SIRP AI Privacy Policy
Last Updated: May 27, 2026
SIRP AI, Inc. (“SIRP AI,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with our websites at sirp.ai and any subdomains, our software-as-a-service platform, our mobile and onsite activations, our APIs, and related services (collectively, the “Services”).
This Privacy Policy applies to (a) visitors of our public website, (b) representatives of our business customers who use our platform, and (c) end users (such as event attendees) whose information is processed by our customers through the Services.
When you visit our website or interact with our marketing and sales activities, SIRP AI acts as a controller (or “business” under California law) of personal information about you, meaning we determine the purposes and means of processing.
When our business customers upload audience or attendee data into the Services, SIRP AI acts as a processor (or “service provider”) on behalf of those customers, who are the controllers of that data. If you are an event attendee or other end user whose information is held in our customers’ accounts, please contact the relevant customer directly to exercise rights over that data. We will support our customers in responding to such requests as required by applicable law and our contracts with them.
We collect information you submit directly to us, such as when you request a demo, contact sales, create an account, configure the Services, communicate with us, or upload Customer Data.
When you use our website or platform, we and our service providers collect certain information automatically, including log data, IP address, device and browser identifiers, pages viewed, links clicked, referring URLs, and timestamps. We use cookies and similar technologies as described in Section 7.
We may receive information from third parties, such as authentication providers (e.g., single sign-on), payment processors (limited transaction information; we do not store full payment card numbers), business contact data providers, and your event-management, CRM, or ticketing platforms that you connect to the Services.
The categories of personal information we may collect are summarized below.
|
Category |
Examples |
Sources |
|
Identifiers |
Name, email address, phone number, business address, job title, account login credentials |
You; your Authorized Users; your event-management or ticketing systems |
|
Customer-Provided Audience Data |
Attendee names, email addresses, ticket types, purchase history, engagement profiles, demographic attributes you choose to share |
Customer accounts; integrations you authorize |
|
Commercial Information |
Subscription plan, billing details, sponsorship deal records, redemption data from offers and activations |
You; payment processors; activations and integrations |
|
Internet or Network Activity |
Log data, IP address, device identifiers, browser type, pages visited, referring URLs, timestamps, interactions with the Services |
Automatically from your devices and browsers |
|
Geolocation (Approximate) |
City- or region-level location inferred from IP address |
Automatically from your devices and browsers |
|
Inferences |
Audience segment categorizations, brand affinity scores, sponsorship fit predictions, engagement scores |
Generated by SIRP AI from data described above |
Sensitive personal information: We do not knowingly collect government-issued identifiers, payment card account numbers, financial account credentials, precise geolocation, biometric identifiers, health information, or information about a known minor (under 16). Customers are contractually prohibited from uploading such categories of information to the Services without a separate written agreement with us.
We use personal information for the following purposes:
• Providing the Services. Operating, maintaining, securing, and supporting the platform; authenticating users; processing transactions; surfacing sponsor recommendations and offer redemptions; generating post-event analytics for the customer who owns the data.
• Improving the Services. Analyzing usage, debugging, monitoring performance, and developing new features. We may train and improve our matching and analytics models using aggregated and de-identified data.
• Communications. Responding to inquiries; sending service-related messages (such as updates, security alerts, and billing notices); and, with appropriate consent where required, sending marketing communications about SIRP AI.
• Sales and Marketing. Identifying prospects, qualifying leads, personalizing our website, measuring the effectiveness of our marketing, and hosting events.
• Security and Fraud Prevention. Detecting, investigating, and preventing fraudulent, unauthorized, or illegal activity, and protecting the rights, property, and safety of SIRP AI, our customers, and others.
• Legal and Compliance. Complying with applicable laws, regulations, court orders, and lawful requests by public authorities; enforcing our agreements; and exercising or defending legal claims.
• Corporate Transactions. Evaluating, negotiating, or completing mergers, acquisitions, financings, restructurings, or sales of all or part of our business.
We do not sell personal information for money, and we do not use Customer Data (the audience or attendee data uploaded by our customers) to train AI models that are made available to other customers in identifiable form. We use aggregated and de-identified data — which does not identify any individual, customer, or event — to improve our models and benchmarks.
If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process personal information on one or more of the following legal bases:
• Performance of a contract — to provide the Services you have requested or to take steps at your request before entering a contract;
• Legitimate interests — to operate, secure, and improve our business, where those interests are not overridden by your rights and freedoms;
• Consent — for activities such as marketing where consent is required, which you may withdraw at any time; and
• Legal obligation — to comply with applicable law and lawful requests.
We share personal information only as described below. We do not sell personal information, and we do not share Customer Data with third parties for their own advertising or marketing purposes.
