Sigma Computing Inc. has self-certified compliance with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK extension to the EU-U.S. Data Privacy Framework (“UK Extension”), and the Swiss-U.S. Data Privacy Framework set forth by the U.S. Department of Commerce (“Swiss-U.S. DPF” and collectively, the “DPF”). This Data Privacy Framework Notice (“DPF Notice”) supplements the information contained in the Privacy Notice.
- Certification. Sigma has certified to the U.S. Department of Commerce that it adheres to (i) the EU-U.S. DPF Principles with regard to the processing of Personal Data received from the EU in reliance on the EU-U.S. DPF, (ii) the UK Extension with regard to the processing of Personal Data received from UK (and Gibraltar) in reliance on the UK Extension, and (iii) the Swiss-U.S. DPF Principles with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF (collectively, the “DPF Principles”). If there is any conflict between the terms in the Privacy Notice and the DPF Principles, the DPF Principles shall govern. To learn more about the DPF and view our certification, please visit https://www.dataprivacyframework.gov/s/us-businesses.
- Inquiries or Complaints. If you have any inquiries or complaints about the handling of your Personal Data, please contact us in accordance with Section 14 of the Privacy Notice. We will investigate and attempt to resolve complaints within 45 days of receiving your complaint. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://www.jamsadr.com/DPF-Dispute-Resolution. A binding arbitration option may also be available to you in order to address residual complaints not resolved by any other means. Sigma is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
- Choice and Disclosure.
- To the extent required by the DPF Principles, Sigma will offer you the opportunity to choose (opt out) when your Personal Data is to be used for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized by you.
- To the extent required by the DPF Principles, when processing Sensitive Personal Data, Sigma will offer you the opportunity to give affirmative express (opt-in) choice, subject to certain exceptions, if the Sensitive Personal Data is to be disclosed to a third-party or used for a purpose other than those for which it was originally collected or subsequently authorized by the individual through the exercise of the opt in choice.
- Sigma may disclose Personal Data in response to lawful requests by public authorities, including national security or law enforcement requirements
- Sigma may disclose Personal Data, without offering you a choice, in the following cases: to our processors or service providers; to our affiliates; or as part of a corporate restructuring (as further described the Privacy Notice). If we disclose your Personal Data to other third parties, we will obtain your consent.
- You may choose to disable third-party cookies that collect Personal Data through Sigma’s website.
- We also allow you to choose to opt out of marketing-related emails from us, and to update or correct Personal Data in your account.
- Liability for Onward Transfers.
- Sigma Computing complies with DPF Principles regarding accountability for onward transfers.
- Sigma is responsible for the processing of Personal Data subject to the DPF, which is subsequently transferred to a third-party. Before disclosing Personal Data to such third-parties, we will obtain assurances from the recipient that it will (a) process the Personal Data in accordance with Sigma’s instructions and only for the purposes specifically permitted by Sigma; (b) provide at least the same level of protection for Personal Data as required by the DPF Principles; (c) notify Sigma if the recipient is no longer able to provide the required protections. Sigma shall remain liable under the DPF Principles if the third-party processes such Personal Data in a manner inconsistent with the DPF Principles.
Last updated: February 11, 2026
