Digimarc Privacy Policy

Last Updated: May 16, 2026

This Privacy Policy describes how Digimarc LLC, Digimarc Corporation, their subsidiaries and other affiliates, and any successor or related entities, collect, use, disclose, and otherwise process personal information in connection with the Services, as applicable. For purposes of this Privacy Policy, “Digimarc,” “we,” “us,” and “our” refer to the Digimarc entity or entities responsible for the relevant Services, contract, interaction, or processing activity.

The Digimarc entity responsible for your personal information depends on the Services, product, website, mobile application, contract, or interaction at issue. Where practical, the applicable Digimarc entity will be identified in the relevant agreement, order form, product notice, website footer, mobile application listing, or other communication. If more than one Digimarc entity participates in processing, the entity that determines the purposes and means of the relevant processing is the controller, business, or equivalent responsible entity for that processing.

For purposes of this Privacy Policy, “Services” means our websites, products, mobile applications, support services, marketing activities, events, communications, and other online or offline interactions with us.

Additional disclosures may apply depending on where you reside. Please see our U.S. State Privacy Notice for information provided under certain U.S. state privacy laws and our Notice to European Users for information provided under the GDPR, UK GDPR, and Swiss data protection law.

In some contexts, one or more Digimarc entities process personal information on behalf of a business customer in accordance with an agreement with that business customer. In those contexts, the relevant business customer determines the purposes and means of processing, and the applicable Digimarc entity processes the information as its service provider, processor, or equivalent role under applicable privacy law. This Privacy Policy does not apply to that customer-controlled processing, except to the extent a Digimarc entity independently collects or uses personal information for its own purposes, including analytics, support, marketing, product improvement, legal compliance, or operation of the Services. Where we process personal information on behalf of a business customer, our independent uses of that information are limited to uses permitted by applicable law and our agreement with that business customer. If you have questions or requests concerning personal information that we process on behalf of a business customer, please contact that business customer directly.

NOTICE TO EUROPEAN USERS: Please see our Notice to European Users for additional information for individuals located in the European Economic Area, United Kingdom, or Switzerland.

Index

Personal information we collect
Sources of personal information
Cookies and tracking technologies
AI-enabled features
How we use your personal information
How we share your personal information
Aggregated, anonymized, and de-identified information
Retention of personal information
Your choices and privacy rights
Other sites and services
Security
International data transfer
Children
Changes to this Privacy Policy
How to contact us
U.S. State Privacy Notice
Notice to European Users

Personal information we collect

Personal information we collect depends on how you interact with us and the Services.

Information you provide to us

Personal information you may provide to us through the Services or otherwise includes:

Contact data, such as your first and last name, email address, phone number, and, where applicable, Digimarc name, job title, employer, or business contact information.
Account and profile data, such as usernames, passwords, account credentials, account settings, preferences, and other information associated with an account or profile.
Demographic data, such as your country, state, province, or region of residence.
Communications data, including information you provide when you contact us, communicate with us through the Services, interact with customer support, participate in events, respond to surveys, or otherwise communicate with us.
Marketing data, such as your preferences for receiving our marketing communications and details about your engagement with them.
User content and submissions, such as content, files, images, messages, questions, prompts, feedback, support requests, and other information that you submit through the Services, including through AI-enabled chat or similar features.
Other information that you choose to provide or that we request and disclose at the time of collection.

Mobile application data

If you use our mobile applications, we may collect information about your use of those applications, including app version, device type, operating system, device identifiers, app settings, diagnostics, telemetry, crash logs, and interactions with app features.

Location data

Some of our mobile applications may collect precise geolocation data with your permission, including where precise geolocation is necessary to provide a feature you request. We request permission through your device’s operating-system permission process. You may disable location permissions through your device settings, but doing so may limit or prevent use of certain location-enabled features.

We may also collect approximate location information, such as city, state, region, or country, including through IP address or similar technical information.

Verification and interaction data

We may collect information about your interactions with physical or digital content through the Services, including scans, reads, authentication or verification events, timestamps, device and app information, location information where enabled, and related usage data.

We may use this information to provide consumer engagement, authenticity verification, analytics, anti-counterfeit monitoring, product improvement, and related functionality.

Automatic data collection

We, our service providers, and our business partners may automatically collect information about you, your computer or mobile device, and your interaction over time with the Services, our communications, and other online services, such as:

Device data, such as operating system type and version, manufacturer and model, browser type, device type, IP address, unique identifiers, app version, and general location information.
Online activity data, such as pages or screens viewed, time spent on a page or screen, navigation paths, information about activity on a page or screen, access times, duration of access, interactions with our emails or communications, and interactions with app or product features.
Product usage data, such as logs, telemetry, diagnostics, feature usage, verification events, scans, reads, and other information about how the Services are accessed and used.
Communication interaction data, such as information about your interactions with our email or other communications, where that information is available to us.

