Privacy Policy

 

Last Updated: February 3, 2023

This Privacy Policy explains how D-Wave Quantum Inc. and its subsidiaries, including D-Wave Systems Inc., D-Wave International Inc., D-Wave Commercial Inc., D-Wave Government Inc., D-Wave Quantum Services Europe Limited, D-Wave UK Ltd., and D-Wave Japan Co., Ltd. (collectively and individually, “D-Wave”, “we”, “us”, or “our”) collect, use, disclose and otherwise process personal information. This includes personal information in connection with your use of D-Wave’s products, services, and software (“Services”), such as D-Wave™, Leap™, Ocean™, Advantage™, Advantage2™, D-Wave 2000Q™, D-Wave 2X™, D-Wave Learn™, D-Wave Launch™. By entering a contract for Services, using a Service, or otherwise providing personal information to D-Wave, you agree to this Privacy Policy and hereby provide your consent for the collection, use, processing, and transfer of your personal information in accordance with this Privacy Policy.

What Personal Information Do We Collect?

"personal information" means personal data and information, including sensitive personal data, as defined in the Personal Information Protection Act, SBC 2003, ch. 63, or such other laws applicable to personal information in the jurisdictions where we provide Services.

We collect personal information as necessary to provide any Services you request and otherwise operate our business.

We generally collect personal information directly from you. For example:

  • In order to register for Services, you will need to provide your name, username, email address, and (depending on the Services) your mailing address and your industry or corporate affiliation. If you are registering on behalf of a business (for example, your employer) you will also be required to provide the name of the business on whose behalf you are registering.
  • We collect payment card information or other billing information as necessary and send it to our payments processor to process payments for Services on our behalf. We do not store payment card information or use it for any other purpose.
  • We may, as part of the Services, offer you the opportunity to communicate with us or with other users, such as by participating in a community forum or sending questions, comments, or support requests to us. We may collect any additional information you provide in connection with these communications, such as your contact information and the contents of your communications.
  • We may, as part of the Services, offer you the opportunity to link your account to third-party software-hosting services, like GitHub. If you do, we may collect your username for that service and information about your public repositories and commit history.
  • We may collect personal information in other circumstances with your consent, or as permitted or required by law.

We may also collect certain information automatically when you access or use our Services. We collect this information using various means, such as cookies and other tracking technologies. The information we collect includes usage statistics, unique device identifiers, IP addresses, version numbers of relevant software, and information on which tools and services are being used in connection with Services. We use this information to recognize and authenticate you when you use Services, to monitor your use of Services, to enforce the terms of our contracts with you, to detect and prevent fraud, and for safety and security purposes.

Note that this Privacy Policy is not intended to cover circumstances in which we are appointed by you to process personal data on your behalf. Processing personal data in such cases will be subject to the contractual arrangements between us relating to any services we provide on your behalf.

 

How Do We Use Personal Information?

We use personal information: 

  • For our legitimate interests, namely:
    • To provide our Services;
    • To process payments and collect amounts owing to us;
    • To respond to your requests and questions and provide customer support;
    • To manage everyday business needs;
    • To analyze or improve our Services and our tools, software and products;
    • To detect and prevent fraud and for safety and security purposes;
    • To protect D-Wave, its affiliates, our Services and users; and
    • To monitor your use of our Services and your compliance with any contracts you have with us and to enforce the terms of any contracts you have with us;
  • To perform a contract to which you are subject;
  • To comply with our legal obligations, including complying with all applicable laws and regulations; and
  • Where you have provided your express consent, for example where you have agreed to us sending you promotional materials or where you have agreed to be recorded during a training session provided by D-Wave.

 If you change your mind about the consent provided in this Privacy Policy for the collection, use, processing and transfer of your personal information, you may withdraw your consent by contacting us in writing to the following email address: support@dwavesys.com, and we will stop doing so. However, if you withdraw your consent, this may impact the ability for us to be able to provide Services to you.

 

Sharing of Information

We may share personal information with our affiliates and our service providers (including our affiliates acting in this capacity) that perform services on our behalf, such as marketing, analytics, payment processing, website hosting, customer support, information technology and/or data hosting or processing services or similar services. We may do so where necessary for our legitimate interests in providing Services or for the performance of a contract.

