Quantinuum, Ltd., including its controlled subsidiaries and affiliates, is committed to protecting your privacy.
Read more about our Privacy Statement!
Quantinuum, a company incorporated under the laws of the Cayman Islands, and its subsidiaries (the “Company”, “our”, “us”, or “we”) is committed to safeguarding the privacy of personal information (or similar terms such as “personal data” as defined in applicable privacy laws) provided to it and in respect of any natural person(s), including but not limited to, clients, suppliers, partners and website visitors (“you” or “your”) in accordance with the EU General Data Protection Regulation (Regulation 2016/679) (“GDPR”) and any other applicable data privacy laws. The Company is the data controller of any personal information provided to it when you visit or use any of our websites (the “Sites) or use products or services that we offer.
If in the process of providing services to clients, Quantinuum processes personal information as a data processor, meaning that we process the data solely on the instructions of our clients, who determine the purpose and means of processing and exercised overall control of the data. Therefore, if you have questions or wish to exercise your rights relating to your personal data, you may need to contract the client (and controller) on whose behalf the processing of your data is carried out. If we receive a request from you relating to data controlled by a client, we will pass the request to the appropriate client (and controller) where permitted by applicable privacy law.
This Quantinuum Data Privacy Policy and Website Privacy Statement (the “Policy”) establishes uniform, global guidance regarding how the Company generally intends to Process and protect Personal Data. The Policy explains how we collect, share, and use your personal information collected and how you can exercise your privacy rights. Note that, by using our Sites, you are consenting to Quantinuum collecting and processing your personal information in accordance with this Policy, as it may be amended from time to time. If you do not agree to these terms, do not use the Sites. This Policy should not be construed as a guarantee of action by the Company or as creating contractually binding promises. To the extent that Law or contractual provisions impose stricter requirements than the guidance set forth below, the Company will comply with the more restrictive Law or contractual provisions. Adherence to this Policy may be limited to the extent required to respond to legal, governmental or regulatory requirements, or where expressly permitted by Law.
This Policy does not replace or supersede any other privacy statement, privacy policy, or other notice or agreement addressing the processing by the Company of Personal Data issued or otherwise made available to Data Subjects, but rather, shall be read in conjunction with such statements, policies, notices or agreements; provided, however, that in the event of a conflict between such statements, policies, notices or agreements and this Policy, the provisions of the former shall govern.
If you are a California resident, please see our CCPA/CPRA Privacy Notice below to learn about your rights under the California Consumer Privacy Act and California Privacy Rights Act.
If you are a Virginia resident, please see our Virginia Privacy Notice below to learn about your rights under the Virginia Consumer Data Privacy Act.
If you are a resident of the European Union or United Kingdom, then you have additional privacy rights which are explained below in the EU/UK Privacy Rights Notice.
This Policy applies to the processing of Personal Data of the Company’s customers, suppliers and end users of Company’s products and services worldwide in addition to users of the Sites.
The Company processes Personal Data in compliance with Law, this Policy, contractual obligations and any privacy policy, privacy statement or other notice or agreement addressing processing of Personal Data. The requirements in this Policy apply except where a particular jurisdiction’s Law and/or contractual obligations impose more detailed or stricter requirements relating to the Processing of Personal Data, in which case that Law or those contractual obligations will apply and take precedence.
The Company collects Personal Data for identified and appropriate business purposes, or as may otherwise be required or permitted by Law, and does not Process Personal Data in ways that conflict with those purposes, unless otherwise required or permitted by Law.
The Company may also collect Personal Data automatically using cookies or other similar tracking technologies located on any Company website, application, software or similar electronic system Company-issued or Company-authorized. For more information about the cookies the Company uses, users should consult the Company’s online Cookie Notice at www.quantinuum.com/cookie-notice. In order to receive further information about the cookies used in a particular Company electronic system, please contact compliance@quantinuum.com.
