About Us

With Spring Labs, your data is protected at rest, in motion and in use. Our technology takes data protection to the next level, allowing organizations to significantly reduce the likelihood of a material breach, safeguard their sensitive data, and uphold their reputation and customers’ trust.

Company

This is Spring Labs

Team

Advisors

Investors

Blog

Conference Presentations

Issued U.S. Patents

News

Partners

Deal Registration

Read Our Latest Blog

Sensitive Data Protection: Encryption vs Tokenization

April 24, 2023

In today’s data-driven world, protecting sensitive information is paramount. Organizations must ensure that their data is secure from both...

Read Blog →

Problems We Solve

Our next-generation tokenization minimizes compliance overhead, reduces the impact and cost of data breaches, and allows sensitive data to be shared more freely and securely. With our solutions, organizations gain full control over data, allowing seamless adoption of new tools, without worrying about data security.

For InfoSec & Compliance Teams

Data Exchange

PCI Compliance

Read Our Latest Blog

Sensitive Data Protection: Encryption vs Tokenization

April 24, 2023

In today’s data-driven world, protecting sensitive information is paramount. Organizations must ensure that their data is secure from both...

Read Blog →

Discover Our Products

We empower businesses to securely store and share sensitive data without exposing any personally identifiable information (PII), utilizing patented, ultra-secure cryptography and tokenization solutions. Our forward-thinking approach also includes robust protections ensuring your data remains secure in an increasingly AI-dependent world.

TrueZero Tokenization

AI Guard

App Guard

Zero Data

PCI Compliance

Data Exchange

Data Minimization

Read Our Latest Blog

Sensitive Data Protection: Encryption vs Tokenization

April 24, 2023

In today’s data-driven world, protecting sensitive information is paramount. Organizations must ensure that their data is secure from both...

Read Blog →

Request a Demo

Privacy Policy

Effective: November 1, 2023 

Spring Labs complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Spring Labs has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Spring Labs has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/\.

1. Introduction
Spring Labs offers its customers various commercial products that enable customers to exchange valuable information with other organizations in a secure method without revealing underlying sensitive personal data. Spring Labs respects the privacy of its customers and individuals and is committed to protecting the information provided to Spring Labs by way of visiting our website (“Visitors”), and individuals or entities that register to use Spring Labs products and services (“Customers”). Spring Labs has published this Privacy Notice to outline our practices with respect to collecting, using, and disclosing Personal Information transferred from the EU, the UK, or Switzerland to Spring Labs in the U.S. related to: (i) Visitors to our Website, www.springlabs.com, (ii) engagement with our marketing communications and events, or (iii) interactions with any of our social media accounts.

By interacting with us, you acknowledge you have read and understand the terms of the Privacy Notice and your continued interaction constitutes your ongoing acknowledgement of the collection, use, disclosure and processing of your personal information (including personal data, hereafter (“Personal Information”) by Spring Labs, as set forth in this Privacy Notice.

We encourage you to read the Privacy Notice carefully and to use it to make informed decisions. If you do not agree with the below information, your choice is to not use our Website, not engage with our social media content, or to unsubscribe from our marketing communications and events.

2. What this Privacy Notice Covers
This Privacy Notice covers how we treat Personal Information that we gather about you in the regular interaction with us, including when you access or use our Services, Website or through other Visitor engagement and through marketing activities, including links on our Website and social media accounts.

3. The Personal Information We May Collect and How We Use This Personal Information
3.1. Personal Information We May Collect
We get information about you in a range of ways.
Information You Give Us. We may collect your first name, last name, address, email address, date of birth, as well as other information and identifiers as you provide to us as a customer or prospective customer in order to provide our Services.
You also provide similar Personal Information to us when you voluntarily fill out forms on our Website such as when you request a demo or to contacts sales, download a white paper, click on links, engage with various social media accounts, or to register for marketing communications or events.
Information We Get From Others. We may get identifiers and other information about you, from other sources. For example, we may use third party providers of business contact information.
Information Automatically Collected. Like many companies, we may collect marketing and log information about you to help us better refine our marketing efforts and to reach potential customers across the Internet. For example, when visiting and accessing our Website, we track online activity such as the website you visited before browsing to our Website, pages you viewed, how long you spent on a page, access times and information about your use of our Website.
Cookies. Spring Labs also collects cookies as you navigate through and interact with our Website. We use these cookies to collect certain information about your equipment and browsing activities, or to access information about signing in and to store a limited amount of behavioral data. Spring Labs has a separate Cookie Policy accessible on the Website. Please review our Cookie Policy for more information about how we use cookies and your options related to cookies.