For more information concerning our automatic collection of data, please see the Cookies and tracking technologies section below and our Cookie Policy.

Sources of personal information

We may collect personal information from the following sources:

Directly from you, such as when you use the Services, contact us, submit information, use mobile applications, interact with AI-enabled features, request support, participate in events, or communicate with us.
Automatically through the Services, such as through cookies, software development kits, mobile app technologies, tracking technologies, logs, telemetry, diagnostics, and similar technologies.
Business customers, such as where a business customer provides information about its employees, contractors, administrators, authorized users, representatives, or other personnel.
Data providers, such as information services, data licensors, and other third-party data sources.
Partners, such as marketing partners, event co-sponsors, resellers, distributors, channel partners, integration partners, and other business partners.
Service providers, including providers that help us operate the Services, host data, provide analytics, support AI-enabled features, deliver communications, provide customer support, process data, or support our business operations.
Third-party platforms and integrations, where you or a business customer connect, authorize, or otherwise interact with the Services through third-party services.

Cookies and tracking technologies

Some of our automatic data collection is facilitated by cookies, software development kits, pixels, local storage, mobile advertising identifiers, and similar technologies.

We may use these technologies to operate the Services, remember preferences, understand how the Services are used, conduct analytics, support advertising and retargeting, measure marketing effectiveness, and improve the Services. We may also store a record of your preferences in respect of the use of these technologies in connection with the Services.

For more information about our use of cookies and similar technologies, including how to manage available cookie and tracking preferences, please see our Cookie Policy. Some of these technologies involve disclosures of identifiers, device information, online activity information, advertising identifiers, lead or account information, or inferences to advertising, analytics, measurement, social media, video, lead-generation, or marketing partners. Depending on the context and applicable law, these disclosures may constitute targeted advertising, sale, sharing, or similar processing.

We do not respond to browser “Do Not Track” signals. Where required by applicable law, including where we process personal information for sale, sharing, targeted advertising, or similar purposes, we honor Global Privacy Control and other legally required opt-out preference signals as opt-out requests.

AI-enabled features

Some Services may include AI-enabled chat, search, analysis, support, or similar functionality. If you use those features, we and our third-party AI service providers may process the information you submit, including prompts, questions, messages, uploaded content, files, images, and related context, to provide, operate, maintain, secure, and improve the AI-enabled feature.

You should not submit sensitive personal information, confidential information, regulated information, or information about other individuals through AI-enabled features unless the feature expressly requests that information and you are authorized to provide it.

We do not use personal information submitted through the Services to train artificial intelligence or machine-learning models. We also do not permit third-party AI service providers to use personal information submitted through the Services to train their general-purpose models, except where disclosed at the time of collection or authorized by you.

AI-enabled features are not intended to make decisions based solely on automated processing that produce legal effects or similarly significant effects concerning you, unless we provide a separate disclosure at or before the time of collection.

How we use your personal information

We may use personal information for the following purposes or as otherwise described at the time of collection.

Service delivery and operations

We may use personal information to:

provide, operate, maintain, and support the Services;
make websites, products, mobile applications, verification features, support services, and other functionality available to you;
establish, maintain, administer, and support accounts, profiles, and user access;
process transactions or requests;
communicate with you about the Services, including by sending service-related announcements, updates, security alerts, support messages, and administrative messages;
provide support, respond to requests, and process feedback; and
remember settings, selections, and preferences.

Mobile app features, verification, analytics, and anti-counterfeit monitoring

We may use personal information, mobile application data, location data, verification data, and interaction data to:

provide mobile application features;
enable interactions with physical or digital content;
provide authenticity-verification functionality;
analyze engagement with physical or digital content;
log verification events;
detect, evaluate, or monitor suspected counterfeit activity;
generate analytics and insights; and
support reporting, product improvement, and related business purposes.

Service improvement and analytics

We may use personal information, user content, customer content, usage data, telemetry, diagnostic information, communications, and feedback, in identifiable, de-identified, aggregated, or anonymized form, to analyze use of the Services, troubleshoot issues, improve functionality and performance, develop new features, and improve our business.

Where we process personal information on behalf of a business customer, our use of that information is subject to our agreement with that business customer.

Marketing and advertising

We may use personal information to:
send marketing communications;
personalize or tailor marketing communications where permitted by law;
measure engagement with marketing communications;
manage events, promotions, and co-sponsored activities;
identify prospective customers, users, or business contacts; and
support advertising, retargeting, and similar marketing activities.

We and our advertising partners may use cookies and similar technologies to collect information about your interactions with the Services and other online services over time.

For more information about these technologies and your choices, please see our Cookie Policy.

