Last Updated: May 1, 2023
This Notice explains how Datafi Labs Inc. and its affiliates and subsidiaries (“Datafi“, “we“, “our” or “us“) collect, store, use, disclose and otherwise process information about you in the course of our business, including through our websites that link to this Notice (such as datafi.us, home.datafi.us, resources.datafi.us) (the “Sites“), our data platform (the “Service”) and through other means such as our and our partner’s events, sales and marketing activities. It also sets out more information about your privacy rights.
ABOUT OUR SERVICE. We provide the Service to our customers under an Agreement with them and solely for their benefit and the benefit of their personnel and other personnel authorized by them as users of the Service (“Authorized Users“). Our customers can efficiently process and analyze all their data in the Service. Because the Service is cloud-based, Authorized Users may access and use the Service from all over the world, subject to Datafi’s agreement with customers and any applicable laws.
This Notice does not apply to the content that our customers and their Authorized Users upload and store in third-party services (“Customer Content”). In those circumstances:
(a) Datafi is processing Customer Content on behalf of a customer and that customer is responsible for the collection and use of your data; and
(b) That customer’s privacy notice will apply to the customer’s collection and use of such Customer Content.
In such circumstances, you should refer to their privacy notice and direct any queries to them. The customer’s agreement with Datafi governs our use of and processing of Customer Content in these circumstances. For more information about our data collection and use in connection with our Service see the “Information when using the Service” Section below.
INFORMATION YOU PROVIDE: The personal information we collect when you use the Sites, including when you sign up to the Service through our Sites self-service portal (“Self-Service”), and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information. We will let you know prior to collection whether the provision of personal information we are collecting is compulsory or may be provided on a voluntary basis. When using the Sites: We may collect your name, email, postal address, phone number, and other information you provide via the Sites when, for example, you submit inquiries, request more information about our services, complete surveys, or download Datafi collateral, provide feedback about our services or register for sales events or marketing activities. When you register to use our Service: When you register to use our Service, we may collect your personal information (like name and contact details), and for Self-Service we collect credit card information. We may share such credit card information with our third-party service providers, including for payment and billing purposes.
- technical information, or data obtained from APIs, software or systems hosting the products and services and devices accessing these products and services, log files generated during such use;
- data and metadata about an Authorized User, such as user ID, email, IP address, other data about the user’s computer or other device, browser, and connecting software (e.g., OS and software versions); and
- data and metadata about Authorized Users’ activities and behavior within our Service, such as click patterns and feature utilization.
Service Data is used by Datafi for (a) providing, supporting and operating our products and services, (b) network and information security and (c) to analyze, develop and improve our products and services
INFORMATION WE RECEIVE FROM THIRD PARTIES: From time to time, we may obtain information about you from third-party sources, such as public databases and websites, resellers and distributors, joint marketing or business partners, security and fraud detection firms and social media platforms. Examples of the information we may receive from other sources include account information; page-view information; contact information from business partners with whom we operate co-branded events, services and marketing campaigns or joint offerings; search results and links, including paid listings (such as sponsored links); and credit history information from credit bureaus.
THIRD PARTY APPLICATIONS: We may link to certain third-party websites and applications in our Service or on our Sites, such as Facebook. In those circumstances, the data we collect, use and share via the Sites or the Service will be subject to this Privacy Notice. However, your use of the third-party websites, applications and any information you instruct us to send to the third-party will be subject solely to the third-party’s terms and conditions and privacy notice, and will not be subject to any agreements you have with us or this Notice.