Personal information may be used and disclosed in connection with evaluating and completing a proposed or actual financing, securitization, insuring, sale, assignment or other disposals of all or part of D-Wave or our business or assets. Assignees or successors of D-Wave or our business or assets may use and disclose your personal information for similar purposes as described in this Privacy Policy. We may do so where necessary for our legitimate interests to run, grow, and develop our business. We do not sell or license your personal information to third parties.

We, and our service providers and affiliates, may disclose personal information where and to the limit required by law, including as required by the laws applicable to our service providers and affiliates located outside of your country of residence.

We may disclose personal information in other circumstances, with your consent. If you have given your consent for us to use your personal information in a particular way, but later change your mind, you should contact us, and we will stop doing so.

 

International Transfers

Some of our service providers or affiliates may be located outside of your country of residence, including in Canada and/or the United States. As a result, your personal information may be collected, used, disclosed, stored, and processed outside of your country of residence for the purposes described in this Privacy Policy and you hereby consent to the transfer of your personal information for these purposes.

If you are a user in the European Economic Area (EEA), we may transfer your personal information to Canada pursuant to an adequacy decision. In any case where an adequacy decision is not available, we will only transfer your personal information outside of the European Union subject to additional safeguards in accordance with Art. 46 of the General Data Protection Regulation 2016/679 (GDPR), such as the European Commission’s Standard Contractual Clauses (SCC).

If you are a user in Australia, we will only transfer your personal information to a third party in a country which has equivalent privacy laws to Australia, where we have your consent, or where we have otherwise taken reasonable steps in the circumstances to ensure that the overseas recipient does not breach Australian privacy laws.

If you are a user in Israel, we will only transfer your personal information out of Israel in accordance with Israeli privacy laws and regulations, whether such information is included in a registered data base or a non-registered data base. If such transfer is made to a third party in a country in the European Economic Area (EEA), we can complete such transfer pursuant to an adequacy decision, where we have your consent, or where we have entered into an agreement with such third party to ensure that the overseas recipient does not breach Israeli laws and regulations.

 

Retention

We collect and retain personal information in an identifiable format for the amount of time necessary for the purposes for which it was collected, including providing any Services you request and otherwise meeting our legal and regulatory obligations, unless it is in our legitimate business interests and not prohibited by applicable law to maintain the personal information for longer periods. All personal information collected by us will be retained only so long as it is necessary for the purposes for which such information was collected.

 

Rights

Under certain jurisdictions, you may benefit from certain rights granted by applicable law, subject to limitations therein to the extent permitted by law. These rights may include a right to access, rectification, restriction, opposition, erasure or portability, or not to be subjected to automated decision-making.

If you are a user in India, you will be provided with the right to access and review your personal information to the full extent required by law.  

If you want to exercise any of the rights available to you or find out more, please contact us. We handle requests in line with the timeframes set by applicable laws. We may need to request additional information from you to identify you. Certain exemptions may apply to your request; if so, we will inform you when responding to your request.

 

Security

Personal information is maintained on our servers or those of our service providers and is accessible to our authorized employees, representatives, and agents. We maintain technical, physical, and administrative security measures designed to provide appropriate protection for your information against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls.

 

Children’s Privacy

We do not knowingly collect information from individuals under the age of 18 or other individuals who are not legally able to use Services. If we obtain actual knowledge that we have collected information from a minor who is under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data. If you believe that we have mistakenly or unintentionally collected information from a child, please contact us.

 

Changes

We may revise this Privacy Policy from time to time. We will notify you of material changes to this Privacy Policy by posting the revised policy on our website and by sending you an email describing the changes. We encourage you to visit our website frequently to review the current version of this Privacy Policy and to keep your contact information on record with us up to date. Your continued provision of personal information or use of our Services following any changes to this Privacy Policy indicates that you have read and understood the latest version of this Privacy Policy.

 

Contact

If you have any questions or concerns about this Privacy Policy or our handling of the personal information collected from you, please contact our Privacy Officer at privacy.officer@dwavesys.com. All questions and concerns will be considered and appropriately handled according to the applicable laws.

You have the right to lodge a complaint with the Supervisory Authority, Commissioner or other applicable authorities for data protection in your country of residence, should you find that we did not appropriately address your question or concern.