QUANTIFIND PRIVACY POLICY
Effective Date: September 28, 2020
Quantifind, Inc. (“Quantifind”,“we”, “us” or “our”) is committed to protecting the Personal Data it collects. This Privacy Policy, together with our Cookie Policy available at: https://www.quantifind.com/cookie-policy, explains how we process the Personal Data we collect in relation to the services we provide through ourInternet websites and applications, and the related services we provide through the Internet, in person, through the telephone or through use of electronic communications (individually and collectively, the “Services”).
Please read this Privacy Policy carefully before you use our Services. If you do not feel comfortable with any part of this Privacy Policy, you should not use or access our Services.
We may revise this Privacy Policy from time to time in response to changing legal, technical, or business developments. The date at the top of the Policy indicates date of the last change (“Effective Date”). If we make any material changes to this Privacy Policy, we will notify you by prominently posting notice of the updated Privacy Policy on this page, together with its Effective Date, and will notify users as required by law. Your continued use of our Services after we have posted a new Privacy Policy shall indicate your agreement to be bound by the terms of the new Policy. If you do not wish to permit changes in our use of your Personal Data, you must notify us prior to the new Policy’s Effective Date that you wish to deactivate your account with us and you should cease further use of our Services.
1. TYPES OF PERSONAL DATA WE COLLECT.
As used in this Privacy Policy, Personal Data means data that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you, such as your name, address, telephone number or e-mail address (“Personal Data”).
1.1 Personal Data You Voluntarily Provide to Us. If you provide us feedback or contact us via e-mail or through our Services, we will collect your name and e-mail address, as well as any other content included in the feedback ore-mail, in order to send you a reply. When you request information, or establish an account with us, we may collect additional profile information.
1.2 Data About Your Use of Our Services. Our computer systems(or those of our service providers) may electronically collect information about you when you use our Services. The information collected may be machine generated and may include, for example, the domain name of your Internet provider, your browser type, time zone, language, operating system, date of the visit, URL of the last webpage visited before visiting our website, and URL of the first page you visit after leaving our website, pages viewed, time spent on a page, click through and clickstream data, search results selected, history, or comments made. When we send you an electronic communication, such as an e-mail, we may collect certain information, such as the action taken upon receipt of the e-mail (for instance, whether you opened or deleted the e-mail).
Our Services use third party services that use cookies and similar technologies (e.g.,web beacons, pixels and device identifiers) to store on a user’s computer or device information about the user’s identity and preferences and settings, to gather statistical information about the use of our Services, and to improve the design and functionality of our Services. Please review our Cookie Policy, available here: https://www.quantifind.com/cookie-policy, for further information about how we use cookies and how you can disable them.
1.3 Personal Data Collected from Third Parties. We may obtain information from third parties with whom we do business or for our business purposes, such as in connection with a trade show or webinar or through public databases, social media or joint marketing partners.
1.4 Personal Data We Collect from Public Sources. We collect Personal Data on public domains run by various entities, such as government institutions and social media service providers (“Review Data”). Review Data collected on these domains include name, e-mail, phone number, address, employment information, familial relations and birthdate. We process this data to provide our Services and assist our customers in performing due diligence and other screen activities required by law and risk management assessments that are in the public interest (“Reviews”). Please note that Quantifind’s customers make their own decisions about how to use the Review Data they receive to conduct their Reviews.
1.5 Personal Data You Provide to Our Affiliates and Subsidiaries. We may get Personal Data from our current and future subsidiaries, parent companies, or other companies that control or are under common control with us (our “Affiliates”).
2. USE OF YOUR DATA.
We use your Personal Data for the following purposes:
2.1 To Provide the Services Requested. We use the Personal Data you voluntarily provide us to remember a user’s preferences, such as language, font size and communication type, and the user’s interests regarding subject matter. We also use data to allow a user to navigate or browse through our Services more quickly and efficiently, and to perform other functions or processes described to the user at the time of collection of the Personal Data from that user. We use Personal Data collected from Public Source and Third Parties to provide the services requested by our customers.
2.2 For Internal Use. We use your Personal Data for the purposes of furthering our business, including improving, enhancing or modifying our Services through data analysis, audits, security and fraud monitoring and prevention. We may also use data to determine the approximate location of each user, calculate usage levels, diagnose server problems, and in general to administer the Services, in each case through use of a user’s IP address.
2.3 To Provide You with Service-Related Communications. We will send you administrative or account-related information to keep you updated about our Services. Such communications may include information about policy updates, security updates or tips or other relevant information. We process your contact information to send you such communications and to forward administrative information to the user. Service-related communications are not promotional in nature. You are not able to unsubscribe from such communications, otherwise you may miss important developments relating to your account or the Services.
