SECdirect
PlatformServicesCompanyResources
Log inRequest a Demo

Privacy Policy

Last updated: March 16, 2026

Overview

SECdirect operates a Software-as-a-Service (SaaS) platform for SEC EDGAR filing and compliance, providing subscriptions to our products and services. This Privacy Policy explains how SECdirect collects, uses, shares, and processes Personal Data, which refers to any information that can identify or be linked to an individual.

Table of Contents
  • 1. What Our Privacy Policy Covers
  • 2. How We Collect and Use Your Personal Data
  • 3. Cookie Policy
  • 4. How We Disclose Your Personal Data
  • 5. How We Protect Your Personal Data
  • 6. How We Transfer Your Personal Data Internationally
  • 7. How We Retain Your Personal Data
  • 8. Your Privacy Rights
  • 9. Exercising Your Rights
  • 10. Additional Rights and Disclosures
  • 11. Changes to this Privacy Policy
  • 12. Contact Us
1. What Our Privacy Policy Covers

SECdirect distinguishes between "controllers" and "processors" of Personal Data. A controller decides why and how to process Personal Data, while a processor processes Personal Data on behalf of a controller. SECdirect may act as either a controller or a processor, depending on the scenario.

This Policy applies when SECdirect is the data controller of your Personal Data, explaining how we collect, use, and share your Personal Data for our purposes. This includes when you:

  • Visit a SECdirect website that links to this Policy
  • Visit our branded social media pages
  • Visit a SECdirect office
  • Interact with SECdirect as a representative of a company that has an account with us
  • Use our products and services where we act as a controller of your Personal Data
  • Register for, attend, or take part in a SECdirect event, webinar, program, training, or certification
  • Participate in surveys, research, or other similar data collection facilitated by us
  • Receive a communication from us or otherwise communicate with us

Customer Data: Our customers control the data they input into our products and services ("Customer Data") and how it is used. This Policy does not cover how we process Personal Data on behalf of our customers as a processor. If you have questions about the Personal Data your organization holds in SECdirect, please direct your request to your organization. Where we act as a processor, our commitments are set out in our Data Processing Addendum ("DPA"), available upon request.

Third Party Links: Our websites and services may contain links to other websites, applications, platforms, and services maintained by third parties. The information practices of these third parties are governed by their privacy statements, which you should review.

2. How We Collect and Use Your Personal Data
A. Personal Data Provided by You

We may ask you to provide Personal Data voluntarily, including contact details for account creation, marketing communications, or inquiries. This data may include identifiers, professional or employment-related information, financial account information, and more.

B. Personal Data Collected Automatically

We collect certain information automatically, such as IP addresses, device types, and usage information, when you visit our websites or use our applications. This information helps us improve our services and understand user behavior.

C. Personal Data Obtained from Other Sources

We may collect Personal Data from third-party providers, publicly accessible sources, or your organization. This information may include identifiers, professional and employment-related information, and more.

3. Cookie Policy

We use cookies and similar tracking technologies to help our websites and services function properly and to understand how they are used. These cookies are used for purposes such as:

  • Essential cookies

    Required to operate our websites and services (e.g., login, security, session management)

  • Analytics cookies

    To understand usage patterns and improve performance

We do not use cookies for advertising or targeted marketing. For more information, please see our Cookie Policy.

4. How We Disclose Your Personal Data

SECdirect may share your Personal Data with:

  • Affiliates within the SECdirect group
  • Service providers and professional advisors
  • Your organization/employer
  • SECdirect sponsors and partners
  • In connection with business transactions
  • As required by law or to protect our rights
5. How We Protect Your Personal Data

We implement technical and organizational security measures consistent with prevailing industry standards, including encryption in transit and at rest, logical access controls, and regular third-party audits of our systems (e.g., SOC 2 Type II). However, no system is 100% secure, and the security of information transmitted through the internet cannot be guaranteed.

6. How We Transfer Your Personal Data Internationally

We may transfer, process, and store your Personal Data outside of your country of residence. We comply with applicable legal requirements for such transfers, ensuring appropriate safeguards are in place.

Data Privacy Framework

SECdirect complies with the EU–U.S. Data Privacy Framework, the UK Extension, and the Swiss–U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce. Where these frameworks do not apply, we rely on Standard Contractual Clauses approved by the European Commission or other appropriate safeguards for cross-border transfers of Personal Data.

7. How We Retain Your Personal Data

We retain your Personal Data for as long as necessary to fulfill the purposes described in this Policy, or as required by law. For example, account data is retained for the duration of your account and for a reasonable period thereafter; marketing data is retained until you unsubscribe; and support tickets are retained for up to 3 years after closure. Filing data is retained in accordance with SEC regulations and recordkeeping requirements. When no longer needed, we will delete or anonymize your Personal Data.

8. Your Privacy Rights

Depending on your location, you may have certain rights regarding your Personal Data, such as accessing, correcting, or deleting your data. You may also object to or restrict certain processing activities and have the right to data portability and withdrawal of consent.

CCPA Rights

If you are a California resident, you have the following rights under the CCPA:

  • The right to know what Personal Data is being collected about you
  • The right to access your Personal Data
  • The right to request deletion of your Personal Data
  • The right to opt-out of the sale of your Personal Data
  • The right to non-discrimination for exercising your privacy rights

To exercise your CCPA rights, please contact us using the information below.

GDPR Rights

If you are located in the European Economic Area (EEA), you have the following rights under the GDPR:

  • The right to access your Personal Data
  • The right to correct your Personal Data
  • The right to delete your Personal Data
  • The right to restrict the processing of your Personal Data
  • The right to data portability
  • The right to object to the processing of your Personal Data
  • The right to withdraw your consent at any time, if we are processing your Personal Data based on consent

To exercise your GDPR rights, please contact us using the information below.

9. Exercising Your Rights

To exercise your rights, please contact us using the information below. We will take steps to verify your identity and respond within the time period permitted by applicable law.

10. Additional Rights and Disclosures

We do not knowingly collect Personal Data from children under 16. We do not sell Personal Data to third parties.

State Law Privacy Rights

California Resident Rights Under California Civil Code Sections 1798.83–1798.84: California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties' direct marketing purposes; in order to submit such a request, please contact us at privacy@secdirect.io.

Nevada Resident Rights: If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties who intend to license or sell that Personal Data. You can exercise this right by contacting us at privacy@secdirect.io.

11. Changes to this Privacy Policy

We may update this Policy from time to time. Changes will be posted on our website, and significant changes will be communicated to you directly.

12. Contact Us

If you have any questions or wish to exercise your rights, please contact us at:

Email: privacy@secdirect.io

SECdirect, LLC
1302 Waugh Drive #933
Houston, TX 77019

If you have a disability that prevents you from accessing this Policy, please contact us for assistance.