3.2. Use of Personal Information
We use Personal Information that we collect about you or that you provide to us only as directed by you or authorized by you to carry out our regular course of business. How we use the Personal Information we collect depends in part on how you choose to communicate with us, how you use our Website (including links on our Website and social media interactions), and any preferences you have communicated to us. In general, we use the Personal Information in order to respond to a request from you, to carry out our legal obligations, to fulfill a contract with you, to provide services, to make improvements to our services, and to provide you with notices and for other purposes with your consent as described below.

We may use your Personal Information as follows:
• To send information including confirmations, technical notices, updates, security alerts, and support and administrative messages.
• To communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners.
• To maintain legal and regulatory compliance. Or fulfill contractual obligations.
• To investigate violations and enforce our policies, and as required by law, regulation, or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.
• To generate anonymous de-identified and/or aggregated data that we may use for any lawful purpose/
• To perform research or conduct analytics in order to improve and customize our offerings, including to undertake internal research and reporting.
• To verify identity and usage of Services, manage billing or payment, prevent fraud, illegal or prohibited acts.
• To personalize and improve services.

As noted in the list above, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers or email you about our Website. If you do not want to receive communications from us, you can unsubscribe from marketing communications or email us with your preferences at compliance@springlabs.com.

3.3. Legal Basis for Processing Personal Information For EEA, UK and Swiss Visitors and Customers
If you are an individual in the EU, United Kingdom, Switzerland, or another relevant jurisdiction, we collect and process Personal Information about you only where we have a legal basis or bases for doing so under applicable laws. The legal bases depend on how you use the Website or otherwise interact with us, how you choose to interact and communicate with our Website, and whether you attend our events. However, we will collect Personal Information only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you and we will endeavor to make that clear at collection.

4. When Spring Labs Discloses Personal Information
We do not rent, sell, or share your Personal Information with third-parties except as described in this Privacy Notice or as authorized by you based upon your instructions provided through normal use of the Site or Services. In addition to our duly authorized personnel, we may share Personal Information with the following recipients: (i) our subsidiaries; (ii) affiliated companies; (iii) subcontractors, vendors, or other third-party service providers; and (iv) auditors or advisers of our business processes.

We may disclose Personal Information or any information you submitted if we have a good faith belief that disclosure of some information is helpful or reasonably necessary to: (i) comply with applicable laws, regulations, legal processes or governmental requests; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property, or safety of us, our affiliates, our Users, yourself or any third-party; (vi) for the purposes of collaborating with enforcement agencies; and (vii) in case we find it necessary in order to enforce intellectual property or other legal rights.

4.1. Information Choices and Changes
Any marketing emails we may send will tell you how to "opt-out" from further communications. If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about our business dealings with you. You are permitted to decline to share certain Personal Information with us.

You may send requests about Personal Information to our Contact Information below. You can request to change contact choices, opt-out of our sharing with others, and update your Personal Information. When you update or request a change to certain information, we may maintain a copy of the unrevised information for legal and compliance purposes.

You can typically remove and reject cookies from our Site with your browser settings.

5. Customer End User Data
This Privacy Notice does not apply to Customer End Users, Customer End User Data or Customer Applications. With respect to the Personal Information collected by our Customers and submitted to the Spring Labs platform, Spring Labs is a processor or sub-processor and only processes such Personal Information in accordance with our Customer’s instructions. Our Customers, not Spring Labs, choose the type of Customer End User Data collected by Customer Applications, and submitted and processed through our Customers’ use of the services. We process the Customer End User Data only according to the instructions of Customers and our legal obligations with respect to the Customer End User Data is set forth in the agreement between us and our Customers. The collection of Customer End User Data through Customer Applications is governed by our Customers’ privacy policies, and if you are a Customer End User then you should review the Customer’s privacy policy to learn more about the Customer’s data handling practices.

While Spring Labs recognizes that an individual has the right to access, delete and amend the data collected about that individual, Spring Labs only has a relationship with our Customers and does not interact with the Customer End Users. As such, if you are a Customer End User and you would like to access, amend or delete your data, you need to contact the Customer directly with your request which Customer may process. Spring Labs will respond within a reasonable period of time to any such request or assistance requested by our Customer.

Spring Labs only retains the Customer End User Data we process on behalf of our Customers for as long as necessary or as required to comply with legal obligations, resolve disputes and enforce any agreement.

6. International Transfer
This section applies to those that visit our Site or use our services from the EU, UK, or Switzerland.