• Service Providers. We share information with vendors that help us provide the Services, such as cloud hosting, analytics, error monitoring, customer support, email delivery, and payment processing. These providers act on our instructions under written agreements that protect the information.
• Customers. Information you submit about activations or offers (such as redemption data) is made available to the customer operating the event, consistent with that customer’s privacy notices.
• Affiliates. We may share information with our corporate affiliates that are bound by terms consistent with this Privacy Policy.
• Corporate Transactions. In connection with a merger, acquisition, financing, or sale of assets, we may share information with relevant parties, subject to standard confidentiality protections.
• Legal and Safety. We may disclose information when we believe in good faith that disclosure is required by law, legal process, or to protect rights, property, or safety.
• With Your Direction. We share information with third parties at your direction or with your consent, such as when you integrate the Services with a third-party platform.
We are headquartered in the United States, and the Services are hosted in the United States and other jurisdictions where we or our service providers operate. If you access the Services from outside these jurisdictions, your information will be transferred to and processed in countries that may have data protection laws different from those of your country. Where required, we use appropriate safeguards (such as Standard Contractual Clauses approved by the European Commission and the UK International Data Transfer Addendum) for international transfers of personal information.
We and our service providers use cookies, pixels, SDKs, local storage, and similar technologies to operate and secure the Services, remember your preferences, measure performance, and (with consent where required) market to you. Categories include:
• Strictly necessary — required for the Services to function, such as authentication and load balancing.
• Functional — remember your settings and preferences.
• Analytics — understand how the Services are used so we can improve them.
• Marketing — measure and personalize our marketing, where permitted.
You can control cookies through your browser settings, and where applicable, through the cookie banner provided on our website. Disabling certain cookies may affect functionality.
We support Global Privacy Control (GPC) signals as an opt-out preference signal for users in jurisdictions where this is required.
We retain personal information for as long as needed to provide the Services, fulfill the purposes described in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary by data type and context. Customer Data is retained in accordance with the customer’s subscription terms and instructions; following termination, Customer Data is deleted from active systems within a defined window, subject to backup and legal-hold requirements.
We maintain administrative, physical, and technical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These measures include encryption in transit and at rest for sensitive fields, role-based access controls, network segmentation, logging and monitoring, employee training, and vendor risk management. We work to align our security program with industry-recognized frameworks. No method of transmission or storage is 100% secure, however, and we cannot guarantee absolute security.
Subject to applicable law, you may have rights to: access the personal information we hold about you; correct inaccurate information; delete personal information; obtain a copy in a portable format; restrict or object to certain processing; opt out of targeted advertising or profiling that produces legal or similarly significant effects; and withdraw consent where processing is based on consent.
To exercise these rights with respect to your interactions with SIRP AI directly (for example, as a website visitor or platform user), email privacy@sirp.ai. We will verify your request and respond within the timeframes required by applicable law. You will not be discriminated against for exercising your privacy rights.
If your information is held by one of our customers (for example, because you are an event attendee), please contact that customer directly. We will support customers in responding to requests as required by law and by our agreements with them.
If you are a California resident, you have the rights described above, including the right to know what personal information we collect, use, disclose, and “sell” or “share” (as those terms are defined under California law); the right to delete; the right to correct; the right to opt out of “sale” or “sharing” for cross-context behavioral advertising; and the right to limit the use of sensitive personal information. We do not “sell” personal information in exchange for monetary consideration, and we do not knowingly “sell” or “share” personal information of consumers under 16. The categories of personal information collected and our purposes for collection are described in Sections 2 and 3.
If you are located in the EEA, UK, or Switzerland, you have the rights described above. You also have the right to lodge a complaint with your local supervisory authority. For inquiries, contact privacy@sirp.ai.
Where permitted by law, you may use an authorized agent to submit a request on your behalf. We will require written authorization and may also verify your identity directly.
The Services are intended for business use and are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact privacy@sirp.ai and we will take appropriate steps to delete it.
The Services may contain links to third-party websites, products, or services, including sponsor and ticketing platforms. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. Please review the privacy notices of any third-party services you use.
The Services use machine learning to generate sponsorship match scores, audience segment categorizations, and recommended offers. These outputs are intended as decision-support for our customers and should be reviewed by a human before acting on them. We do not use the Services to make decisions about you that produce legal or similarly significant effects without human review.
We may update this Privacy Policy from time to time. We will update the “Last Updated” date at the top, and we will provide additional notice (such as a banner on the website or an email to administrators) for material changes. Your continued use of the Services after the changes take effect constitutes your acceptance of the updated Privacy Policy.
If you have questions or concerns about this Privacy Policy or our privacy practices, please contact us:
Email: privacy@sirp.ai
General inquiries: sales@sirp.ai
Mail: SIRP AI, Inc., Detroit, Michigan, USA