Last Updated: [2/5/26]

At Fermat Commerce, Inc. (“Fermat,” “we,” “us,” or “our”), we are committed to protecting your privacy and being transparent about how we collect, use, share, and protect personal information. This Privacy Policy (“Policy”) explains our privacy and data practices when you use:

• Our website at https://www.fermatcommerce.com (the “Website”),
• Our brand-facing dashboard and related SaaS tools (the “Dashboard”),
• Any Fermat-powered funnels and landing pages (the “Funnels”), and
• Any related services, sales, marketing, or events (collectively, the “Services”).

If you do not agree with this Policy, please discontinue use of the Services.

If you have questions, contact us at privacy@fermatcommerce.com.

Table of Contents

1. When We Collect Personal Information
2. Personal Information We Collect
3. How We Use Personal Information
4. How We Share Personal Information
5. Your Privacy Choices and Rights
6. Cookies, Tracking Technologies, and Opt-Out Tools
7. U.S. State Privacy Disclosures
8. Security & Retention
9. Links on Our Services
10. Changes to This Policy
11. Contact Us

1. When We Collect Personal Information

We collect personal information when:

• You sign up for or access our Dashboard
• You visit or interact with the Website or Funnels
• You upload company data into the Dashboard
• You request a demo or join our newsletter
• You communicate with support, sales, or our team
• You interact with our emails or marketing content
• Your browser or device automatically communicates information to our systems

2. Personal Information We Collect

We collect personal information in the following categories.

A. Information You Provide Directly

This includes:

• Account registration information (email, password)
• Demo request or newsletter signup information (name, email, phone, company website, job title)
• Support communications and help desk interactions
• Company marketing or performance data uploaded by you
• Any information voluntarily provided through forms or submissions

We do not offer third-party login (e.g., Google SSO).

B. Information We Automatically Collect

When you use the Website, Dashboard, or Funnels, we automatically collect:

• IP address
• Device information
• Browser type and settings
• Date/time of visits
• Page views, clickstream, scroll depth
• Referring and exit pages
• Session duration
• Product and content interactions
• Performance metrics

We use cookies, pixels, tags, JavaScript, session replay tools, and browser storage (HTML5) to collect this information.

We do not use Flash cookies and do not use IP-based reidentification services.

Where IP addresses are collected, they are used solely for security, fraud prevention, and aggregate analytics purposes and are not used to identify individual consumers.

C. Information Collected from Third Parties

We may receive:

• Website metadata and analytics from LinkedIn or other platforms you interact with
• Enrichment data from vendors about business professionals engaging with our Website or communications
• Funnel-level analytics about consumer behavior aggregated through marketing attribution platforms (if configured by customers)

We do not collect or receive payment card information directly; Stripe processes this data for us.

D. Anonymized Event Data (Shopify Pixel)

We use a proprietary pixel installed on customers’ Shopify stores to collect anonymized event data, including:

• Page views
• Product interactions
• Funnel engagement
• Non-identifiable behavioral metrics

This data is used exclusively for:

• Funnel performance analysis
• Experiment generation
• Product improvement (e.g., Forever Link Split Testing)

We do not collect identifiable personal information from these events, and we do not sell or share this data with third parties for commercial gain.

E. Data Collected From Funnel Visitors (Consumers)

Visitors to Fermat-powered Funnels may generate:

• IP address
• Device and browser information
• Engagement data (clicks, views, scrolls)
• Session replay analytics

We do not link Funnel visitor cookies or IP addresses to identifiable personal data such as name, email, or address.

F. Children’s Data

Our Services are intended for business professionals.

We do not knowingly collect personal information from individuals under 18.

If you believe a minor’s information was collected, contact us and we will delete it.

3. How We Use Personal Information

We use personal information for the following purposes:

• Providing and improving the Services
• Operating and securing the Dashboard and Funnels
• Personalizing your experience
• Responding to support inquiries
• Sending product updates, alerts, and marketing
• Conducting analytics and performance measurement
• Detecting and preventing fraud or misuse
• Complying with applicable laws and agreements
• Operating our business (e.g., billing, audits, reporting)
• Any purpose with your consent

Any training or enhancement of models uses only aggregated, anonymized, or de-identified data and does not involve identifiable personal data unless expressly permitted under a written agreement.

