skip to Main Content
Last Updated: April 26, 2024

Topia Inc. Privacy Notice

Topia Inc. Values Your Privacy

Topia Inc. and its affiliates (“Topia,” “we,” “us” or “our“) is committed to protecting and maintaining the privacy of your Personal Information (as defined below) and your right to privacy.

This Privacy Notice (“Notice”) describes Topia’s role and privacy practices as they pertain to accessing information about Topia via our website or events offered by or related to Topia, through engaging Topia, or by using our Platform (together, the “Services”). If you have any questions or concerns about our Policy or our practices with regards to your Personal Information, please contact us at privacy@topia.com.

Topia provides a Global Talent Mobility platform (“Platform”) that empowers HR teams to effectively deploy, manage, assess and engage employees across the world. We enable businesses to deliver mobility and immigration as part of a broader talent strategy, encompassing all types of employee work arrangements – remote and distributed workforces, business travel, and more traditional relocations and assignments – with a focus on enhanced employee experiences. Topia keeps companies and employees engaged and compliant wherever their work happens.

This Notice applies to the website that links to this Notice and the Services, including, but not limited to https://topia.com.

Further, this Notice distinguishes between the following activities:

1. Topia Visitors and Attendees

Topia acts as a Controller of personal data or Personal Information (collectively, “Personal Information”) of individuals who visit Topia website (“Visitors”), as well as of companies and individuals who register to attend Topia’s corporate events (“Attendees”).

2. Agreements with Customers

Topia local entities with whom you contract act as Controllers of Personal Information relating to any business contact details of personnel at a company that enters into an Agreement (“Customer“) relevant to entering into or administering delivery of the Services (the “Agreement”), or to the extent necessary for communicating information about the Services under the Agreement and in managing Topia’s invoicing and accounts.

3. Topia Platform

Topia acts as a Processor to the Customer and Topia’s Customer is the Controller of Personal Information, including confidential or proprietary information of enterprise Customers submitted to the Platform through the Customer Agreement (collectively, “Customer Data”). The Customer (e.g., your employer or another entity or person) that entered into the Agreement controls the Customer-Topia instance of the Services and any associated Customer Data. Additional terms related to privacy may be addressed in the applicable Agreement related to you or your company’s use of the Services. In this case, any access to Customer Data by Topia is only to the extent permitted and directed by Topia’s Customer in order to support the Customer-Topia instance of the Services. Insofar as Topia separately provides the Platform to you as a personal, individual customer, Topia processes Personal Information as a Controller.

This Privacy Notice does not apply to any third-party applications or software that integrate with the Services (“Third Party Services”), or any other third-party products, services or businesses. Topia does not access, collect, or use financial and payment information. Topia uses Stripe, a third-party payment services provider for payment processing (e.g. payment services processors). Financial or payment information is provided directly to Stripe, who uses your Personal Information pursuant to its privacy policy. Please refer to Stripe’s privacy policy at https://www.stripe.com/privacy.

Personal Information We Process

Personal Information is that information which identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you, your household, or your communications device (computer, tablet, mobile phone, etc.).

When you use Topia’s Services or otherwise engage with us, we may process from or about you, Personal Information which may include the following.

1. Topia Visitors and Attendees

Topia may collect and receive the following Visitor and Attendee Personal Information, in a variety of ways, including when you fill in any forms, such as a ‘Contact Us’ form, if you submit a question or otherwise correspond or engage with us, including by email or phone, when you register for or attend a corporate event or webinar, from your browser or device, or from information generated from your online browsing and activities.

CategoriesDescription and/or Examples
IdentifiersYour name, company title, role, alias, phone number, postal address, unique personal identifier, online identifier, username, account name, Internet Protocol (IP) address, email address, or other similar identifiers.
Professional or Employment-related Information.Your name, company, title, and email address, and information about the event registered for and or attended (“Attendee Information”).
Internet/Network ActivityBrowsing history, search history, your internet connection, the equipment you use to access our Website, as well as usage details, such as your Internet Protocol (IP) address, computer operating system and browser type, type of mobile device, the unique device identifier, the address of a referring website (if any), cookies and other tracking technologies, and the pages you visit on our Website. This may include hardware and browser information about your computer or device. 