You may opt out of marketing communications as described in the Your choices and privacy rights section below.

Business relationships and partner activities

We may use personal information to manage relationships with business customers, prospective customers, partners, resellers, distributors, channel partners, event co-sponsors, vendors, and other third parties.

Compliance and protection

We may use personal information to:

comply with applicable laws, lawful requests, and legal process;
respond to subpoenas, investigations, regulatory inquiries, or requests from government authorities;
protect our, your, or others’ rights, privacy, safety, or property;
enforce the terms and conditions that govern the Services;
audit internal processes for compliance with legal, contractual, policy, or operational requirements; and
establish, exercise, or defend legal claims.

Corporate events

We may use or disclose personal information in connection with actual or prospective corporate transactions, including investments in, financing of, public offerings involving, or the sale, transfer, merger, reorganization, or other disposition of all or part of our business, assets, equity, or operations.

Further uses

In some cases, we may use personal information for further purposes. Where required by applicable law, we will seek consent for that further processing.

We may share personal information with the following parties and as otherwise described in this Privacy Policy, in other applicable notices, or at the time of collection.

Affiliates

We may share personal information with our corporate parent, subsidiaries, affiliates, and related entities.

Service providers

We may share personal information with third parties that provide services on our behalf or help us operate the Services or our business, such as hosting providers, information technology providers, customer support providers, online chat functionality providers, artificial intelligence providers, analytics providers, email delivery providers, marketing providers, advertising technology providers, professional services providers, and other vendors.

Advertising and analytics partners

We may share personal information with advertising, analytics, and measurement partners to support analytics, advertising, retargeting, marketing measurement, and related activities, subject to applicable law and your choices.

Business customers

Where we provide Services to a business customer, we may process personal information on behalf of that business customer in accordance with our agreement with it. We may also provide business customers with aggregated, anonymized, or de-identified verification, usage, or analytics information where the information does not identify you and is not reasonably capable of being used to identify you.

Third parties designated by you

We may share personal information with third parties where you have instructed us or provided consent to do so.

Partners

We may share personal information with partners, including marketing partners, event co-sponsors, integration partners, resellers, distributors, channel partners, and parties with whom we jointly offer products, services, events, or promotions.

Third-party platforms and integrations

If you or a business customer connect the Services to a third-party platform or integration, we may share personal information as necessary to enable, maintain, or support that integration.

Professional advisors

We may share personal information with professional advisors, such as lawyers, auditors, bankers, consultants, and insurers, where necessary in the course of the professional services they render to us.

Authorities and others

We may share personal information with law enforcement, government authorities, courts, regulators, and private parties where we believe in good faith that disclosure is necessary or appropriate for the compliance and protection purposes described above.

Business transferees

We may disclose personal information in connection with actual or prospective business transactions, including investments in, financing of, public offerings involving, or the sale, transfer, merger, reorganization, or other disposition of all or part of our business, assets, equity, or operations. We may also disclose personal information to an acquirer, successor, assignee, or other relevant third party as part of any merger, acquisition, sale of assets, reorganization, insolvency, bankruptcy, receivership, or similar transaction.

Aggregated, anonymized, and de-identified information

We may create aggregated, anonymized, or de-identified information from personal information and other information we collect. We may use and disclose aggregated, anonymized, or de-identified information for lawful business purposes, including to analyze and improve the Services, generate insights, support verification and anti-counterfeit monitoring, report to business customers or partners, promote our business, and develop new products and services.

We will not attempt to re-identify de-identified information except as permitted by applicable law.

Retention of personal information

We retain personal information only for as long as reasonably necessary and proportionate for the purposes described in this Privacy Policy, including to provide and operate the Services, maintain accounts, support mobile application functionality, provide verification and anti-counterfeit monitoring, troubleshoot and secure the Services, improve our products and services, comply with legal obligations, resolve disputes, enforce agreements, and maintain appropriate business records.

The specific retention period for a category of personal information depends on the nature of the information, the context in which it was collected, the purposes for which it is processed, the sensitivity of the information, the risk of harm from unauthorized use or disclosure, applicable legal or contractual requirements, and our operational and recordkeeping needs.

When personal information is no longer reasonably necessary for the purposes described in this Privacy Policy, we delete, de-identify, aggregate, or otherwise process it in accordance with applicable law and our retention practices.

Your choices and privacy rights

In this section, we describe choices and rights that may be available to individuals whose personal information we collect. Depending on where you reside, you may have additional rights under applicable law, including as described in our U.S. State Privacy Notice and Notice to European Users.

Access or update your information

If you have registered for an account with us through the Services, you may be able to review and update certain account information by logging into the account.

Location choices

You may enable or disable access to precise geolocation through your device settings. If you disable location permissions, some location-enabled features may not function.