Information collected directly from you. We may ask you for personal information to provide a service or carry out a transaction that you have requested. You may also provide personal information to us when you contact or engage with us (e.g., with a comment, inquiry or customer support request, site visitors) or register for an account to use our Sites. This personal information may include:
When you do not provide the requested information, we may not be able to provide you the requested service or complete your transaction.
Information we collect automatically about you. We collect certain information about your visit to our Sites using cookies and similar tracking technologies. We will respect any legal rights you may have to prevent us doing this. Data collected in this way includes:
For information about the cookies and other similar tracking technologies we use on our Sites, please refer to our Cookie Notice and the Cookie disclosure discussed above.
Geo-location information. For certain Sites, with your consent, we may collect the precise, real-time location (i.e., geo-location) of your mobile device. This information will be used only for the purpose of facilitating your use of the Sites including by our service providers who may process this information in connection with providing services on our behalf. If given, you may adjust this consent by managing your Location Services preferences through the settings of your mobile device.
Information collected from third parties. In accordance with applicable law, we may collect personal information about you from third parties, such as social media websites and applications and combine it with information we already hold, to help us improve and customize our Sites to your preferences and for other purposes set forth in this Policy. We may also collect your business contact information from your employer or other third parties to facilitate or otherwise engage in traditional business activities and similar administrative matters.
We may use the personal information via our Sites or when you contact us for purposes that include:
Where permitted by law, we may combine the information that we collect via our Sites with other information we hold about you (such as information about your use of our products and services) in order to offer you an improved and consistent customer experience when interacting with us or for other purposes set forth in this Policy.
LEGAL BASIS ON WHICH WE PROCESS INFORMATION
Where required by law, we will ensure there is a legal basis for the processing of your personal information. In most cases, our legal basis will depend on the personal information concerned and the specific context in which we collect it.
If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please send an email to compliance@quantinuum.com.
Anonymizing information
In accordance with applicable law, we may anonymize your personal information so that it can no longer be used to identify you. Anonymized information is not considered personal information and is therefore not subject to this Policy. We may collect, use, aggregate and share anonymized information for any purpose.
How long we keep information
The period during which we store your personal information varies depending on the purpose for the processing. For example, we store personal information needed to provide you with products and services, or to facilitate transactions you have requested, for so long as you are a customer of Quantinuum or if you submit an employment application via our Sites, we will retain details of your application as set forth in the privacy notice made available to you in connection with your application or as otherwise required by law. In all other cases, we store your personal information for as long as is needed to fulfil the purposes outlined in this Policy, following which time it is either anonymized (where permitted by applicable law), deleted or destroyed.
Quantinuum is a global company and your personal information may be transferred to, held, stored, or used across various locations worldwide as necessary for the uses stated above and in accordance with this Policy and in applicable law. This means that when we collect your personal information it may be processed in countries that may have data protection laws that are different to the laws of your country.
However, Quantinuum will take commercially reasonable steps to protect your privacy and to provide a level of protection of personal information that is comparable to that of your country of residence which may include implementing the European Commission’s Standard Contractual Clauses, or another adequate transfer mechanism. For more information on the appropriate safeguards in place to protect your personal information, please see the jurisdiction-specific notices below or contact us at compliance@quantinuum.com.
We may share your personal information with selected third parties in accordance with applicable law, including as set out below:
Personal information may be accessed by third parties and by our Company offices from countries whose laws provide various levels of protection for personal data which are not always equivalent to the level of protection that may be provided in the country of operation of the Company. Where the Company transfers information internationally, the Company will take reasonable steps to ensure that information is treated securely, and the means of transfer provides adequate safeguards.
Personal information may be stored with, and managed by, a cloud service provider located in a different country to the Company office.
When a third-party Processes Personal Data on behalf of the Company, the Company shall enter into an appropriate processing contract with the third party to: govern the Processing relationship with the third party; ensure that the third party acts only on instructions from the Company with respect to the Processing of the Personal Data; and provide sufficient written guarantees that the third party has implemented, and is compliant with, appropriate technical, security, and organizational measures designed to protect Personal Data against (a) accidental or unlawful destruction, loss or alteration and (b) unauthorized disclosure or access.