2.4 To Respond to User Questions and Other Requests. We collect any information that you provide to us when you contact us, such as with questions, concerns, feedback, disputes or issues. Without your Personal Data, we cannot respond to you or ensure your continued use and enjoyment of the Services. If you provide us with feedback on any of our Services, we may use such feedback for any purpose in accordance with this Privacy Policy.
2.5 To Engage in Marketing Activities. Marketing lets us grow our community and update you about new products and services. We process your Personal Data to send marketing information, invitations to events or other communications that we believe may be of interest to the user.
2.6 To Enforce Compliance with Our Terms and Agreements or Policies. When you access or use our Services, you are bound by this Policy. To ensure you comply with them, we process your Personal Data by actively monitoring, investigating, preventing and mitigating any alleged or actual prohibited, illicit or illegal activities on our Services. We also process your Personal Data to investigate, prevent or mitigate violations of our internal terms, agreements or policies; enforce our agreements with third parties and business partners; and, as applicable, collect fees based on your use of our Services.
2.7 To Maintain Legal and Regulatory Compliance. Our Services are subject to certain laws and regulations which may require us to process your Personal Data. For example, we process your Personal Data to pay our taxes, to fulfill our business obligations, ensure compliance with employment and recruitment laws or as necessary to manage risk as required under applicable law.
3. DISCLOSURE OF YOUR PERSONAL DATA.
Except as otherwise stated in this Privacy Policy, we do not generally sell, trade, share, or rent the Personal Data collected from our Services to other entities.
3.1 Disclosure to Service Providers. We may share your Personal Data with service providers to provide you with the Services; to conduct quality assurance testing; to facilitate creation of accounts; or to provide technical support. These service providers are contractually required not to use your Personal Data other than to provide the services we request.
3.2 Quantifind Customers. We only make Review Data available to our customers that have a legitimate need to access such information in relation to Reviews. We also require that they only use it for the purposes of carrying out Reviews or to otherwise comply with law. If any of our customers uses Review Data beyond the limited purposes permitted by us, we may act to terminate the customer’s access to Quantifind.
3.3 Affiliates. We may share some or all of your Personal Data with our Affiliates, provided our Affiliates honor this Privacy Policy.
3.4 Change in Control or Sale. We may transfer users’ Personal Data to a successor entity in the event of a sale, merger, transfer or other disposition of all or any portion of our business, assets or ownership, or other change in control. Except as otherwise provided by a bankruptcy or other court, the use and disclosure of all transferred Personal Data will be subject to policies that are consistent with the policies described in this Privacy Policy. However, any information that a user submits or that is collected after that transaction may be subject to the privacy policy adopted by the successor entity.
3.5 Legal Requests and Prevention of Harm. We may use, share or disclose information about users, including your Personal Data, in order to address legal concerns or liabilities, particularly when we believe that a user has misused our Services, such as to gain unauthorized access to any system, to engage in spamming activities, to engage in denial of service or similar attacks, or to conduct any fraudulent or unlawful activity. We also may be required to provide legal authorities access to a user’s information, in accordance with applicable law, including laws outside the user’s country of residence.
4. SECURITY OF YOUR PERSONAL DATA.
We use a variety of technical, organizational and administrative measures to protect user information that we possess against unauthorized or unlawful access or processing, and against accidental loss, destruction or damage. We believe that these measures are reasonably adapted to the nature and types of information in our custody, However, even though we take reasonable efforts to protect the information in our custody, no transmission over the Internet and no data storage or security system is fully secure. Therefore, we cannot guarantee the security of any information that we may receive from you or transmit to you. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website.
5. RETENTION OF YOUR PERSONAL DATA.
We retain Personal Data as long as necessary to perform the activities described in this Privacy Policy and to comply with our legal obligations. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies. Quantifind will also retain Services usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our website and Services, or we are legally obligated to retain this data for longer periods.
6. INTERNATIONAL TRANSFERS OF INFORMATION.
Your Personal Data maybe processed in the country in which it was collected and in other countries or jurisdictions that may not have the same data protection laws, or provide as much protection to Personal Data, as the country where you reside. If you are located outside the United States and choose to provide information to us, please note that we transfer your information, including your Personal Data, to United States and process it there.
Quantifind will take all the steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Privacy Policy. If you do not want your Personal Data transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use the Services.
If you are located in the European Economic Area, the United Kingdom or Switzerland at the time your Personal Data is collected, we will take appropriate contractual or other steps to protect the relevant Personal Data in accordance with applicable laws. These steps include implementing the European Commission’s Standard Contractual Clauses for transfers of Personal Data to those countries that are not deemed “adequate” by the European Commission.
7. THIRD-PARTY LINKS TO OTHER WEBSITES ON THE SERVICES.
7.1 Third Party Links. The Services may contain links to third-party websites to provide additional information or for the purposes of communication with such third parties. We are not responsible for the privacy policies of those third parties, and strongly encourage you to read and understand their privacy policies. This Privacy Policy applies solely to information collected by Quantifind.