If you are a resident of the EU, UK or Switzerland, please note that the following rights specifically apply regarding your Personal Information: (1) Receive confirmation as to whether or not Personal Information concerning you is being processed, and access your stored Personal Information, together with supplementary information; (2) receive a copy of Personal Information you directly volunteer to us in a structured, commonly used and machine-readable format; (3) request rectification of your Personal Information that is in our control; (4) request erasure of your Personal Information; (5) object to the processing of Personal Information by us; (6) request to restrict processing of your Personal Information by us; (7) withdraw your consent for data processing activities that rely on your consent as a legal basis, and (8) lodge a complaint with a supervisory authority.

However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements and/or conditions.

To exercise such rights, you may contact us at: compliance@springlabs.com.

In addition, please note VeraSafe has been appointed as Spring Lab’s representative in the EU for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the EU, VeraSafe can be contacted in addition to Spring Labs only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form:
https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031.

Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland

7. Commitment to Data Security
Spring Labs uses commercially reasonable physical, managerial, and technical safeguards designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. These measures include, for example, physical access controls, encryption, firewalls, and detection and monitoring. Our personnel who may have access to your Personal Information are required to keep that information confidential and trained on their security and privacy obligations. You are also responsible for maintaining the confidentiality of your password and other information used by you to access our Website.

Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse the Website, and we make no warranty, express, implied or otherwise that we will prevent such access. If you feel that your privacy was not treated in accordance with this Privacy Notice, or if any person attempted to abuse the Website or acted in an inappropriate manner, please contact us directly at compliance@springlabs.com.

8. Dispute Resolution
If a privacy complaint or dispute relating to Personal Information received by Springcoin, Inc. d/b/a Spring Labs in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure.

Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/. If a complaint or dispute cannot be resolved through our internal process, we have also agreed to cooperate with the EU and UK data protection authorities and the Swiss Federal Data Protection and Information Commissioner and to participate in the dispute resolution procedures of the panel established by such data protection authorities.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration. See DPF Annex 1 at https://www.dataprivacyframework.gov/s/article/ANNEX-I- introduction-sw-dpf for details. We are obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that you invoke binding arbitration by delivery notice to us and follow the procedures and subject to conditions set forth in Annex I of Principles.

9. Other Information
9.1. Transfers of Personal Information.
Please be aware that the Personal Information we collect may be transferred to and maintained on servers or databases located outside your state, province, country, or other jurisdiction, where the privacy laws may not be as protective as those in your location. Please be advised that we process and store Personal Information in the United States and you acknowledge such processing. To the extent your Personal Information is transferred by Spring Labs to recipients located outside of the EU, UK, Switzerland or a country for which an adequacy decision has been issued by the European Commission, Spring Labs will implement appropriate safeguard mechanisms to remain in compliance with the Principles.

In the event Spring Labs discloses Personal Information covered by this Notice to a non-agent third party, it will do so consistent with the choices exercised by Spring Labs’ Visitors and users regarding processing and disclosure. Spring Labs will only disclose Personal Information to third parties that have given us contractual assurances that they will provide at least the same level of privacy protection as is required by this Notice and the Principles, and that they will process Personal Information for limited and specific purposes consistent with any consent provided by the individual. If Spring Labs has knowledge that a third party to which it has disclosed Personal Information covered by this Notice is processing such Personal Information in a way that is contrary to this Notice and/or the Principles, Spring Labs will take steps to prevent or stop such processing. Spring Labs complies with the Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

9.2. Children and Minor’s Privacy.
Our services are not intended for use by children or minors under the age of 18. We do not knowingly collect Personal Information from those under the age of 18 years old. Please contact us if you believe we may have unknowingly collected information about a person under 18 years old.

9.3. Website, Links and Social Media.
Our Website, services or marketing materials may contain links to other third-party websites or applications (such as Facebook, LinkedIn, YouTube or Twitter). This Privacy Notice does not apply to any third party websites, including through any application that may link to or be accessible from or on the Website or Services, and Spring Labs is not responsible for the privacy policies and the content of the third-party websites or applications.

9.4. Retention.
We may process and store your Personal Information only for the period necessary to achieve the purpose of the storage, or as permitted by law. We may retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, enforce our agreements, and as otherwise described in this policy. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of a contract or the initiation of a contract or for other lawful purposes.

9.5. Contact Information
We welcome your comments or questions about this Privacy Notice. You may also contact us at our address:
Springcoin, Inc.
4551 Glencoe Avenue, Suite 330
Marina Del Rey, CA 90292
Or via email at: compliance@springlabs.com.

Spring Labs will cooperate with the United States Federal Trade Commissions and any data protection authorities of the EU Member States (“DPAs”) and/or the Swiss Federal Data Protection and Information Commissioner in the investigation and resolution of complaints that cannot be resolved between Spring Labs and the complainant that are brought to a relevant DPA.

9.6. Changes to This Privacy Notice. We may change this Privacy Notice. If we make any changes, we will change the Last Updated date above.