Roles Under Privacy Laws

When we process Customer Personal Data through our Dashboard or Funnels on behalf of our Customers, we act as a processor or service provider, and our Customers act as the controller of that data. We process such data strictly in accordance with our agreements with Customers, including our Data Processing Addendum.

4. How We Share Personal Information

We may share personal information with:

A. Service Providers (Subprocessors)

Fermat uses trusted third-party service providers (“Subprocessors”) to support hosting, analytics, support, and product functionality. Our current Subprocessor list, including descriptions of their services, is available at:

https://www.fermatcommerce.com/subprocessors

We may update this list from time to time as described in our Data Processing Addendum. We notify Customers of new Subprocessors in advance of their engagement, as required under our Data Processing Addendum.

B. Payment Processor

• Stripe (collects payment card data on our behalf)

C. Affiliates

• Fermat Commerce India Private Limited (engineering, operations, compliance support)

D. Directed by You

Examples:

• Integrations with your marketing attribution platforms
• Syncing event data with marketing tools

E. Legal and Compliance

We may disclose information to:

• Protect rights, property, or safety
• Detect fraud or security issues
• Comply with subpoenas, legal requests, or government inquiries

F. Business Transfers

We may share information during:

• Mergers
• Acquisitions
• Financing events
• Asset sales

Successor entities may use your information consistent with this Policy.

G. Aggregated or De-Identified Data

We may collect, create, use, and share aggregated, anonymized, or de-identified information for any lawful purpose, including:

• Analytics
• Performance measurement
• Research and development
• Improving existing features
• Developing new products, services, or capabilities
• Benchmarking
• Generating insights and trends

This information does not identify you or your end users, and we will not attempt to re-identify any anonymized or de-identified data.

5. Your Privacy Choices and Rights

You may have the right to:

• Access the personal information we maintain
• Delete your information
• Correct inaccurate information
• Opt out of email marketing
• Opt out of non-essential cookies or tracking technologies
• Request details about our data practices

You can exercise rights by contacting privacy@fermatcommerce.com.

Data Subject Requests Submitted to Fermat

If you are an end user of a brand using Fermat, please direct your privacy rights requests (access, deletion, correction, etc.) to the brand directly. We process such data on behalf of our Customers and will assist them in responding to requests in accordance with our agreements.

6. Cookies, Tracking Technologies, and Opt-Out Tools

We use cookies, pixels, web beacons, session replay tools, and browser storage to operate the Services.

A. Managing Cookies via Browser

Most browsers allow you to block or delete cookies.

See: www.allaboutcookies.org

B. Advertising Industry Opt-Out Tools

You may limit interest-based advertising through:

• http://optout.aboutads.info

C. Vendor-Specific Opt-Outs

Some advertising partners offer opt-outs:

D. Session Replay Tools

We use Microsoft Clarity, Posthog, and Vantara for analytics, including on Funnels.

E. Brand-Configured Pixels

Brands may configure additional analytics or advertising pixels in Funnels.

International Transfers

If we transfer personal information to third countries, we do so using lawful transfer mechanisms such as the Standard Contractual Clauses and the UK Addendum, as described in our Data Processing Addendum.

7. U.S. State Privacy Disclosures

• Fermat does not “sell” or “share” personal information as defined by CPRA or other state laws.
• Categories of collected and disclosed information are described in Sections 2 and 4.
• You may request deletion, access, or correction by emailing privacy@fermatcommerce.com.

8. Security & Retention

Security

We use industry-standard safeguards, including:

• Encryption
• Access controls
• Monitoring and logging
• Incident response processes

No system is completely secure.

Retention

We retain personal information for as long as reasonably necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce our agreements unless:

• You request deletion
• Retention is no longer necessary
• Law requires shorter or longer retention

Backup copies may persist temporarily for security.

9. Links on Our Services

Our Services may contain links to third-party websites. We do not control their privacy practices and encourage you to review their policies.

10. Changes to This Policy

We may update this Policy periodically.

The updated version will include the “Last Updated” date at the top.

11. Contact Us

Fermat Commerce, Inc.

300 Brannan St. Suite 304

San Francisco, CA 94107

Email: privacy@fermatcommerce.com

‍