Privacy Policy
Last Updated: February 4, 2026
This Privacy Policy describes how Reem ("Reem", "we", "us", or "our") collects, uses and discloses information, and what choices you have with respect to the information.
Scope of this Privacy Policy
This Privacy Policy applies to Reem's cyber risk management platform and services, including applicable mobile and desktop applications (collectively, the "Services"), reem-security.com and other Reem websites (collectively, the "Websites") and other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with Reem. If you do not agree with the terms, do not access or use the Services, Websites, or any other aspect of Reem's business.
This Privacy Policy does not apply to any third-party applications or software that integrate with the Services through the Reem platform ("Third-Party Services"), or any other third-party products, services or businesses.
Data Controller
Reem Security SAS, a company registered in France, is the data controller responsible for your personal data.
Contact Information:
Email: contact@reem-security.com
Address: 6 Rue d'Armaillé 75017 Paris
For all privacy-related inquiries, data subject requests, or concerns about how we handle your personal data, please contact us at the email address above.
Information Reem Collects and Receives
Reem may collect, generate, and receive information ("Information") in a variety of ways:
2.1 Information You Provide Us
Demo request information: When you submit our demo booking form, we collect:
Full name
Email address
Company name
Job title
Contact information: When you contact us via email or other communication channels, we collect the information you provide in your inquiry.
2.1 Information Automatically Collected
Log data: As with most technology services delivered over the Internet, our servers automatically collect information when you access or use our Websites and record it in log files. This log data may include:
Internet Protocol (IP) address
The address of the web page visited before using the Website
Browser type and settings
The date and time the Website was accessed
Information about browser configuration and plugins
Language preferences
Device information: Reem collects information about devices accessing the Website, including type of device, what operating system is used, device settings, unique device identifiers and crash data. Whether Reem collects some or all of this information often depends on the type of device used and its settings.
Location information: Reem receives information that may help Reem approximate your location. Reem may, for example, use a business address submitted by your company, or an IP address received from your browser or device to determine approximate location.
2.1 Additional Information
Third-party data: Reem may receive data about organizations, industries, Website visitors, marketing campaigns and other matters related to our business from partners, or others that Reem engages with to make Reem's own information better or more useful. This data may be combined with other Information Reem collects.
Additional information provided to Reem: Reem receives Information when submitted to our Websites or in other ways, such as if you participate in a contest, activity or event, apply for a job, request support, interact with our social media accounts or otherwise communicate with Reem.
Legal Basis for Processing
Under GDPR, we process your personal data based on the following legal grounds:
Consent: When you submit the demo booking form, you provide explicit consent for us to process your personal data to contact you about our services
Legitimate interests: We process certain data (such as website analytics) based on our legitimate interest in understanding how our website is used and improving our services, while ensuring this does not override your rights and freedoms
Legal obligations: We may process your data to comply with legal requirements
How We Use Your Information
Reem uses Information in furtherance of our legitimate interests in operating our Services, Websites, and business. More specifically, Reem uses Information:
To provide, update, maintain and protect our Services and Websites: This includes use of Information to support delivery of the Services, prevent or address service errors, security or technical issues, analyze and monitor usage, trends and other activities
To respond to your requests: When you submit a demo request or contact us, Reem uses your information to respond to your inquiry and provide information about our cyber risk management services
To communicate with you: Reem may send you service, technical and other administrative emails, messages, and other types of communications. Reem may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered essential and you may not opt out of them
For marketing purposes: Reem may send emails about new product features, promotional communications, or other news about Reem. These are marketing messages so you can control whether you receive them
To develop and provide features: Reem may use aggregated and anonymized Information to develop new Services or improve existing Services and understand how our Website is used
For billing and account management: When our Services launch, Reem may need to contact you for invoicing, account management, and similar administrative matters
To investigate and help prevent security issues: To detect, prevent, and address technical issues, security threats, and abuse
As required by applicable law: To comply with legal process, or regulation
If Information is aggregated or de-identified so that it is no longer reasonably associated with an identified or identifiable natural person, Reem may use it for any business purpose. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as "Personal Data."
Data Sharing and Disclosure
This section describes how Reem may share and disclose Information. We do not sell, trade, or rent your personal data to third parties.
5.1 Service Providers and Partners
Reem may engage third-party service providers or business partners to process Information and support our business. These third parties may, for example, provide:
Website hosting services (Framer)
Analytics services
Email service providers
Cloud computing and storage services
These service providers are contractually obligated to protect your data and use it only for the purposes we specify, and will be bound by appropriate and commercially reasonable confidentiality obligations.
5.2 Business Transfers
If Reem engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Reem's assets or stock, financing, public offering of securities, acquisition of all or a portion of Reem's business, a similar transaction or proceeding, or steps in contemplation of such activities, some or all Information may be shared or transferred, subject to appropriate and commercially reasonable confidentiality arrangements.
