data.ai Privacy Policy

See Previous Version

data.ai inc. and its subsidiaries and affiliated companies, including but not limited to data.ai Europe Limited and other data.ai family of companies (' Related Companies') (collectively ' data.ai ', ' our', ' we ', or ' us') are committed to protecting the privacy of individuals who interact with us ('you' and 'your'). See a list of our Related Companies here (https://www.data.ai/en/legal/privacy/related-companies-subprocessors).

This Privacy Policy (' Policy ') specifically explains how we collect, use, and share the Personal Information about you when you interact with us in any of these ways (together or in any combination the ' Services '):

• Visit, interact with or use our website www.data.ai (' Website '), including when you create an account, contact us through the Website contact form, interact with our chatbot, or request a demo/free trial, or when you visit our Careers Site, Learning Platform or our Community Page;
• Download and use our mobile applications data.ai Analytics and Pulse by data.ai (together the ' Apps ');
• Use one of our services available for download and use through our Website or Apps (' Intelligence Services '), including Intelligence (free or paid); Connect or ConnectPlus; and Ascend; and
• Otherwise interact with us, such as through our social media pages/accounts on LinkedIn, Facebook, Twitter, YouTube, Weibo, and Glassdoor or when you elect to receive our marketing communications.

If you are a job applicant, your Personal Information is handled according to our Applicant Privacy Notice (https://dataai.docsend.com/view/tqtzz9ssb6f45xw3).

This Policy does not apply to other websites, mobile applications, or services provided or operated by data.ai. It also does not apply to any websites, mobile applications, or services provided by companies other than data.ai. Please visit the privacy policy for the respective website, mobile application or service to learn about their data collection and use if you interact with these other services. We are not responsible for the privacy or data security practices of these third parties, which may differ from those set forth in this Policy.

When you access or use the Services, you acknowledge that you have read this Policy and understand its content. Any dispute over privacy is subject to this Policy, the Terms of Service accessible on the Website/Apps, and any applicable additional service terms (including any applicable limitations on damages and the resolution of disputes). If any term of this Policy is unacceptable to you, please do not access or use the Services and do not provide your Personal Information.

Table of Content

1. About data.ai
2. The Personal Information We Collect
3. Cookies and Similar Technologies
4. How We Use Your Personal Information
5. How We Disclose Your Personal Information
6. Transfers to Other Countries
7. Data Retention
8. Our Commitment to Security
9. Children’s Privacy
10. Do Not Track
11. Your Privacy Rights and Choices
12. Updates to this Policy
13. How to Contact Us

1. About data.ai

data.ai is a global company headquartered in the United States currently with twelve offices throughout North America, Europe and Asia Pacific. data.ai is a provider of a mobile data and analytics platform supporting the entire app lifecycle. Our products amongst other things, aggregate performance data from various different sources, including apps and publisher accounts enabling businesses to track competitive market share across metrics such as downloads, revenue, usage, and engagement metrics, identify emerging players and competitive threats, and optimize advertising and monetization ecosystem. We offer solutions for product management, marketing, growth strategies, advertising platforms, retail, and other mobile and app markets.

2. The Personal Information We Collect

For the purpose of this Policy, ' Personal Information ' means any information relating to an identified or identifiable individual. Personal Information does not include information that has been anonymized. We obtain Personal Information relating to you from various sources described below. The Personal Information we collect and use depends on the context of your interactions with data.ai and the choices you make, the Services and features you use, your location, and applicable laws, but can include the following:

i. Personal Information Provided Directly by You

We collect the Personal Information that you provide directly to us.

Services

We may also receive other Personal Information that you may voluntarily choose to provide to us. Please do not provide confidential or sensitive information such as your password in your communications with us.

Providing your Personal Information is optional, but it may be necessary for you to be able to use or access certain features, such as when you sign on to use one of our Intelligence Services or when you register for an event. In such cases, if you do not provide your Personal Information, we may not be able to provide you with your request.

ii.Information We Collect Automatically

We automatically collect certain device and usage information when you use or interact with our Services.

iii. Information We Obtain from Third Parties

We may receive information about you from our third-party partners, such as business or marketing partners. We may combine this information with the other information we collect about you to provide more useful information to you regarding our Services. For example, we collect Personal Information when you register through a data.ai partner (e.g., a partner who co-hosts an event, webinar, or whitepaper), from our Related Companies, lead generation providers, public databases, data providers, and social media platforms. This information may include, for example, first and last name, mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs, and order information and billing information.