The Company protects Personal Data by applying reasonable technical, physical, and organizational safeguards designed to prevent unauthorized or unlawful access to or acquisition or disclosure of Personal Data or any accidental loss, alteration, destruction or damage to Personal Data. These safeguards take into account applicable industry standards, the practicality of the protection, and the sensitivity of the Personal Data being protected and are appropriate to the risks posed by the relevant Processing activities, including the risk of exposure to loss, theft or unauthorized use or access of Personal Data.
The Company maintains physical and electronic measures to protect Personal Data as provided in the Company’s security policies.
The Company maintains organizational measures to protect Personal Data, including:
Privacy Impact Assessments - A Privacy Impact Assessment (PIA) is designed to solicit information needed in order to ensure compliance with applicable Law, this Policy and other company policies and standards while helping the Company avoid significant financial penalties and/or reputational damage that can result from violations of Law or Policy.
A PIA must be performed annually and submitted (or updated, if one had previously been submitted) for any new, or changes to, an existing product, service, application, system or project that involves the Processing of Personal Data.
Role-Based Access - The Company takes steps to ensure that access to Company IT systems that contain Personal Data is given only to those employees who require it in order to properly perform their role (“role based access”). For example, role-based access will be utilized for HR systems including but not limited to PeopleSoft, Cezanne and ADP, which are the primary databases containing employee Personal Data. HR employees who are granted role based access to Company HR systems are required to complete data privacy training and sign appropriate user agreements before accessing the relevant HR system.
Audit - Where required by Law or otherwise in accordance with Company practice, the Company may conduct audits of its data Processing activities and may issue audit reports that are shared with relevant stakeholders.
Employees should immediately (and in any case no later than 24 hours after discovery) report any actual or suspected compromise of the confidentiality, integrity, or availability of Personal Data or the systems or databases on which the Personal Data is stored, transmitted or Processed; including, but not limited to, any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure or acquisition of, or access to, any Personal Data (each, an “Incident”) to the Data Protection Officer for investigation regardless of magnitude of the Incident or the type of Personal Data involved. The Data Protection Officer shall identify one or more individuals to lead the investigation of the Incident (each a “Primary Investigator”). No action may be taken to investigate the Incident until a Primary Investigator has been appointed by the Data Protection Officer. Notwithstanding the foregoing, any employee responsible for a system or database containing Personal Data that may have been compromised shall take immediate steps to secure that system or database in accordance with relevant Company policies to ensure that any privacy risks arising as a result of the Incident are mitigated. The Data Privacy Function shall notify Incidents to the relevant supervisory authorities and Data Subjects as may be required by Law.
Depending on applicable law, you may have certain rights with respect to your personal information:
We will facilitate your exercise of the rights that apply to you in accordance with applicable law. However, even if your personal information is not afforded protection under, or otherwise subject to, a data protection law, we may seek to accommodate any request or inquiry you may have with regard to our data processing activities. If you have questions about your rights or wish to exercise your rights, you can contact us at compliance@quantinuum.com.
Our Sites are not directed to, and should not be used by, children under the age of sixteen (16) and we do not knowingly collect, use or sell information from such individuals. If you are a minor as understood by laws of your country, please do not submit any personal information through our Sites.
Our Sites may contain links to third-party websites, products and services. We have no liability or responsibility for those websites, products and services, their policies, or their collection or other processing of your personal information. The practices of those third parties is governed by their own privacy policies. We encourage you to learn about the privacy policies of those third parties.
Consistent with Law, the Data Protection Officer or his/her designee may make exceptions from the requirements of this Policy on a case-by-case basis. Any deviation from or exception to this Policy requires prior written approval from the Data Protection Officer or his/her designee.