USE OF INFORMATION WE COLLECT: We use personal information collected via the Sites, our Service and through other means (e.g., in person) for purposes described in this Notice, including using your information to:
- operate, audit and improve our Sites, products and services;
- provide customer service and support;
- provide and to facilitate the delivery of products and services you request;
- send you related information, including confirmations, invoices, technical notices, updates, security alerts, training and support and administrative messages;
- maintain your account;
- enhance security, monitor and verify identity or service access, combat fraud, spam, malware or other network and/or information security risks;
- detect bugs, report errors and perform activities to maintain the quality or safety of our services;
- conduct research and development;
- understand you and your preferences to enhance and personalize your experience and enjoyment when using our Sites, products and services;
- develop and send you marketing, sales and promotional communications (where this is in accordance with your marketing preferences);
- communicate with you about one of our events or our partner events, including webinars and demos;
- respond to your comments or questions or provide the information requested by you;
- link or combine it with other personal information we get from third parties, to help understand your needs, provide you with better service and to prevent fraud;
- process and deliver contest entries and rewards;
- display and measure engagement with advertisements across different devices and sites;
- maintain legal and regulatory compliance;
- short-term, transient use, such as customizing content that we or our service providers display on the services; and
- process your information for other legitimate business purposes, such as customer surveys, data analysis, audits, collecting and assessing feedback, identifying usage trends, determining the effectiveness of our marketing campaigns and to evaluate and improve our products, services, marketing and customer relationships.
We may store and process personal information in the United States and other countries.
- SHARING OF PERSONAL INFORMATION: We do not share your personal information with third parties other than as follows:
- where it has been de-identified, including through aggregation or anonymization;
- when you instruct us to do so;
- with your consent, for example, when you agree to our sharing your information with other third parties for their own marketing purposes subject to their separate privacy policies;
- with Datafi affiliates, in such case the information will be processed as otherwise described in this Notice;
- with third-party vendors, consultants and other service providers who work for us and need access to your information to do that work. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis, fraud prevention, network and information security, technical support and customer service;
- with third-party business partners, such as distributors, and/or referral partners, who are involved in providing services to our prospects and/or customers, to fulfill product and information requests and to provide customers and prospective customers with information about Datafi and its products and services. From time to time, we may engage in joint sales or product promotions with select business partners. If you purchase or specifically express an interest in a jointly-offered product, promotion or service, we may share relevant personal information with those partner(s). Where you have given your consent to do so, these business partners may send you marketing communications about their own products and services. Please be aware that we do not control our business partners' use of such information. Our partners are responsible for managing their own use of the personal information collected in these circumstances. We recommend you review the privacy notices of the relevant partner to find out more about their handling of your personal information.
- in order to protect any individual’s vital interests, but only where we believe it necessary in order to protect the vital interests of any person; and
- in connection with or during negotiation of any business transfer, merger, financing, acquisition, or dissolution transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company.
LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION (VISITORS AND USERS FROM EEA AND SWITZERLAND ONLY): If you are a visitor or user based in the European Economic Area (“EEA“), Datafi is the data controller of your personal information unless the data is collected in circumstances where one of our affiliates is running a local event, training session or survey, for example, and they collect and control that information. In such circumstances, we will endeavor to make this clear to you in a context-specific notification at the point we collect your personal information. Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information only where we have your consent to do so, where we need the personal information to perform a contract with you or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you. If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time. For more information on our legal basis for processing data, please contact us using the details provided in Section 17 of this Notice.
SECURITY OF YOUR PERSONAL INFORMATION: We take all reasonable and appropriate steps to protect your personal information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration and destruction. We use appropriate technical and organizational measures to protect your personal information which may include: physical access controls, encryption, internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. Our staff who may have access to your information are required to keep that information confidential.
INTERNATIONAL DATA TRANSFERS: Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country, and in some cases, may not be as protective. Specifically, our website servers are located in the U.S. and we may process your information in jurisdictions where our affiliates/partners and third-party service providers are located. However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Notice. These safeguards include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information between us and our business affiliates and associates to whom we transfer the information which require these companies to protect personal information they process from the EEA or Switzerland in accordance with European Union data protection law. Our Standard Contractual Clauses can be provided on request. We implement similar appropriate safeguards with our third-party service providers and further details can be provided upon request. Please note we have additionally certified to comply with the Privacy Shield Principles for limited international data transfers from the EEA and Switzerland, where we act as a processor on behalf of business customers based in the EEA and Switzerland and where we act as a controller regarding Datafi human resources and internal business operations data from the EEA and Switzerland.
YOUR INFORMATION CHOICES AND CHANGES: You may opt out of receiving promotional emails from us by following the instructions in those emails. If you opt-out, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations. You may also send requests about your contact preferences and changes to your information, including requests to opt-out of sharing your personal information with third parties, by emailing firstname.lastname@example.org. If you are looking to exercise your consumer rights under the California Consumer Privacy Act (CCPA), please use the form found in Section 12 below; if you are looking to exercise your data subject rights under the General Data Protection Regulation (GDPR), please use the form found in Section 13 below.