Opt out of communications

You may opt out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email or by contacting us at privacy [at] digimarc [dot] com. Please note that if you opt out of marketing-related emails, you may continue to receive service-related, transactional, legal, or other non-marketing communications.

Cookies and advertising choices

For information about cookies and similar technologies used by the Services and how to control them, please see our Cookie Policy. You may be able to manage certain cookie and tracking preferences through the Cookie Settings tool linked in the footer on this website.

Where required by applicable law, we treat Global Privacy Control and other legally required opt-out preference signals as requests to opt out of sale, sharing, targeted advertising, or similar processing.

Privacy requests

You may contact us at privacy [at] digimarc [dot] com to request access to, correction of, deletion of, or other action regarding your personal information. We will respond to requests as required by applicable law.

We may ask you to provide information reasonably necessary to verify your identity and process your request. We may decline or limit requests where permitted by applicable law, including where information must be retained for legal, security, billing, audit, contractual, dispute-resolution, compliance, or legitimate business purposes.

If your request concerns personal information that we process on behalf of a business customer, we may direct you to that business customer.

Authorized agents

Where applicable law permits you to use an authorized agent to submit a privacy request, we may require proof of the agent’s authority and may also require you to verify your identity directly with us.

Declining to provide information

We may need to collect personal information to provide certain Services. If you do not provide information that we identify as required or mandatory, we may not be able to provide the relevant Services or functionality.

Other sites and services

The Services may contain links to websites, mobile applications, platforms, and other online services operated by third parties. In addition, our content may be integrated into websites, mobile applications, platforms, or other online services that are not associated with us.

These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites, mobile applications, platforms, or other online services operated by third parties, and we are not responsible for their privacy practices or actions. We encourage you to read the privacy policies of the other websites, mobile applications, platforms, and online services you use.

Security

We employ technical, organizational, and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet, mobile, and information technologies, and we cannot guarantee the security of personal information.

International data transfer

We are headquartered in the United States and may use service providers, affiliates, partners, and other third parties that operate in other countries. Personal information may be transferred to, stored in, or processed in the United States or other locations where privacy laws may not be as protective as those in your jurisdiction.

Where we transfer personal information from the European Economic Area, United Kingdom, or Switzerland to the United States or another country that has not been recognized as providing an adequate level of protection, we use appropriate safeguards where required, such as the European Commission’s Standard Contractual Clauses, the United Kingdom International Data Transfer Addendum or other United Kingdom-approved transfer mechanism, Swiss transfer safeguards, adequacy decisions, or another transfer mechanism approved under applicable law.

Additional information for individuals in the European Economic Area, United Kingdom, and Switzerland is available in our Notice to European Users.

Children

The Services are not directed to children under 13 years of age, and we do not knowingly collect personal information online from children under 13 without any consent required by applicable law. If we learn that we have collected personal information from a child under 13 in a manner inconsistent with applicable law, we will take appropriate steps to delete the information or otherwise address the collection as required by law.

Certain Services may be intended only for users who are at least 18 years old, as stated in the applicable terms or product notice. If you believe that an individual under 18 has provided personal information to us through a Service that is limited to users who are at least 18, please contact us at privacy [at] digimarc [dot] com.

We do not sell or share the personal information of minors, or process the personal information of minors for targeted advertising, where applicable law requires consent and we have not obtained the consent required by law.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. If we make material changes to this Privacy Policy, we will notify you by updating the date of this Privacy Policy and posting the modified version on the Services or by other appropriate means.

Any modifications to this Privacy Policy will be effective upon our posting the modified version, or as otherwise indicated at the time of posting. Your use of the Services after the effective date of any modified Privacy Policy indicates your acknowledgment that the modified Privacy Policy applies to your interactions with the Services and our business.

How to contact us

You may contact us about this Privacy Policy or our privacy practices at:

Digimarc LLC
8500 SW Creekside Place
Beaverton, Oregon 97008
USA

Attn: Legal Department

privacy [at] digimarc [dot] com

The controller of your personal information is the Digimarc entity that determines the purposes and means of the relevant processing. Depending on the context, this may be the Digimarc entity that provides or operates the relevant Services, the Digimarc entity that enters into a contract with you or the relevant business customer, the Digimarc entity that employs personnel who provide support or other services, or another Digimarc entity identified in an applicable agreement, notice, or communication. For questions about the applicable controller, please contact us at privacy [at] digimarc [dot] com.

U.S. State Privacy Notice

Residents of certain U.S. states may have additional privacy rights and disclosures under applicable state privacy laws. Please see our U.S. State Privacy Notice for more information.

Notice to European Users

Individuals located in the European Economic Area, United Kingdom, or Switzerland may have additional rights and disclosures under applicable data protection laws. Please see our Notice to European Users for more information.