2. Agreements with Customers

Topia may collect and receive the following Customer Personal Information, in a variety of ways as described above.

CategoriesDescription and/or Examples
IdentifiersYour name, company title, role, alias, phone number, postal address, unique personal identifier, online identifier, username, account name, Internet Protocol (IP) address, email address, or other similar identifiers.

3. Topia Platform

Topia may collect and receive the following Customer Personal Information or the Personal Information of Customers or Customer’s employees who have granted access to the Services (“Authorized Users”), in a variety of ways as described above.

CategoriesDescription and/or Examples
IdentifiersYour name, company title, role, alias, phone number, postal address, unique personal identifier, online identifier, username, account name, Internet Protocol (IP) address, email address, or other similar identifiers.
Professional or Employment-related Information.Your name, company, title, and email address, and information about the event registered for and or attended (“Attendee Information”), employee contact and role details, placement information, documentation required under immigration laws, payroll and compensation information, and talent management records. 
Internet/Network Activity/Usage InformationBrowsing history, search history, information on your interaction with our Website Topia’s Platform, your internet connection, the equipment you use to access our Website, as well as usage details, such as your Internet Protocol (IP) address, user login information, usage length of time, information regarding installation of the Platform. computer operating system and browser type, type of mobile device, the unique device identifier, the address of a referring website (if any), cookies and other tracking technologies, and the pages you visit on our Website. This may include hardware and browser information about your computer or device. It also may include Platform usage data, such as the date and time your usage of the Platform accessed our servers, and what information and files have been downloaded or uploaded to the Platform. Topia is not responsible for the authenticity of information submitted by Customer or Authorized User while using the Platform. 
Geolocation DataMeaning the physical location or movements of the device you use to connect with us online, including through use of Bluetooth, satellites, cell phone towers, Wi-Fi signals, or other technologies.
Sensitive Personal InformationMeaning the physical location or movements of the device you use to connect with us online, including through use of Bluetooth, satellites, cell phone towers, Wi-Fi signals, or other technologies.
Purposes for Processing

Topia processes Personal Information from or about you in the following ways:

1. Topia Visitors and Attendees

Unless we are required to obtain your consent, we will use your Personal Information in our legitimate interests where we have considered that these interests are not overridden by your rights to:

  • Ensure content is presented in the most effective manner for  your device;
  • Provide any information you request from us, including in responding to any queries you have submitted;
  • Administer our Website and Services for internal operations, including troubleshooting, data analysis, testing and statistical purposes;
  • Keep our Website and Services safe and secure;
  • Analyze the effectiveness of our social media channels and advertising we serve;
  • Register you for events and administer your attendance;
  • Participate in a focus group; and
  • Allow you to participate in interactive features when you choose to do so.
With your consent, where required, we will use your Personal Information to send you our marketing communications and deliver cookies, including updates leading up to and following an event, and when providing more information to you regarding Topia and our selected partners. Every marketing email you receive from us will have instructions on how to update your contact information or manage your communication settings, including the option to opt-out of further marketing emails.

2. Agreements with Customers

We will use your Personal Information to take steps to enter into any Customer contract or uphold our obligations arising out of a Customer contract, in particular:

  • To administer the Customer account under the Customer contract;
  • Keep a record of the account, including receipt of payments; and
  • Notify you of changes to our Services.
3. Topia Platform

When you log into the Platform, the Platform stores Personal Information that you or your Employer (our Customer) submits and uses. While in some cases you can make certain information private to you, by default your Personal Information is available to other Authorized Users of the Customer based on their role permission configuration selections enabled by your employer. Any access to Customer Data by Topia personnel is only to the extent authorized by the Customer in order to support the functioning of the Customer-Topia instance of the Services and as outlined in our Agreement between Topia and your company.

