Effective Date: February 19, 2019
If you are a Customer, we may ask you to provide us with certain information, such as your name, postal address, email address, and employer. You do not have a statutory or contractual obligation to provide us with your information; however, certain information may be required in order to enter into a contract with us.
We may also collect information from third parties, such as other users of our Services (e.g., we may receive your email address from a Customer that provides it to us in order to invite you to our Services).
We also collect data about you automatically through your use of our Services, as described in the “Automatically Collected Data” section below.
Data we collect from or about you as a Customer, regardless of the source, is considered to be Customer Data. We may combine the information that we collect directly from you with information that we collect from third parties and/or automatically.
We use Customer Data as follows:
For Customers located in the European Economic Area (“EEA”), we process Customer Data when we have the legal basis to do so. That is, if you are a Customer in the EEA, we will only process your Personal Data (as that term is defined in the GDPR) when:
We receive Service Data from or on behalf of our Customers. Because of the nature of our Services, this Service Data may contain any type of data, but typically includes name, contact information and company information, such as company name and number of employees. We also collect data about you automatically through your use of our Services, as described in the “Automatically Collected Data” section below.
Data we collect from or about you as an end user of our Customers’ websites, applications, or services, regardless of the source, is considered to be Service Data, and we may combine the information that we collect directly from you with information that we collect automatically or other information that a Customer provides to us through the Services.
Subject to our contractual obligations, and depending on the particular Services a Customer uses, we use Service Data as follows:
We note that, depending on how a Customer uses our Services, they may be able to view your activities on their websites, applications, or services in real time, such as seeing which webpages of Customer websites you scroll through. Customers may also direct us to record conversations between you and them, including conversations that you have through online chat features of our Services, as well as any calls that may be made using our Services.
We retain Service Data consistent with our contractual obligations to our Customers.
We disclose Customer Data and Service Data in the following ways:
In addition to the above, if you are a Customer, we disclose Customer Data in the following ways:
We collect information about you when you provide it to us and automatically when you use our Services.
We collect information that your browser sends whenever you visit our Website, use our App, or engage with one of our Customers through our Services (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, location information derived from your IP address, browser type, browser version, the pages of our Services or a Customer’s service that you visit, the time and date of your visit, the time spent on those pages and other statistics. When you access our Services, or engage with one of our Customers through our Services, by or through a mobile device, we also collect information such as the following: the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, and your general location information, as described further below.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and transferred to your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The “Help” feature on most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. If you are a Customer and do not accept cookies, you may not be able to use some features of our Services and we recommend that you leave them turned on; if you are an end user of one of our Customers and you do not accept cookies, our Customer may not be able to engage with you through our Services.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari).
We use first party and third party cookies, some required for technical reasons in order for our Services to operate while others enable us to track and target the interests of our users to enhance the experience on our Services. This is described in more detail below:
Please note that even if you exercise the opt-out choices above, you may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt out on the DAA or NAI websites, your opt out may not be effective.
Do Not Track (“DNT”) is a privacy preference that you can set in certain web browsers. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. You can learn more about Do Not Track here.
If you are a Customer, we may use your information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by emailing email@example.com.
If you are a Customer located in the EEA or another jurisdiction with similar individual data rights, you may have certain legal rights (subject to applicable exceptions and limitations) to obtain confirmation of whether we hold Personal Data about you, to access that Personal Data, and to obtain its correction, update, amendment, or deletion in appropriate circumstances. You may also have rights to object to our handling of your Personal Data, restrict our processing of your Personal Data, and to withdraw any consent you have provided. To exercise these rights, please contact us as described below with the nature of your request, and we will endeavor to respond to your request as required by applicable law. While we strongly encourage you to first raise any questions or concerns about your Personal Data with us, you also have a right to contact the relevant supervisory authority.
If you are an end user of one of our Customer’s websites, applications, or services, we do not contact you with newsletters, marketing, or promotional materials unless you agree to receive such communications from us. If you receive communications from a Customer, you should consult that Customer about your options for opting out of receiving that Customer’s communications.
If you are an end user of one of our Customer’s websites, applications, or services and you are located in the EEA, we will respond to your request to exercise any data subject rights consistent with our applicable contractual obligations to the relevant Customer. We may refer your request to the Customer and cooperate with their handling of your request.
The security of your information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the information we have collected about you.
Your Personal Data may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide Personal Data to us, please note that we transfer Personal Data to the United States and process it there pursuant to our Privacy Shield Certification, described below.
We encourage you to contact us as detailed below should you have a Privacy Shield-related (or general privacy-related) complaint. If you are a resident of the EEA, the United Kingdom, or Switzerland and are dissatisfied with the manner in which we have addressed your concerns about our privacy practices, you may seek further assistance, at no cost to you, from TRUSTe, our designated Privacy Shield alternative dispute resolution provider based in the United States through the TRUSTe website at: https://www.trustarc.com/consumer-resources/dispute-resolution/.
Residents of the European Union or Switzerland may elect to arbitrate unresolved complaints but prior to initiating such arbitration, you must: (1) contact Qualified and afford us the opportunity to resolve the issue; (2) seek assistance from Qualified’s designated independent recourse mechanism above; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. Each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the individual.
Qualified is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
Our Services are not targeted to be used by anyone under the age of 18 (“Children”), and we do not knowingly collect personally identifiable information (as that term is defined in the Children’s Online Privacy Protection Act (“COPPA”)) or Personal Data from Children. If you are a parent or guardian and you learn that your Children have provided us with personally identifiable information or Personal Data, please contact us. If we become aware that we have collected such information from Children without verification of parental consent, we take steps to remove that information from our servers.