond, we will take steps to ensure that your data is subject to appropriate safeguards required of us under the Privacy Statement, applicable data protection laws, and appropriate legally recognized data transfer adequacy mechanisms. Personal data that is transferred outside your country of residence may be subject to lawful access by courts, law enforcement and other governmental authorities in accordance with the laws of the foreign jurisdiction.
EU-U.S. Privacy Shield and Swiss‑U.S. Privacy Shield
Cerence participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework regarding the collection, use, and retention of personal data transferred from the European Union, the United Kingdom and Switzerland to the United States. We are committed to subjecting all personal data received from European Union (EU) member countries, the United Kingdom, and Switzerland, respectively, in reliance on the Privacy Shield Framework, and the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’sPrivacy Shield List.
Cerence is responsible for the processing of personal data it receives, under the Privacy Shield Framework and the Framework’s applicable Principles, and subsequently transfers to a third party acting as an agent on its behalf. Cerence and its U.S. Subsidiaries comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, the United Kingdom, and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Cerence is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Storage and Security
We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once it is received. Information you provide to us is stored on our secure servers. If Cerence has issued you a password, you are responsible for keeping the password confidential. If you have any questions about the security of your personal data, you can contact us at email@example.com.
We retain personal data to the extent necessary to provide Products to our customers, employees, and prospective employees. Generally, we retain personal data for as long as you remain an active customer or user of our Sites and Services and for 3 years afterwards, or otherwise as required for our business operations or by applicable laws. Longer retention may be necessary under contractual terms with the data controller for whom we provide services, for fraud prevention, to identify technical problems, or to resolve legal proceedings.
We may retain non-personally identifiable aggregate information beyond this time for research purposes and to help us improve and further develop our Products. You cannot be identified from aggregate information retained or used for these purposes. Any record of a stated objection by you to receiving marketing communications will be retained by us so that we respect your wishes by not contacting you further.
You may have the right under applicable laws in certain circumstances to:
ask for access to details of the personal data held by us about you, free of charge;
to request the rectification, restriction or erasure of your personal data held by us;
to object to the processing of your data;
to request that any personal data provided by you, be transferred to a third party.
Cerence never sells or transfers your data to third parties for the third party’s marketing purposes. You can object to receiving further marketing from Cerence at any time without detriment.
You can also exercise the rights listed above, or write to us with any complaints, at any time by contacting us, specifying the nature of your request, at:
firstname.lastname@example.org or by mail (Worldwide) at:
Data Protection Officer
15 Wayside Road
Burlington MA 01803
Attention: Legal Department- Privacy
Or by contacting our representative in the EU at:
Data Protection Officer
CBS Weg 11
6412 EX Heerlen
If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority.
Cerence Employees and Contingent Workers
This Privacy Statement does not cover Cerence’s collection of personal data from employees and contingent workers, which is described in a separate HR Privacy Statement made available to Cerence personnel.
Changes to This Privacy Statement
We may update this Privacy Statement from time to time by publishing an updated version on Cerence's Sites. Each updated version will include the date the statement was last updated. Please review the latest version of this Privacy Statement periodically to keep current with Cerence’s use of personal data. If we make material changes in the way Cerence uses or shares personal data, we will publish notice on our Sites and notify you by email to tell you of the proposed change prior to the change becoming effective. Any such material changes will only apply to personal data collected after the revised Privacy Statement takes effect.
Dated: December 5, 2019.