This Data Use Policy describes how Symmetry Asset Solutions LLC (“Symmetry Asset Solutions,” “we,” “us,” or “our”) collects, accesses, uses, retains, shares, secures, and governs data in connection with our website, platforms, and business operations (the “Services”). Our goal is to use data responsibly and transparently to deliver value to clients, protect individual privacy, and comply with applicable laws and contractual obligations. By engaging with our Services, you acknowledge and understand the data use practices described in this Policy.
This Policy applies to all data processed by Symmetry Asset Solutions in connection with the operation of our Services, including personal data relating to website visitors, prospects, clients, vendors, and business contacts, as well as operational and technical data generated by our systems. It covers data collected directly from individuals, obtained from third parties (such as analytics providers and service partners), and generated automatically through cookies or similar technologies. This Policy is distinct from, and complementary to, our Privacy Policy, which provides greater detail on the privacy rights and disclosures applicable to individuals.
We use data that may include identifiers and contact details, professional or company information, communications and inquiry content, transactional and operational records, usage and device data such as IP address, browser type, and pages viewed, and cookie-derived analytics. We obtain data directly from individuals through forms and communications, automatically via our websites and tools, and from third-party sources, including service providers, public databases, and business partners. Where required, we will notify you of specific categories used for particular purposes at the point of collection.
We use data to operate, maintain, and improve our Services; to communicate with you, respond to inquiries, and manage client or vendor relationships; to personalize experiences and tailor content; to perform analytics, measurement, and research to understand usage and enhance performance; to manage billing, contract administration, and compliance obligations; to protect our users, systems, and business from fraud, misuse, security threats, and unlawful activities; and to support lawful marketing activities, including sending updates where permitted by law and your preferences. We will only use data in ways that are compatible with the purpose for which it was collected or that are disclosed to you at or before the time of collection.
Where required by applicable law (such as GDPR), we rely on one or more legal bases for processing, including your consent, the performance of a contract or pre-contractual steps, compliance with legal obligations, and our legitimate interests in operating, securing, and improving our Services. If consent is required, we will seek it in a clear and granular manner and respect withdrawal of consent at any time without affecting prior lawful use.
We strive to limit data to what is necessary for the stated purposes, maintain it accurately and up to date, and correct or delete inaccuracies when identified. We retain data only for as long as necessary to fulfill the purposes described in this Policy, to comply with legal, regulatory, accounting, or reporting requirements, and to establish, exercise, or defend legal claims. Retention periods depend on the nature of the data, contractual commitments, and applicable laws and industry standards.
We may share data with service providers and vendors that perform services on our behalf, such as hosting, analytics, communications, security, and professional advisory services, subject to appropriate contractual safeguards. We may disclose data to competent authorities where required by law or legal process, to protect rights and safety, or in connection with corporate transactions such as mergers, acquisitions, financing, or asset transfers under confidentiality protections. We do not sell personal data as that term may be defined by applicable law, and we do not share personal data for cross-context behavioral advertising unless we provide clear notice and legally required opt-out mechanisms.
If data is transferred to, stored in, or otherwise processed in jurisdictions outside your own, it may be subject to different data protection laws than those in your country. Where required, we implement appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses or other approved mechanisms, and we assess the risks associated with such transfers to protect the data involved.
We use cookies, pixels, scripts, and similar technologies to enable site functionality, maintain security, remember preferences, and conduct analytics. Where applicable, we may use these tools for interest-based communications consistent with your choices and the law. You can manage cookie preferences through your browser settings and, where provided, our site-level controls. Disabling certain cookies may affect the functionality or performance of the Services.
We do not engage in automated decision-making that produces legal or similarly significant effects without human involvement unless clearly disclosed and permitted by law. If we use limited profiling or segmentation to tailor content or communications, we will do so in a proportionate manner, provide appropriate transparency, and respect applicable rights and opt-out choices.