5.3 Legal Requirements
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency), including to meet national security or law enforcement requirements. If compelled to disclose Information to a law enforcement or government agency, Reem will give reasonable notice when legally permitted to do so.
5.4 Protection of Rights and Safety
To protect and defend the rights, property, or safety of Reem or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
5.5 Aggregated or De-identified Data
Reem may disclose or use aggregated or de-identified Information for any purpose. For example, Reem may share aggregated or de-identified Information with prospects or partners for business or research purposes.
5.6 With Consent
Reem may share Information with third parties when Reem has consent to do so.
Data Retention
Reem retains Information for as long as necessary for the purposes described in this Privacy Policy. This may include keeping Information for the period of time needed for Reem to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes, and enforce our agreements.
Specifically:
Demo requests: We retain demo request information for up to 3 years from the date of submission, or until you request deletion
After the retention period expires, we will securely delete or anonymize your personal data.
Your Rights Under GDPR
Individuals located in the European Economic Area, Switzerland, and the United Kingdom have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the following rights:
Right of Access: You have the right to request a copy of the personal data we hold about you
Right to Rectification: You can request that we correct any inaccurate or incomplete personal data
Right to Erasure: You can request that we delete your personal data under certain circumstances (also known as the "right to be forgotten")
Right to Restriction of Processing: You can request that we restrict the processing of your personal data in certain circumstances
Right to Data Portability: You can request a copy of your data in a structured, commonly used, and machine-readable format
Right to Object: You can object to the processing of your personal data in certain circumstances, including for direct marketing purposes
Right to Withdraw Consent: You can withdraw your consent at any time where processing is based on consent, without affecting the lawfulness of processing based on consent before its withdrawal
Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority
To exercise any of these rights, please contact us at contact@reem-security.com. We will respond to your request within one month, as required by GDPR. We may request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).
International Data Transfers
Your personal data is processed and stored within the European Union. Reem does not currently transfer your data outside the EU/EEA. If we need to transfer data internationally in the future, we will ensure appropriate safeguards are in place in accordance with GDPR requirements, such as:
European Union Standard Contractual Clauses: Reem will offer Standard Contractual Clauses (also known as Model Clauses) to meet the adequacy and security requirements for data transfers
Adequacy decisions: Transferring data only to countries that have been deemed to provide an adequate level of data protection by the European Commission
8.1 Identifying the Data Controller
For the purposes of data protection law, Reem is the data controller of the Information collected through our Websites and demo request forms. As the data controller, we determine the purposes and means of processing your Personal Data.
Security
Security is critical to Reem's mission, and Reem takes security of data seriously. Reem uses industry-standard technical and organizational measures to protect Information from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Information Reem collects, processes, and stores, and the current state of technology.
Our security measures include:
Encryption of data in transit using SSL/TLS protocols
Secure hosting infrastructure
Access controls and authentication mechanisms
Regular security assessments and updates
Employee training on data protection and security best practices
Given the nature of communications and information processing technology, Reem cannot guarantee that Information in our care will be absolutely safe from intrusion by others during transmission through the Internet or while stored on our systems or otherwise. When you click a link to a third-party site, you will be leaving our site and Reem doesn't control or endorse what is on third-party sites.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the 'Last Updated' date and may notify you through our website or other appropriate means.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
Data Protection Authority
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority if you believe that we have not handled your personal data in accordance with GDPR or applicable data protection laws.
If you are a resident of France or the European Economic Area, you may direct questions or complaints to the French Data Protection Authority (CNIL):
French Data Protection Authority (CNIL):
Commission Nationale de l'Informatique et des Libertés
3 Place de Fontenoy
TSA 80715
75334 PARIS CEDEX 07
France
Website: www.cnil.fr
If you are a resident of the United Kingdom and believe we maintain your Personal Data within the scope of the applicable laws relating to personal data in the United Kingdom, you may direct questions or complaints to the UK supervisory authority, the Information Commissioner's Office (ICO).
Contacting Reem
Please feel free to contact Reem if you have any questions about this Privacy Policy or Reem's practices, or if you are seeking to exercise any of your statutory rights. Reem will respond within a timeframe that is compliant with all applicable regulations.
Reem
Email: contact@reem-security.com
We are committed to resolving any privacy concerns you may have and will respond to your inquiry as promptly as possible.
Legal Mentions
Company name: Reem Security SAS
RCS registration number: 100 371 699 R.C.S. Paris
HeadQuarter: 6 Rue d'Armaillé 75017 Paris
Website hosted at Framer B.V., Rozengracht 207, 1016 LZ, Amsterdam, Netherlands. Contact contact@framer.com.