7.2 Social Media. The Services may provide links to social media services (e.g., LinkedIn and Facebook) where a user is able to post comments. These services may collect, retain and share information about a user. Use of such services is subject to the terms and conditions of their privacy policies. Please note that any information that is posted or disclosed through social media may be available to us, to other users of that service or to the public. We recommend caution when using these features. Please check privacy policies of these social media websites before using their services.
8. CHILDREN.
Children under the age of 16 should not send us Personal Data. We do not knowingly collect any Personal Data from children who are under the age of 16. If we become aware that an individual under the age of 16 is submitting information to us, we will attempt to delete the information as soon as possible.
9. DO NOT TRACK SIGNALS.
Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. The Internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. Consequently, due to the lack of guidance, we have not yet developed features that would recognize or respond to browser-initiated Do Not Track signals in response to the laws of California or any other jurisdiction.
10. YOUR PRIVACY RIGHTS.
10.1 Opt-Out from Communication. We may periodically send you communications that directly promote the use of our Services and potentially those of our marketing partners. When you receive promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by contacting us directly (please see contact information below). Despite your indicated e-mail preferences, we may send you notices of any updates to our Privacy Policy.
10.2 Changes to and Deletion of Personal Data. You may request that we change or delete any of your Personal Data in your account by sending an e-mailto us at the e-mail address set forth below in the “How to Contact Us” section below. However, we may be required (by law or otherwise) to retain this information and not delete it (or to retain this information for a certain time period, in which case we will comply with your deletion request only after we have fulfilled such requirements).
11. NOTICE FOR CALIFORNIA RESIDENTS.
This section applies only to California residents. Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), below is a summary for the last twelve (12) months of the Personal Information categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that we collect, the reason we collect the Personal Information, where we obtain the Personal Information, and the third parties that we may share the Personal Information. Under the CCPA,Personal Information is defined as any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“Personal Information”).
We generally collect the following categories of Personal Information in providing our Services
- identifiers such as a name, address, unique personal identifier, email, phone number, your device’s IP address, software, and identification numbers associated with your devices;
- information in customer records;
- characteristics of protected classifications under California or federal law, such as gender.
- commercial information such as records of products or services purchased, obtained, or considered by you;
- Internet or other electronic information regarding you browsing history, search history, the webpage visited before you came to our website, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;
- professional or employment-related information;
- your geolocation, to the extent you have configured your device to permit us to collect such information;
- audio recordings of your voice to the extent you call us, as permitted under applicable law; and
- inferences about your preferences, characteristics, behavior and attitudes.
- We generally do not collect biometric information, geolocation information, or education-related information. For more information about the Personal Information we collect and how we collect it, please refer to section 1 above, and our Cookie Policy available at: https://www.quantifind.com/cookie-policy.
- We collect Personal Information for the business purposes described in section 2 above, and in our Cookie Policy. The CCPA defines a “business purpose” as the use of Personal Information for the business’s operational purposes, or other notified purposes, provided the use of Personal Information is reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or another operational purpose that is compatible with the context in which the Personal Information was collected.
- The categories of third parties with whom we may share your Personal Information are listed in Section 3 above.
11.1 California Privacy Rights. If you are a California resident, you have rights in relation to your Personal Information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the Personal Information, your account with us or the security of our network systems.
To assert your right to know, to access, or to delete your Personal Information, please contact us by email. To confirm your identity, we may ask you to verify Personal Information we already have on file for you.If we cannot verify your identity based on the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
- Right Against Discrimination. You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising your right to know, delete or opt-out of sales.
- Right to Know. You have the right to request in writing: (i) a list of the categories of Personal Information, such as name, address, email address, that a business has disclosed to third parties during the immediately preceding calendar year for the third parties' direct marketing purposes, and (ii) the names and addresses of all such third parties.In addition, you have the right to request: (i) the categories of Personal Information we have collected about you, (ii) the categories of sources from which Personal Information is collected, (iii) the business or commercial purpose for the information collection, (iv) the categories of third parties with whom we have shared Personal Information, and (v) the specific pieces of Personal Information we hold about an individual.
- Right to Access. You have the right to request a copy of the specific Personal Information we collected about you during the 12 months before your request.
- Right to Delete. You have the right to request us delete any Personal Information we have collected from you or maintain about you, subject to certain exceptions.
- Right to Opt-Out of Selling. California residents have the right to opt-out of having their Personal Information sold. In 2019, we were sharing identifiers about you with certain third-party advertising cookie providers in such a way that, under the CCPA, may be defined as selling. We do not currently sell your Personal Information.
11.2 Shine the Light Law. We currently do not sharePersonal Information with third parties for their direct marketing purposes without the express consent of the user.