We apply reasonable and appropriate administrative, technical, and organizational measures designed to protect data against unauthorized access, alteration, disclosure, or destruction. These measures include access controls based on role and necessity, encryption in transit, and, where appropriate, secure development practices, logging and monitoring, vendor due diligence, and periodic review of safeguards. While we take steps to protect data, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Employees, contractors, and vendors with access to data must handle it in accordance with this Policy, applicable laws, and contractual obligations. We provide training and guidance commensurate with roles and risks to promote responsible data stewardship, confidentiality, and security practices. Access to personal data is granted on a least privilege basis and is periodically reviewed.
Depending on your location and applicable law, you may have rights to request access, correction, deletion, restriction, or portability, to object to certain processing, to withdraw consent, and to set marketing preferences. We will verify and respond to requests within the required timeframes and will not discriminate against you for exercising your rights. To make a request, please contact us using the details below and provide sufficient information to verify your identity.
Our Services are not directed to children under 18, or to any age as defined by local law, and we do not knowingly collect children’s data. If we become aware that we have collected or used data from a child in violation of this Policy, we will take reasonable steps to delete it.
We maintain processes to detect, investigate, and respond to suspected data incidents. In the event of a data breach that poses a risk to individuals, we will take appropriate mitigation steps and provide notifications to affected individuals and relevant authorities in accordance with applicable laws and contractual obligations.
We periodically review this Policy and our data practices for effectiveness, compliance, and alignment with evolving regulations and business needs. We may update this Policy from time to time, and the “Effective Date” indicates the latest revision. Material changes will be communicated through our website or other appropriate channels, and continued use of the Services after changes become effective signifies acceptance of the updated Policy.
If you have questions about this Data Use Policy, wish to exercise your rights, or need additional information about our data practices, please contact us at: askSAS@symmetryaisolutions.com or by mail at Symmetry Asset Solutions LLC, 17330 West Center Rd. Ste 110, Omaha, NE, 68130, USA, Attention: Privacy Office.
We architect our services to operate on vetted third‑party platforms, and all data used to perform our services is housed and remains on those platforms. By default, we do not export, replicate, or locally store such data outside the platforms we use to deliver services. Any exceptional data movement (for example, at a client’s written request or where legally required) is governed by strict contractual, technical, and administrative controls, including appropriate data processing agreements and transfer safeguards where applicable. We select and monitor third‑party providers based on their security posture, compliance certifications, and reliability, and we maintain oversight to ensure processing aligns with our commitments and your instructions.
We maintain a rigorous information security program that meets or exceeds applicable legal, regulatory, and industry standards. Our controls are designed to protect data against unauthorized access, alteration, disclosure, or loss through measures such as strong access management, encryption, secure configuration of third‑party platforms, continuous monitoring, vulnerability management, and incident response. While no method of transmission or storage is entirely secure, we continually assess and enhance our safeguards to uphold the confidentiality, integrity, and availability of data within the platforms we use.
All data used to perform our services is processed and retained within the third‑party platforms through which those services are delivered. We do not extract or store service data outside those platforms as part of normal operations. If a specific business need or legal obligation requires data export, we will act only under documented instructions and with protections appropriate to the sensitivity and context of the data, including encryption, access controls, and contractual safeguards.
Our security controls are rigorous and designed to exceed applicable laws and code requirements, leveraging the native protections of our third‑party platforms alongside our own administrative and technical measures. Within a shared‑responsibility model, we harden platform configurations, enforce least‑privilege access and MFA, monitor for threats, and maintain a tested incident response process. Providers are evaluated for compliance and security maturity (e.g., independent audits and certifications), and we review them periodically to ensure continued alignment with our security and compliance objectives.
Data remaining within third‑party platforms follows retention settings and client instructions applicable to those platforms, as well as legal, regulatory, and contractual requirements. We minimize data movement, limit access to authorized personnel, and maintain records necessary for accountability and compliance without duplicating service data outside the platforms.
Where third‑party platforms store or process data across borders, we implement appropriate safeguards—such as data processing agreements and recognized transfer mechanisms—to protect data in accordance with applicable laws and our contractual obligations.
If you have questions about this Data Use Policy, wish to exercise your rights, or need additional information about our data practices, please contact us at: askSAS@symmetryaisolutions.com or by mail at Symmetry Asset Solutions LLC, 17330 West Center Rd. Ste 110, Omaha, NE, 68130, USA, Attention: Privacy Office, reference effective date: January 15, 2026.