The Company takes reasonable steps to permit Data Subjects to raise concerns about the manner in which it Processes Personal Data. If an Employee has a concern about the Company’s collection or Processing of Personal Data, the Employee should notify the Company’s Data Protection Officer at compliance@quantinuum.com.
A customer or supplier may also raise concerns with the Company about how it Processes the Personal Data of that customer or supplier, which concerns will be addressed in an appropriate manner in accordance with Law. The Company business units shall provide and notify customers and suppliers of an appropriate contact mechanism for any customer or supplier who has questions about the Company’s handling of Personal Data as well as, if applicable, with the contact details of the pertinent Data Protection Officer or similar person or department responsible for the protection of their Personal Data.
The Company shall comply with the national data protection laws and regulations to which it is subject and shall make all required notifications to competent data protection authorities and/or obtain authorizations in respect to its Processing of Personal Data, as required by Law.
Data Subject. For purposes of this Policy, Data Subject means any individual – including current and former employees, job candidates, customers, suppliers and end users of Company’s products and services – who is the subject of Personal Data.
Employee. For purposes of this Policy, “Employee” or “employee” shall include current and former regular, part-time and temporary workers, and non-traditional workers, including secondees, interns, or other temporary assignees.
Quantinuum or Company. For purposes of this Policy, Quantinuum or Company shall mean Quantinuum, its subsidiaries and affiliates, and their respective predecessors and successors.
Information Resources. For purposes of this Policy, Information Resources means Company assets used to store, Process, or transact data (e.g., media devices, portable storage devices, workstations, laptops, phones and other telecommunications devices, networks, web resources, and email).
Law. For purposes of this Policy, Law means all applicable international, national, state, provincial, and local laws and regulations.
Personal Data. For purposes of this Policy, Personal Data means any information relating to an identified or identifiable natural person in accordance with Article 4 of the GDPR or information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household in accordance with CA Civ. Code § 1798.140. An identifiable natural person is one who can be identified directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person. Personal Data shall include Sensitive Identification Data and Sensitive Personal Data.
Processing (or Process, Processes or Processed). For purposes of this Policy, Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Sensitive Identification Data. For purposes of this Policy, Sensitive Identification Data means certain types of Personal Data that pose a risk of financial, reputational, or other harm to the Data Subject if compromised, such as a national identification number (e.g., Social Security Number in the U.S., Social Insurance Number in Canada and Permanent Account Number in India), driver's license number, bank account number, credit or debit card number, passport number and date of birth (when in combination with other data that can subject an individual to risk of identity theft), and user names and passwords for online accounts.
Sensitive Personal Data. For purposes of this Policy, Sensitive Personal Data means Personal Data that reveals race or ethnicity, political opinions, religious or philosophical beliefs, membership in a trade union, processing of genetic data and biometric data for the purpose of uniquely identifying a natural person, data concerning health, data concerning a natural person’s sex life and sexual orientation and criminal records.
Additional terms not defined herein can be found in the Glossary of Terms and Acronyms.
OWNERSHIP: The Company Data Protection Officer shall serve as the policy “owner” and be responsible for future revision cycles.
POLICY CONTACT: General Counsel and Data Protection Officer
REVISION HISTORY:
This privacy policy and notice for California residents applies solely to visitors, users, and individuals, who reside in the State of California (“consumers” or “you”). We have adopted this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and the California Privacy Rights Act of 2020 (CPRA). The terms “business,” “business purpose”, “personal information”, “processing”, and “service provider” have the meanings given to them in the CCPA and CPRA.
Quantinuum (“our”, “us”, or “we”) may collect and use consumer personal information for its commercial and business purposes and related operational purposes. With respect to these activities, Quantinuum may have direct responsibilities as a business subject to the CCPA. For example, for certain activities related to direct interaction with consumers who have a direct relationship with Quantinuum, interacting with prospective/current clients, marketing, website and web application use, engaging vendors, and interacting with visitors/users of our Website. In these cases, this privacy policy is applicable.