Aggregated Data

Topia may aggregate the metadata and Usage Information of you with regards to the Topia Website and/or Services so that the results are non-personally identifiable with respect to you (“Aggregated Anonymous Data”). Topia may use the Aggregated Anonymous Data:

  • For its own internal statistical analysis;
  • To develop and improve the Services; and
  • To create and distribute reports and other materials regarding use of the Services.
To be clear, Topia does not have the right (or ability) to publicly identify you as the source of any Aggregated Anonymous Data.

Cookies

A Cookie is a small piece of information that a website and online service can store via your Internet access device for later retrieval. Topia uses Cookies and other similar technologies in our Website and Services that help us collect Information. When you use our Services or visit our Website, any of them may place a Cookie within the memory of your internet access device.

Cookies enable you to be remembered when using that device and can be used to manage a range of features and content as well as storing searches and presenting personalized content. They allow us to distinguish you from other Visitors or Authorized Users.  Cookies also allow us to secure access-controlled areas of our Website and Services.

A number of Cookies we use last only for the duration of your online session and expire when you close your browser. We may also use permanent Cookies or server-side constructs to help us track use of our Services by Authorized Users, such as the number and frequency of visits to our pages and which parts of our Services are visited.

We use these Cookies and other technologies on the basis that they are necessary for the performance of a contract with you or because using them in in our legitimate interests, where we have considered that these are not overridden by your rights and, where required, where you have consented to their use. More information about the Cookies we use and the choices available to you is available within our cookie consent management banner and tool.

Our Disclosure of Personal Information

Topia will not otherwise disclose your Personal Information except as described within this Notice and within the Agreement. Topia will not sell, license, trade or rent your Personal Information, nor do we disclose your Personal Information to any third parties for their own marketing purposes. As permitted by applicable law, we may disclose your Personal Information to affiliates, agents, or other entities that have a legitimate business need to know such Personal Information in the course of their duties, and to service providers we believe to be necessary or appropriate, including for the following purposes:.

1. A Member of the Topia Group

Which means our affiliates, our ultimate holding company and its subsidiaries, who support our processing of Personal Information.

2. Business Partners

We may share Personal Information with partners of Topia in connection with Services that these individuals or entities perform with us, provided that these agents, contractors or partners are restricted from using said information in any way other than to the extent necessary to provide Services.

3. Organizations Acting on our Behalf

We may share Personal Information with third-party service providers (e.g., email service providers, payment services processors, analytics services, data infrastructure hosting storage and processing facilities) to let them perform business functions for us or on our behalf, subject to appropriate safeguards. We do not permit our service providers to use Personal Information that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.

4. To Comply with Laws or Enforce our Rights

We may also disclose Personal Information we receive if required by law, such as to comply with a subpoena, or similar legal process, or in response to a government request. We also may be required to disclose Personal Information in response to a lawful request by public authorities in efforts to meet national security or law enforcement requirements. We may also disclose Personal Information to protect and defend the rights, property or safety of Topia or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues. We may also  disclose Personal Information to relevant parties.

5. During a Change to Topia’s Business

We may disclose Personal Information in connection with any merger, acquisition, debt financing, sale of company assets, or other business transaction in which data could be transferred to third parties as one of our business assets subject to the terms of the Privacy Notice.

6. With Consent

Additionally, we may share your Personal Information with third parties when we have your consent to do so, including as indicated in the event registration form when registering for a Topia event to which you may specifically opt-in to share your Personal Information with Topia event partners. If you choose to share your Personal Information with Topia event partners by opting in to do so at event registration, your Personal Information will be subject to applicable business partners’ respective privacy policies. Customers determine their own policies and practices for the sharing and disclosure of Personal Information of its Authorized Users, and Topia does not control how they or any other third parties choose to share or disclose Personal Information.