12. NOTICE TO INDIVIDUALS IN THE EUROPEAN ECONOMIC AREA, UNITED KINGDOM AND SWITZERLAND
This section only applies to individuals that access or use our Services while located in the EEA, United Kingdom and/or Switzerland (collectively, the“Designated Countries”). We may ask you to identify which country you are located in when you use some of the Services or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in the Designated Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to users in the Designated Countries.
12.1 Our Relationship to You. Quantifind is a controller with regard to any Personal Data collected from individuals where it determines the purposes for which and the manner in which any Personal Data is processed. In certain situations, customers may hire Quantifind to collect Personal Data about individuals. In such cases, we are processing such Personal Data purely on behalf of our customers as data processors, and any individuals who seek to exercise their rights should first direct their query to our customer (the controller).
12.2 Data Transfers Outside the EEA. When Quantifind transfers your Personal Data to a business not located in the Designated Countries, we comply with the conditions laid down in Chapter 5 of the General Data Protection Regulation (“GDPR”). We transfer your Personal Data subject to the appropriate safeguards required under the applicable law. Depending on the circumstances the transfer of your Personal Data out of the Designated Countries, or an onward transfer of your Personal Data, may be necessary for the performance of our contract with you, the performance of a contract between us and another party that we entered into for your interest, or for important reasons of public interest. Whenever we share your Personal Data with another party, we contractually require the recipients to comply with the GDPR and all other applicable data protection laws in processing your Personal Data and/or we rely on Standard Contractual Clauses in relation to such transfers.
Quantifind also participates in and has certified its compliance with both the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks asset forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area (“EEA”), United Kingdom, and Switzerland to the United States, respectively. Under the Privacy Shield Frameworks, Quantifind is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. To learn more about the Privacy Shield program, and to view our certification, please visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
Quantifind commits to resolve complaints about the processing of Personal Data collected from individuals located in the EEA, the United Kingdom and Switzerland in compliance with the Privacy Shield Principles. European data subjects with inquiries or complaints relating to our Privacy Shield certifications should first contact us at privacy@quantifind.com. If we are unable to you may refer your complaint to our designated independent dispute resolution mechanism is JAMS at https://www.jamsadr.com/eu-us-privacy-shield. If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield, Annex 1.
12.3 Marketing. We will only contact individuals located in the Designated Countries by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law or the individual’s consent. If you do not want us to use your Personal Data in this way or to disclose your Personal Data to third parties for marketing purposes, please click an unsubscribe link in your emails or contact us at privacy@quantifind.com. You can object to direct marketing at any time and free of charge.
12.4 Legal Bases for Processing Your PersonalData. Our legal basis for processing Personal Data described in this Privacy Policy will depend on the specific Personal Data, the context in which we process it, and the purposes for which it is used. In general, we collect Personal Data from you only, where we need it to perform our contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent to process your Personal Data. In some very rare cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.
To the extent we process your Personal Data perform a contract with you or comply with a legal requirement, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not. If we process your Personal Data in reliance on our legitimate interests (or those of any third party), we will indicate what those legitimate interests are at the relevant time, or upon request.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the "How to contact us" heading below.
12.5 Your Individual Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests in the following ways: (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; and (d) where the request is frivolous or burdensome.
If you would like to exercise your rights under applicable law, you can do so at any time by filling out Quantifind’s Data Subject Rights Requests Form. Please note that we may ask you to verify your identity before responding to such requests.When we fulfill your individual rights requests for rectification, erasure or restriction of processing, we will notify third parties also handling the relevant Personal Data unless this proves impossible or involves disproportionate effort. In certain circumstances, you have the following data protection rights:
• Access or delete. You can seek to access or to request deletion of the Personal Data we hold about you.
• Rectification. You may seek to have your Personal Data rectified if that information is inaccurate or incomplete.
• Object to processing. You have the right to object to our processing of your Personal Data.
• Restriction. You may have the right to request that we restrict the processing of your Personal Data.
• Portability. You may have the right to be provided with a copy of the Personal Data we have on you in a structured, machine-readable and commonly used format.
• Withdraw consent. You may have the right to withdraw your consent at any time where we relied on your consent to process your Personal Data.
• Not to be subject to automated individual decision-making. We do not subject your Personal Data to such processing activities.
If you believe that we have infringed or violated your rights under this Privacy Policy, please contact us at privacy@quantifind.com so that we can work with you to resolve your concerns. You also have the right to lodge a complaint about our processing of your Personal Data with your data protection authority.
13. HOW TO CONTACT US.
We welcome your comments or questions regarding this Privacy Policy. Please e-mail us at privacy@quantifind.com. If you prefer to contact us by mail, please use the following address: Quantifind, Inc., Attn: LegalDepartment, 8 Homewood Place, Suite 100, Menlo Park, CA 94025.