CALIFORNIA USERS ONLY: YOUR CALIFORNIA PRIVACY RIGHTS California Consumer Privacy Act: The California Consumer Privacy Act of 2018 (“CCPA”), effective as of January 1, 2020, requires businesses that collect personal information of California residents to make certain disclosures regarding how they collect, use and disclose such information. This section addresses those requirements. For a description of all of our data collection, use and disclosure practices, please read this Privacy Notice in its entirety. Personal Information Collection and Sharing: Datafi does not sell personal information as we understand sale to be defined by the CCPA and its implementing regulations. The categories of personal information we collect about you and the third parties with whom we share that personal information for a business purpose are as follows:
Categories of Personal Information We Collect and We Share Information. for Business Purposes
- Identifiers (such as name, address, email address)
- Corporate affiliates, vendors, service providers and third-party business partners (as identified above)
- Any categories of personal information described (such as address, telephone number, and financial information)
- Internet or Other Network or Device Activity (such as browsing history or app usage)
- Professional or Employment-Related Data (such as the name of your employer)
- Inferences are drawn from any of the information identified above
- Sources of Personal Information: The sources from which we collect personal information are described in Sections 1, 2 and 3 above. Purposes for Collecting Personal Information: We collect personal information identified in the lists above to communicate with you, for marketing and promotional purposes, to provide and improve our services and other purposes set forth in Section 6 above. California Consumer Rights: California law gives California residents the right to make the following requests with regard to certain information we collect about them, at no charge, two times every 12 months:
- the right to request a copy of personal information we collected or disclosed for a business purpose in the past 12 months.;
- the right to request deletion of personal information we collected, subject to certain exemptions (for example, where the information is used by us to detect security incidents, debugging or to comply with a legal obligation); and
- the right to request that we disclose personal information we collect, use and disclose.
You can submit a copy, deletion or right-to-know request online by emailing email@example.com. Datafi will verify that the information you submit [(which includes first name, last name, email address, company, and country/state)] matches our records before we fulfill the request. You may use an authorized agent to submit a consumer rights request on your behalf using the methods above, however, Datafi will require the authorized agent to provide signed permission to submit the request on your behalf and may still contact you to confirm your identity and that this request was submitted with your permission. Datafi does not discriminate against you for exercising your rights or offer you financial incentives related to the use of your personal information.
- EEA AND SWITZERLAND USERS ONLY: YOUR PRIVACY RIGHTS: If you are a resident of the EEA or Switzerland you have the following data protection rights:
- if you wish to access, correct, update or request deletion of your personal information, you can do so at any time by emailing firstname.lastname@example.org;
- you can object to processing of your personal information, ask us to restrict processing of your Personal Information or request portability of your personal information by emailing *email@example.com;
- if we collected and processed your personal information with your consent, you can withdraw your consent at any time by emailing firstname.lastname@example.org. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent
EEA AND SWITZERLAND USERS ONLY: YOUR PRIVACY RIGHTS IN RESPECT OF CUSTOMER CONTENT: If personal information pertaining to you as an individual has been submitted to the Service by or on behalf of a Datafi customer and you wish to exercise any data protection rights you may have in respect of that data under applicable law, including (as applicable) the right to access, port, correct, amend or delete such data, please inquire with the relevant Datafi customer directly. We have a limited ability to access Customer Content. However, if you wish to make your request directly to us, please provide the name of the Datafi customer who submitted your data to our Service. We will refer your request to that Datafi customer and will support them as needed in responding to your request within a reasonable timeframe.
DATA RETENTION AND DELETION: We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements, to enforce our agreements or comply with our legal obligations). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing, until deletion is possible. When processing Customer Content on behalf of our customers, we will retain Customer Content for as long as our customer instructs us to and/or as required by applicable law.
CHANGES TO THIS NOTICE: We may change this Notice from time to time. If we make any changes to this Notice, we will change the “Last Updated” date above. If such changes are material in nature, we will provide you with additional notice (such as adding a statement to the main website page or sending you an email notification).