Data Transfers

As a company with affiliates and Website hosted in the US, Personal Information will be processed in the United States when you engage with our Services as a Visitor or Attendee, or in the case of Customer Data where our support for the functioning of the Customer-Topia instance of the Services may include support provided by Topia from the United States. In cases where this involves a transfer of Personal Information outside of Europe, we will take steps to implement appropriate legal safeguards, for example, implementing standard contractual clauses where appropriate.

Children Under the Age of 16

Our Services and Website are not intended for children under 16 years of age. No one under age 16 may provide any information to or through the Website. We do not collect Personal Information from any person that we know to be under age 16. If you are under the age of 16, do not use the Website, register to use any of the features on the Services or Website, provide any information on the Website, Platform, or through any of its features, use any of the interactive features of the Website or Platform, or provide any information about yourself to us.

If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under the age of 16, please contact us via email at privacy@topia.com.

Choice

Where permitted in our legitimate interest, or subject to your consent, where required by law, Topia may contact you with our newsletter or promotions by email.

When you receive newsletters or promotional communications from us, you may “opt-out” by following the unsubscribe instructions provided in emails you receive from us or by contacting us directly at the contact information below.

How We Protect Personal Information

Personal Information we process is stored on our secure servers. While Topia Services are typically accessed via single sign on, where you have been given (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.

How Long We Retain Personal Information

We will retain your Personal Information for as long as your account is active or as needed to provide you Services. We will retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes and enforce our Agreements.

We may also retain aggregate information for research purposes and to help us develop and improve our Services. You cannot be identified from aggregate information retained or used for these purposes.

Your Rights

Depending on from where or how you access our Services (such as a Visitor or Attendee), you may have the right under certain circumstances to:

  • Be provided with a copy of your Personal Information held by us;
  • Request your data be corrected or erased;
  • Request that we restrict the processing of your Personal Information (while we verify or investigate concerns with this information for example);
  • Object to further processing of your Personal Information, including the right to opt-out of further marketing (as mentioned in the ‘Choices’ section above) or to withdraw your consent where the processing of your Personal Information is based upon consent; and
  • Request that your provided Personal Information be moved to a third party.
If you are an Authorized User of a Platform Customer, you can view your Personal Information by accessing the profile feature of the Platform. Should you need to modify, remove, or delete the Personal Information you provided, such requests should be directed to the Topia Services administrator at your company, where he/she can send an email to privacy@topia.com.

Where you accessing our Services in Europe and your request is not satisfactorily resolved by us, you may approach your local EU data protection authority (see https://commission.europa.eu/law/law-topic/data-protection/data-protection-eu_en) or for those in the UK, the data protection authority is the Information Commissioner.

Data Recipients in Third Countries

Topia and its third-party service providers are located in the United States or other jurisdictions outside of the EU/EEA that are not subject to an unqualified adequacy decision by the EU Commission finding them to provide a level of protection of fundamental rights and freedoms that is essentially equivalent to that guaranteed within the EU.

However, to ensure an appropriate level of protection of your Personal Data, we enter into data processing and data transfer agreements with our affiliated entities and third-party service providers outside of the EU/EEA that incorporate the provisions of the Standard Contractual Clauses approved by the EU Commission or implement other appropriate safeguards with them.

Additional Privacy Rights of California Residents 

This Privacy Notice for California residents supplements the information contained in this Notice and applies solely to residents of the State of California (“Consumers” or “you”). We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and the California Privacy Rights Act of 2020 (“CPRA”) (collectively, “CCPA”) and to honor your Consumer Rights Requests, as more fully described below. Any terms defined in the CCPA have the same meaning when used in this Notice. This Notice does not apply to Personal Information we collect when we are acting as a service provider to process information on behalf of clients to whom we provide Legal Services.

Your Privacy Rights Under the CCPA

  • Right to know.
  • Right to delete.
  • Right to correct.
  • Right to opt-out.
  • Right to limit use and disclosure of Sensitive Personal Information.
  • Right to nondiscrimination.
For verified request to know, the CCPA allows you to request your information, at no cost, up to twice during a twelve (12) month period. We will provide our response in a readily usable format, which is usually electronic.