3. Cookies and Similar Technologies

Website

When you use our Website and Intelligence Services, we and our third-party service providers may collect information from you through cookies, web beacons, web server logs, and similar technologies. Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by website owners like data.ai to make their websites work, better understand how site visitors use the website, and provide more targeted content to its site visitors.

Cookies created and set by the website owner (in this case, data.ai) are called 'first party cookies.' Cookies created and set by parties other than data.ai are called 'third-party cookies.' We use first and third-party cookies for several reasons:

• For technical reasons in order for our Website to operate and we refer to these as 'strictly necessary' cookies;
• To allow us to count visits and traffic sources so we can measure and improve the performance of our Website. They help us to know which pages are the most and least popular and see how visitors move around the site. We refer to these as 'performance' cookies;
• To enable the Website to provide enhanced functionality and personalization and we refer to these as 'functional' cookies;

For more information on these types of cookies, including the type, duration and description of the cookie, please visit our Cookie Settings which can be found linked at the bottom of this page.

Log Information. In conjunction with gathering information through cookies, our web servers may log information such as your device type, operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. We also may record information such as the address of the web page that referred you to our Services and the IP address of your device. We also may log information about your interaction with the Services, such as which pages you visit. Where legally required, we obtain your consent into these activities.

Web Beacons. We also collect information using web beacons (also referred to as gifs and pixels), alone or with cookies. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you view a particular website or service tied to the web beacon, and a description of a website or service tied to the web beacon. For example, we may place web beacons in marketing emails that notify us when you click on a link in the email that directs you to our Site. We use web beacons to understand usage and marketing campaign effectiveness, and to operate and improve our Site, Services, and email communications. Where legally required, we obtain your consent into these activities.

Legal Basis for Processing. Where the placement of cookies involves the processing of Personal Information, the legal basis for processing Personal Information in connection with strictly necessary cookies is our legitimate interest in the functioning of our Website. Strictly necessary cookies do not require consent pursuant to the (EU) ePrivacy Directive and its implementing laws. For the processing of Personal Information in connection with performance cookies, functional cookies and targeting cookies, we obtain your consent via our Cookie Settings where required by applicable law. You can revoke your consent at any time with effect for the future by accessing the relevant cookie(s) at our Cookie Settings and changing your preferences.

For information regarding transfers of Personal Information collected through cookies, see the 'Transfers to Other Countries' Section 6 below.

Cookie Settings. Once you enter into the Website for the first time or after one (1) year as of the time you have accepted or rejected the use of cookies, a pop-up window appears that notifies you of the use of cookies. Cookies that do not require your consent, will be automatically enabled and placed on your device. With respect to any cookies, which are not strictly necessary cookies, you have the option to accept or reject the use of all or some of them by clicking 'Accept all' or 'Reject All' or adjusting 'Cookies Settings'.

Click on our Cookie Settings to change your cookies preferences at any time. Through your browser settings you can also manage cookies that are already placed on your device or prevent the future storage of cookies. We describe below specifically how you can prevent the use of Google Analytics.

Analytics Providers on the Website and Intelligence Services. In addition to other third-party cookies, we work with analytics providers, such as Google Analytics, Heap and Amplitude, which use cookies and similar technologies to collect and analyze information directly from user’s browsers to enable us to better understand your use of our Website in order to diagnose and improve the Services and to fix issues and report on activities and trends.

Google Analytics

Subject to your consent in our Cookie Settings, the Website uses Google Analytics ('Google Analytics') to allow us to analyze and regularly improve the use of our Website.

Google Analytics is a web analytics service provided by Google LLC. The responsible service provider in the EU is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ('Google'). For analyzing the use of our Website with Google Analytics, cookies are stored on your device.

Access by Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA, Alphabet Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and/or US authorities to the data stored by Google cannot be ruled out and there may be no effective legal remedies against access by US authorities.

To the extent Personal Information is processed in a country outside the EEA, UK or Switzerland that does not provide for an adequate level of data protection, such as for example currently the USA, we have entered into appropriate contractual safeguards based on EU Standard Contractual Clauses with Google. If you have consented to the use of Google Analytics or all cookies, you also consent to the transfer and further processing of information collected via cookies to countries outside the EEA, UK and Switzerland.

More information about the contractual arrangements for the processing of Personal Information with Google and the implemented safeguards can be found at: https://privacy.google.com/businesses/processorterms/ and https://privacy.google.com/businesses/controllerterms/.

We have also taken the following measures to protect, to the extent possible, the data collected through Google Analytics:

• We have configured Google Analytics to not share data with third parties.
• We do not use the function User-ID.

