Privacy Policy

Semmle Ltd (trading as Semmle) (“we/us/our“) are committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal or company data we collect from you, or that you provide to us in the course of interacting with our website, or in the course of our business, will be processed by us.  Please read the following carefully to understand our views and practices regarding personal data regarding you and how we will treat it.

If you are applying for a job with Semmle, we additionally draw your attention to our Recruitment Privacy Policy.

For the purpose of the General Data Protection Regulation (“GDPR”), the data controller is Semmle Ltd, Blue Boar Court, 9 Alfred Street, Oxford, Oxfordshire, OX1 4EH

Terms defined in the GDPR (including personal data, processing, controller and processor) have the same meaning in this Privacy Policy.

Information we may collect from you

We may collect and process the following data about you:

Information that you provide by filling in forms on our site (our site) such as the contact form. We may also ask you for information when you report a problem with our site. In the unlikely event we reject an application to subscribe to our newsletter we will not retain any personal information you have provided in your application.

If you contact us, we may keep a record of that correspondence.

If you register for a personal account on our support portal, we will store your name and email address on that portal and on other internal support systems so that we can provide support to you.

We do this in order to be able to run the Semmle website, in order to contact you on a tailored basis to let you know about our products, and in order to provide support if you represent a customer. The lawful basis for doing so (in terms of the European GDPR) is Legitimate Interests. You do not need to explicitly give us consent to process this information; by providing your personal information on the Site (for example by filling in a contact form) you accept that we will store and process that data. 

Information we may collect about you indirectly

As part of carefully managed, selective business to business marketing and sales activities, we may collect your contact details from third party sources such as LinkedIn and use it to contact you on a tailored basis about services which we think might be of interest.

Third-party data processing

We use the third-party Addsearch service to implement site search on and your use of that search functionality is subject to their privacy terms at We host our website using Cloudflare and Heroku. Webinars may be hosted using Zoom.

We may  store your contact details using Google G Suite, Mailchimp, Salesforce, Pipedrive, Yesware, Hubspot and Zoom.

These services may transfer small amounts of personal data outside the European Economic Area (“EEA”), under strict privacy and security controls.

IP addresses

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to ensure the proper operation of our site.


Our websites (includes and other sites using subdomains such as use certain cookies. A cookie is a small file of letters and numbers that we put on your computer. The cookies we use are “analytical” cookies provided by Google Analytics. They allow us to recognize and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our website works, for example by ensuring that users are finding what they are looking for easily. For more information on how Google uses this data, go to

In addition, and if you agree, we may use additional cookies to see how you move around the website, and other websites operated by us, in more detail (“Hubspot tracking”). This allows us to deliver further optimised content and messages for you and other visitors. This processing is done on the basis of your consent, which you can revoke at any time by clicking here (note: the page won’t change when you do this). If you subsequently provide us with your contact details, these will be linked to our records of your visits to our web sites.

You can change your website browser settings to reject cookies although this may impair the functionality of our website.

Your Rights

Various different jurisdictions require us to inform you about your rights as a user. The European GDPR is one of the most strict data regulations, therefore we decided to use that as a guideline here.

Individuals whose personal data is processed on the lawful basis of Legitimate Interests automatically have the following rights.

Right to be informed

This document is designed to inform you exactly how Semmle processes personal data regarding you.

Right of access to Personal Data regarding you

The Site allows you to provide us with a very limited amount of personal data regarding you, which we store to provide you with a good user experience. Please contact us if you would like to provide you with this data.

Right to rectification

The data held by us on The Site is provided by yourself. You can update this data at any point by logging in to The Site. Feel free to contact us if you require assistance.

Right to object, right to erasure, and right to restrict processing

If you would like to object to personal data regarding you being processed by The Site, or would like to restrict the processing, then you can request this by contacting us.

Rights in relation to automated decision making and profiling

The Site does not perform any automated decision making or profiling.

Access to information and contacting Semmle

To keep Personal Data regarding you accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted to us. Please also feel free to contact us if you have any questions about Semmle’s Privacy Policy.

Please contact us at with any questions regarding this Privacy Policy. You can also use this address to contact our Data Protection Officer.

Filing a complaint

If you are unhappy about any part of this Privacy Policy, please contact our Data Protection Officer by sending a message to Alternatively, you can file a complaint with the Information Commissioner’s Office in the United Kingdom, or the relevant authorities in the United States.

History of this Privacy Policy

This policy was last modified on 15 May 2019. Here's what changed:

  • Added information about Zoom webinars

This policy was last modified on 5 April 2019. Here's what changed:

  • Clarify that Semmle's website includes subdomains

14th January 2019:

  • Added link to Semmle's Recruitment Privacy Policy

20 August 2018:

  • Added information about Hubspot tracking

21 June 2018:

  • Updated third party processors

25 May 2018:

  • Explicitly state the lawful basis upon which Semmle processes user data, and mention the rights of individuals under the GDPR.
  • Add information about third party processors
  • Provide additional information about how we process data about customer contacts and sales leads
  • Clarify position on analytics

Get started