Quantinuum also collects information in its capacity as a service provider to our clients, providing valuation, corporate finance advisory, governance, risk, investigations, disputes consulting and related services. In that case, Quantinuum receives personal information from or on behalf of our clients where we have no direct relationship with the individuals whose personal information we process, and information is provided to us solely for the business purpose of providing those services. If you are a customer or other user associated with one of our clients on whose behalf we have collected or processed your information, this privacy policy does not apply to you, and if you have questions or wish to exercise your rights relating to your personal information (such as information, access, correction or deletion), please contact that client directly.
The specific personal information that we collect, use, and disclose relating to a California resident covered by the CCPA and CPRA will vary based on our relationship or interaction with that individual.
In the past 12 months, we have collected, used and disclosed for business purposes, the following categories of personal information relating to California residents covered by this policy:
We collect personal information to offer and administer our services and products. These include valuation, corporate finance advisory, governance, risk, investigations, disputes consulting and related services. We use personal information for the following business purposes:
In the preceding 12 months, we have not sold personal information and we have not shared personal information with a third party for cross-context behavioral advertising.
We have disclosed personal information for business purposes in the preceding 12 months to the following categories of parties:
Quantinuum will retain personal information for a reasonable period, taking into account legitimate business needs to capture and retain such information. Information will also be retained for a period necessary to comply with state, local, and federal regulations, and in accordance with Quantinuum’s Document Retention Schedule (currently in progress).
Subject to the CCPA, CPRA and other applicable laws, you have the following rights concerning your data processed by Quantinuum:
Please contact us if you wish to exercise your rights under CCPA/CPRA:
Email: compliance@quantinuum.com
Phone: (855) 888-QNTM
This notice describes how we collect, use, and share your personal data in our capacity as a “Controller” under Virginia’s Consumer Data Protection Act (“CDPA”) and the rights that you have with respect to your personal data, including sensitive personal data. For purposes of this section, “personal data” and “sensitive data” have the meanings given in the CDPA and do not include information excluded from the CDPA’s scope. In general, personal data is information reasonably linkable to an identifiable person.
The Personal Data we collect about you will depend upon how you interact with our Sites and the information you voluntarily provide us. Accordingly, we may not collect all of the below information about you. In addition, we may collect and/or use additional types of information after providing notice to you and obtaining your consent to the extent such notice and consent is required by the CDPA.
To the extent that we collect Personal Data that is subject to the CDPA, that information, our practices, and your rights are described below. Persons with disabilities may obtain this notice in alternative format through any contact method at Accessibility Support.
Consistent with the "Information We Collect" and “How We Use Information” sections in the general privacy policy, we may collect certain categories of information about Virginia consumers (“Personal Data”). The chart below summarizes the Personal Data we process, the purposes for processing this data, the categories of personal data that we share with third parties, and the categories of third parties that we share the data with as specified in the CDPA. We do not sell personal data to third parties.
You may submit a request to exercise your rights above by emailing us and identifying the business or Site you interacted with. If you choose to send an email, please help us locate your data by including information about the website(s) you interacted with when you provided your information and any email address you used to create your account.
Email: compliance@quantinuum.com
Phone: (855) 888-QNTM
This Special Notice for Colorado Residents supplements the general Privacy Policy and applies only to individuals who are Colorado residents. This Special Notice is not applicable to Colorado job applicants or personnel.
This notice describes how we collect, use, and share your personal data in our capacity as a “Controller” under Colorado’s Privacy Act (“CPA”) and the rights that you have with respect to your personal data, including sensitive personal data. For purposes of this section, “personal data” and “sensitive data” have the meaning given in the Colorado Privacy Act and do not include information excluded from the CPA’s scope.
The personal data we collect about you will depend upon how you interact with our Sites and the information you voluntarily provide us. Accordingly, we may not collect all of the below information about you. In addition, we may receive information about you from other sources (such as firms that use public data to make predictions) or we may collect and/or use additional types of information after providing notice to you and obtaining your consent to the extent such notice and consent is required by the CPA.
