Privacy Policy
If you are a California resident, please see our CCPA Privacy Policy. If you are an EEA resident please see our GDPR Privacy Policy.
Effective Date: 8/21/2021
Last Updated: 3/21/2025
-
Introduction
Bourbaki Intelligent Systems, Inc. dba Minerva CQ (“Minerva CQ”, "Company," "we," "our," or "us") is committed to protecting the privacy and security of personal data in compliance with the General Data Protection Regulation (GDPR). This Data Privacy Policy outlines how we collect, use, store, and share personal data in accordance with GDPR requirements.
-
Scope
This policy applies to all individuals whose personal data we process, including but not limited to:
-
Customers and clients
-
Employees and contractors
-
Business partners and suppliers
-
Website visitors and users of our digital services
3. Affirmation of Commitment
Bourbaki Intelligent Systems, Inc. dba Minerva CQ complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) as set forth by the U.S. Department of Commerce. Bourbaki Intelligent Systems, Inc. dba Minerva CQ has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/
Minerva CQ is subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).
4. Data Collection
We may collect the following types of personal data:
-
Identifying information (e.g., name, contact details, address).
-
Financial information (e.g., payment details, billing information).
-
Technical data (e.g., IP addresses, device information, cookies).
-
Communication data (e.g., emails, customer service interactions).
-
Any other personal data necessary for our business operations and legal compliance.
5. Lawful Basis for Processing
We process personal data under the following legal bases:
-
Consent: When individuals provide explicit consent for specific data processing activities.
-
Contractual Necessity: To fulfill contractual obligations with individuals.
-
Legal Obligation: When processing is required to comply with legal and regulatory requirements.
-
Legitimate Interests: When processing is necessary for our legitimate business interests, provided that it does not override individual rights and freedoms.
6. Use of Data
We use the collected personal data for the following purposes:
-
Providing and improving our products and services.
-
Communicating with individuals regarding inquiries, support, and transactions.
-
Ensuring security and preventing fraud.
-
Complying with legal obligations and regulatory requirements.
-
Conducting analytics and research to enhance our business operations.
7. Third-Party Data Sharing and Disclosure
Minerva CQ may share personal data with specific categories of third parties under strict contractual and legal controls, including:
-
Business Process outsourcers – for analytics approved/requested by the end client business being served
-
Cloud service providers – for real-time infrastructure support
-
Authorized customer integrations – for connecting with tools such as CRMs
-
Performance analytics providers – limited to anonymized or aggregated data unless otherwise permitted
-
Legal or regulatory authorities – when required by law.
8. Onward Transfer and Liability
In accordance with the DPF Principles, Minerva CQ remains liable for the processing of personal data by third parties it engages to process such data on its behalf, unless it can demonstrate that it is not responsible for the event giving rise to the damage.
All onward transfers to third parties are conducted under written agreements requiring compliance with data protection obligations consistent with the DPF Principles.
9. Individual Rights Under GDPR
Individuals whose data is collected have the following rights under GDPR:
-
The right to access, rectify, or erase their personal data.
-
The right to restrict or object to processing.
-
The right to data portability.
-
The right to withdraw consent where applicable.
-
The right to lodge a complaint with a supervisory authority.
Minerva CQ provides individuals with the opportunity to opt out of:
-
The disclosure of their personal information to third parties (except where required by law or necessary for legitimate business operations); and
-
The use of their personal information for purposes that are materially different from the original purpose of collection or subsequently authorized use.
To exercise these choices, individuals may contact us at:
Email: privacy@minervacq.com
Subject Line: "DPF Privacy Opt-Out Request"
For sensitive personal data, Minerva CQ will obtain affirmative express consent (opt-in) before disclosing the data to third parties or using it for a materially different purpose.
10. Complaints
In compliance with the EU-U.S. DPF, Minerva CQ commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF.
Individuals with inquiries or complaints regarding Minerva CQ’s compliance with the DPF should first contact:
Email: privacy@minervacq.com
Mailing Address: 440 N Wolfe Rd Sunnyvale 94086 USA
If an issue remains unresolved, individuals may lodge a complaint with their local EU Data Protection Authority (DPA). Minerva CQ has committed to cooperate with the EU DPA panel and comply with its guidance. This recourse is provided free of charge.
If neither Minerva CQ nor the DPA resolves your complaint, under certain conditions, you may invoke binding arbitration as a final mechanism. Minerva CQ has committed to participate in the binding arbitration process and to follow the terms set forth in Annex I of the DPF Principles, provided that an individual has invoked arbitration by delivering notice and following all procedures outlined in Annex I.
11. Data Security
We implement industry-standard security measures to protect personal data from unauthorized access, loss, misuse, or alteration. These measures include:
-
Encryption of sensitive data.
-
Access controls and authentication mechanisms.
-
Regular security audits and GDPR compliance assessments.
12. Data Retention
We retain personal data only for as long as necessary to fulfill legal, contractual, and operational requirements. Data is securely deleted or anonymized once it is no longer needed.
13. Policy Updates
We may update this Data Privacy Policy periodically to reflect changes in regulatory requirements, technological advancements, or business practices. Updates will be communicated through our official channels.
14. Contact Information
For any questions or concerns regarding this policy, please contact:
Bourbaki Intelligent Systems, Inc. dba Minerva CQ,
att: CEO
440 N Wolfe Rd Sunnyvale 94086 USA
Email: privacy@minervacq.com