How to Submit a Consumer Rights Request

If you would like to exercise your CCPA rights and submit a Consumer Rights Request as described above, please submit a request to us  through any of the following:
Verification of Your Identity.

To protect your privacy, if you make a request to exercise your CCPA rights as described above, we will need to verify your identity to a reasonable degree of certainty. A reasonable degree of certainty may include you providing us with pieces of information that are specific to you so that we can verify your identity.

You may make a request on your own behalf, or if you wish to designate an authorized agent to make a request on your behalf, please provide us with a signed declaration stating that your intent is to permit that individual to act on your behalf and include such individual’s full name, address, email address, and phone number. In order to protect your Personal Information from unauthorized disclosure or deletion at the request of someone other than you or your authorized agent, Topia requires identity verification before granting any of the requests described above.

Our Response Time to Your Consumer Rights Request

We will respond to a verifiable Consumer Rights Requests within forty five (45) days of receipt. We will respond to requests to opt-out of sales of Personal Information within fifteen (15) business days following receipt of the request.

If you have a complex Consumer Rights Request which requires more time to respond, we will inform you of the reason and extension period in writing. The CCPA allows us up to ninety (90) days to respond to your request.

Right to Know About Personal Information Collected, Disclosed, or Sold

You have the right to know what Personal Information we collect, use, disclose, and/or sell, the categories and specific pieces of Personal Information we collect and the sources, how we collect Personal Information, our business purpose for the collection and use of your Personal Information, the categories of third parties (excluding service providers) with whom we disclose your Personal Information, and whether we have sold any of your Personal Information.

You may request that we provide a description of the categories of Personal Information we have collected about you (“Categories Request”) or a request for access to the specific pieces of Personal Information we have collected about you (“Specific Pieces Request”).

Right to Request Deletion of Personal Information

You have the right to request that we delete any of the Personal Information that we have collected from you. Once we receive and confirm that your request is a verifiable Consumer request, we will inform you whether we have deleted (and directed our service providers to delete) your Personal Information, or whether we are declining to grant your request to delete due to an exception to the CCPA deletion requirements.

We are not obligated to comply with your request for deletion if we have a legal basis to retain your Personal Information, such as to complete a transaction for which we collected your Personal Information, to provide you with a service you requested, to detect security incidents, and to comply with a legal obligation.

Right to Request Correction of Personal Information

You have the right to request that we correct any inaccurate Personal Information that we have collected about you. Once we receive and confirm that your request is a verifiable Consumer request, we will inform you whether we have corrected your Personal Information (and directed our service providers to correct) your Personal Information, or whether we are declining to grant your request to correct due to an exception to the CCPA correction requirements.

Right to Opt-Out of the Sale of Personal Information

We do not sell Personal Information or otherwise share it with third parties for monetary or other valuable consideration. If we sell any of your Personal Information, you have the right, at any time, to tell us to stop selling your Personal Information. You also have the right to request we not share your Personal Information with third parties for purposes of cross-contextual behavioral advertising.

Right to Limit Use and Disclosure of Sensitive Personal Information

You have the right to request we limit our use and disclosure of your Sensitive Personal Information to only what is necessary to provide you with the services you have requested. We are not obligated to comply with your request if we have a legal basis to use or disclose your Sensitive Personal Information, such as to complete a transaction for which we collected your Personal Information, to provide you with a service you requested, to detect security incidents, and to comply with a legal obligation.

Right to Non-Discrimination for Exercising Your CCPA Rights

If you choose to exercise any of your CCPA rights, we will not discriminate against you.

Contact Us

Questions, comments and requests regarding this Notice are welcomed and should be addressed to: privacy@topia.com.

Topia Inc.
1900 S. Norfolk Street, Ste 350 San Mateo, CA 94403 USA
Back To Top