To the extent that we collect personal data subject to the CPA, that information, our practices, and your rights are described below. Persons with disabilities may obtain this notice in alternative format through any contact method at compliance@quantinuum.com.
Consistent with the "Information We Collect" and “How We Use Information” sections in the general privacy policy, the below information provides additional detail about certain information that is linked or reasonably linkable to an identified or identifiable individual consumer (“Personal Data”) we process, the purposes for processing this data, and the Personal Data that we share with third parties as defined by the CPA. Please carefully review the general privacy policy for complete information about Quantinuum’s data privacy practices.
Personal data means any information that is linked or reasonably linkable to an identified or identifiable individual. Personal data does not include de-identified data or publicly available information.
We collect your name, phone number(s), postal address(es), and email address(es).
We collect online activity data, information about products or services purchased or considered, or other purchasing or consuming histories or tendencies to provide you with information, products, or services that you request from us and to improve them.
Our service providers collect a bank account number, credit card number, debit card number, or any other financial information you submit to process payment.
For state-regulated programs for the profession, we may collect personal data to authenticate your identity when taking examinations as required by the state, such as your Social Security number or driver’s license. We collect information on professional license numbers or membership information, certifications, licenses, or credentials.
Purpose for Processing Personal Data: To fulfill or meet the reason for which the information was provided to us; To provide the services you requested; To manage payments, fees, and charges; To provide you with support and respond to your inquiries, including to investigate and address your concerns; To monitor and improve our responses; To assess the offerings that may assist you in maintaining your professional certification and to report continuing education to the state oversight agency for the profession; To provide you with email alerts, event registrations, and other notices concerning our products or services or events or news that may be of interest to you; To report your attendance, performance, completion data, and proctored testing conditions to state oversight agencies; To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations; To personalize your website experience; To improve and deliver content and product and service offerings relevant to your interests through our website, third-party sites, and via email or text messages; As an education and enablement service provider with consumers from middle school through professional we store this information to optimize your experience with us and assist you in achieving your lifetime and career goals; and Research and development.
Third Parties with Which We Share Personal Data: Service providers such as payment processors; Business partners; State regulators; Courts of law/enforcement; and data analytic, intelligence, and augmentation firms.
Profiling Information means any form of automated processing performed on personal data to evaluate, analyze, or predict personal aspects related to an identified or identifiable individual's economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. We may collect information from sources other than you to build a consumer profile of your preferences. We do not profile as defined by the Colorado Privacy Act. Any details about consumer preferences, if compiled, is to understand your preferences for services we offer and not used for any automated decision making that would produce legal or similarly significant effects concerning you.
Purpose for Processing Profiling Information: To determine how best to serve you over your lifetime, how you may achieve success when using our products, and how we may modify our offerings for the success of others.
Third Parties with Which We Share Profiling Information: Quantinuum business partners and affiliates.
Sensitive data means personal data that includes data revealing (A) racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation or citizenship or immigration status, (B) genetic or biometric data for the purpose of uniquely identifying an individual, or (C) personal data from a known child.
We may collect age as defined as sensitive data by the CPA. We may collect other demographic information from sources other than you (such as firms that use public data to make predictions). We do not collect personal data from a known child.
Purpose for Processing Sensitive Data: We collect age to comply with the law. We obtain demographic information from sources other than you to further understand our customers and personalize offerings of products or services to optimize your experience with us.
Third Parties with Which We Share Sensitive Data: We do not share Sensitive Data with third parties.
You have the right to request access to Personal Data collected about you and information regarding the purposes for which we collect it and the third parties and service providers with which we share it. Additionally, you have the right to correct inaccurate or incomplete Personal Data. You may submit such a request as described below.
You have the right to request a copy of the Personal Data that you previously provided to us as controller in a portable format no more than two times per calendar year. Our collection, use, disclosure, and sale of Personal Data is described in our Privacy Policy.
