Privacy Policy
Who we are
Siembra is a SRM and automation platform provided by SIEMBRA registered under number 933 108 664 R.C.S. Versailles (French Authorities).This Privacy Policy is hosted on our website https://siembra.io and is accessible at any time via the link in our homepage footer.
Data collection
Information you provide
- Contact details such as name, email & company information.
- Device/IP Data such as IP address, device ID, domain server, and type of device/ operating system/ browser used to access the Services.
- Account credentials (to sign into Siembra).
- Other Identifying Information that You Voluntarily Choose to Provide such as emails, letters, texts, or other communications you send us.
- Supplier-related data you upload or connect to Siembra, which may include:
- Supplier names, contact details, certifications, compliance documents (e.g. RoHS, REACH), contracts, invoices, or other supply chain records.
- Risk assessments, audit data, or internal notes.
Data from connected service
If you choose to integrate Siembra with third-party services (such as Google Drive or your internal document systems), we may access:
- Files and metadata you explicitly select to import (e.g. supplier contracts or compliance certificates stored in Google Drive).
- Data you export from your ERP or other systems and upload to Siembra.
We only access and process such data to provide you with Siembra’s features (like document management, supplier scoring, or compliance checks).
Data use
We use your personal information and any supplier-related data you provide or connect (whether via manual upload, ERP exports, or third-party integrations) to:
- Provide and maintain the Siembra platform.
- Help you manage supplier-related information such as documents, communications, compliance records, and risk assessments.
- Deliver analytics and visualizations you request.
- Sending emails and other communications according to your preference.
- Respond to your requests and support tickets.
We do not sell or rent your personal information or Google user data to third parties. We may share your data only:
- With service providers (under contract) who help us operate Siembra (e.g., cloud hosting, analytics) — always under data protection agreements.
- If required by law or to protect our legal rights.
Data security
We take the security of your data seriously. Siembra implements appropriate physical, technical, organizational, and administrative safeguards designed to protect your personal information and supplier data from unauthorized access, use, or disclosure. The specific measures we use depend on the nature of the data and how it is processed, and include:
- Encryption of data in transit and at rest
- Access controls and authentication procedures for our staff and systems
- Regular monitoring for vulnerabilities and security updates
While we work hard to safeguard your data, security is also a shared responsibility. We encourage you to:
- Choose strong passwords and keep them confidential
- Limit access to your devices and browser
- Sign out of your account when finished
Although we strive to protect your data, no method of transmission over the Internet or electronic storage is completely secure. Therefore, we cannot guarantee absolute security. If you have any concerns about security, please contact us at
support@siembra.io.
Data retention & deletion
We take the security of your data seriously. Siembra implements appropriate physical, technical, organizational, and administrative safeguards designed to protect your personal information and supplier data from unauthorized access, use, or disclosure. The specific measures we use depend on the nature of the data and how it is processed, and include:We use your information to:
- Account & Supplier Data: Retained while your account remains active.
- Uploaded or Imported Files: Stored securely until you delete them or close your account.
- Audit Logs & Backups: Maintained for a limited period for compliance or security purposes.
You can request deletion of your account or data at any time by contacting
support@siembra.com. Upon such a request, we will delete your data from our active systems and instruct our providers to do the same, unless retention is required by law.
GDPR
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have certain rights under data protection laws, including the General Data Protection Regulation (GDPR). These include the right to:
- Access your personal data (a copy of the data we hold about you).
- Rectify your personal data if it is inaccurate or incomplete.
- Erase your personal data under certain circumstances (the “right to be forgotten”).
- Restrict or object to our processing of your personal data in some cases.
- Port your personal data to another provider (data portability).
- Withdraw your consent at any time where we rely on consent to process your information.
To exercise any of these rights, please contact us at
support@siembra.com. We may request proof of identity to verify your request.If you believe our processing of your personal data violates data protection laws, you also have the right to lodge a complaint with your local data protection authority.
Contact information
If you have any questions about this Privacy Policy or our privacy practices, please contact us at:
support@siembra.com
Last update: July 15th, 2025
.png)