You have the right to request in certain circumstances that we delete any Personal Data that we have collected directly from you or from a third party. You may submit such a request as described below. We may have a reason under the law why we do not have to comply with your request or why we may comply in a more limited way than you anticipated. If we do, we will explain that to you in our response.
You have the right to opt out of processing personal data for the purposes of and as defined by the CPA: (A) Targeted Advertising based on your Personal Data obtained from your activities over time and across websites or applications; or (B) The Sale of Personal Data to third parties. We do not profile as defined by the Colorado Privacy Act. You may submit a request to exercise your right to opt out of Targeted Advertising by emailing compliance@quantinuum.com. You may submit a request to opt out of the sale of your Personal Data by Quantinuum to third parties by emailing compliance@quantinuum.com.
If we decline to take action in any request that you submit in connection with the rights described in the above sections, you may ask that we reconsider our response by sending an email to the same email box (referenced in section below) from which you receive the decision. You must ask us to reconsider our decision within 45 days after we send you our decision. You may contact the Attorney General if you have concerns about the appeal.
You may submit a request to exercise your rights above by emailing us and identifying the business or Site you interacted with. If you choose to send an email, please help us locate your data by including information about the website(s) you interacted with when you provided your information and any email address you used to create your account.
Email: compliance@quantinuum.com
To protect consumers’ Personal Data and to comply with the CPA, we will use an authentication process to confirm your identity before we act on your request. You or your authorized agent may make an authenticated consumer request related to your Personal Data. If you use an authorized agent to submit a request on your behalf, we may require that you (1) provide the authorized agent written permission to do so and (2) provide us a copy of the authorization or a copy of a power of attorney.
In authenticating requests, we employ reasonable measures to detect fraudulent requests and prevent unauthorized access to your personal information. To meet our obligations, we are required to authenticate your identity and the identity of your authorized agent, if the request is submitted via an agent, by associating the information provided in your request to personal data previously collected by us.
If we suspect fraudulent or malicious activity on or from the password-protected account, we may decline a request or request that you provide further authenticating information.
Making an authenticated consumer request does not require you to create an account with us. We will only use personal data provided in an authenticated consumer request to authenticate your identity or authority to make the request.
This Privacy Policy Addendum supplements the Privacy Policy above and describes additional rights of residents of the European Union (EU) or United Kingdom (UK).
We have delegated authority to our Associate General Counsel of Compliance to serve the role of Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy.
Email: compliance@quantinuum.com
If you are located in the EU, EEA, Switzerland or UK you have the right to lodge a complaint with an EU or the UK Supervisory Authority. We would, however, appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.
Personal Data may be transferred to or processed in locations outside of the European Economic Area (EEA), some of which have not been determined by the European Commission to have an adequate level of data protection. In that case, for personal data subject to European data protection laws, we take commercially reasonable measures designed to provide the level of data protection required in the EU, including ensuring transfers are governed by the requirements of the Standard Contractual Clauses adopted by the European Commission, or another adequate transfer mechanism.
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. Please contact us at compliance@quantinuum.com if you would like more information.
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your working relationship with us.
In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Under certain circumstances, by law you have the right to:
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
In circumstances where you may have provided your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You have the right to withdraw consent to marketing by following the opt-out links on any marketing message. To withdraw your consent for another circumstance, please contact us at compliance@quantinuum.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
This Data Privacy Policy (“Policy”) is not intended to create contractual obligations. Employment with the Company is at will, in the U.S. and where otherwise permitted by law, which means that either the Company orthe employee may terminate the employment relationship at any time and for any reason, without notice. The Company reserves the right to modify, amend, or terminate this Policy at any time. This Policy supersedes any prior policies of the Company or its predecessors, subsidiaries, and affiliates, whether written or oral, on the topics covered in this Policy.
This Policy is the property of the Company. It is the reader’s responsibility to review the intranet publication of this policy to ensure the most current version is being referenced before taking action based on this printed copy, which may be outdated.