You can also prevent the collection of data generated by the cookies and related to your use of the Website (including your IP address) to Google and the processing of this data by Google by

• not consenting to the setting of the Google Analytics cookies or all cookies in our Cookie Settings or withdrawing consent at any time with effect for the future in our Cookie Settings;
• for website-based use, downloading and installing the browser add-on to disable Google Analytics https://tools.google.com/dlpage/gaoptout

Furthermore, you can prevent the storage of cookies when using our Website by configuring your browser software accordingly to reject (all) cookies. However, if you configure your browser to reject all cookies, this may limit functionality on this and other websites.

For more information about Google Analytics terms of use and Google's privacy policy, please visit https://marketingplatform.google.com/about/analytics/terms/gb/ and https://policies.google.com/.

Amplitude and Heap

Amplitude and Heap are web analytics services provided by Amplitude Inc., and Heap Inc. respectively used For analyzing the use of our Website with Amplitude and Heap, cookies are stored on your device.

You can find more information on privacy and security in, including the Personal Information processed and the device information collected, at https://amplitude.com/privacy and https://www.heap.io/privacy.

We do not use cookies in our Apps. If you download and use one of our Apps, we collect the following information automatically through third-party SDKs:

Crash Reporting To identify and fix performance issues, we process information about your mobile device (e.g., model, country location) as well as other tracking and performance data. You also consent to Google LLC storing and accessing this information on your device, including unique identifiers. We use a third-party service to detect app crashes—Google LLC’s Firebase Crashlytics in the U.S.—to process:

• Device-specific information (e.g., model, operating system and version number);
• Unique identifiers (a unique installation ID used to deduplicate crashes); and
• Other crash-related information (e.g., date and time of crash and crash traces).

Firebase Crashlytics helps us to combine this information across different devices and operating systems to identify and fix problems with the app and to improve its performance. We do not combine Personal Information collected through Firebase Crashlytics with any other Personal Information we may have received from you for other purposes.

Your consent will allow us to disclose and process your Personal Information through Firebase Crashlytics. Your consent also will allow Firebase Crashlytics to store and gain access to unique identifiers on your mobile device.

You can find more information on privacy and security in, including the Personal Information processed and the device information collected, at https://firebase.google.com/support/privacy.

User Analytics & Remote Configuration

To improve the app user experience and notify users about upcoming changes, we process information about your mobile device (e.g., model, city, and country location) and your interaction within the app.

You also consent to Leanplum Inc., Heap Inc., Amplitude Inc., and Google LLC storing and accessing information on your device, including unique identifiers.

To track how users generally interact with our app, identify problems we should fix, and determine which features we should support or remove, we use third-party tools by Leanplum, Heap, Amplitude, and certain of Google’s Firebase services in the U.S. to process:

• Unique identifiers;
• Device-specific information (e.g., model, operating system, version number);
• User interaction statistics and information, such as the number of daily active users, how often and when users launch or close our app, which app screens users open and how they interact with different app features; and
• Information relating to the physical location of your device at the city/region/country level.

For example, we use user and device identifiers to assign users to particular groups and remotely test whether or not they use certain app features. We do not use this information to target users with ads or promotions.

These tools also allow us to notify users about upcoming app changes (e.g., to send in-app messages or show push notifications).

Your consent will allow us to disclose and process your Personal Information through the Leanplum, Heap, Amplitude, and Firebase services we currently use. Your consent also will allow Leanplum and Firebase to store and gain access to unique identifiers on your mobile device.

You can find more information on the Personal Information processed by Leanplum ( https://docs.leanplum.com/reference/user-and-device-tracking ), Heap ( https://www.heap.io/privacy ), and Amplitude ( https://amplitude.com/privacy ).

You have choices regarding how we collect and use information. For more information, please see the 'Your Privacy Rights and Choices' Section 11 below.

We use data analytics companies, advertising networks, or social media companies, as well as features offered by data analytics services, to engage in ‘cross-device tracking.’ Cross-device tracking occurs when platforms, publishers, and advertising technology companies try to connect a consumer’s activity across smartphones, tablets, desktop computers, and other connected devices. The goal of cross-device tracking is to enable companies to link a consumer’s behavior across devices. You have choices with respect to cross-device tracking, including to not consent to the setting of cookies that enable ‘cross-device tracking’ in our Cookie Settings or withdraw consent at any time with effect for the future in our Cookie Settings. Please see the 'Your Privacy Rights and Choices' Section 11 below.

4. How We Use Your Personal Information

data.ai uses your information, including your Personal Information, for a variety of purposes and on the legal bases described in this Policy.

If you are located in the European Economic Area ('EEA'), United Kingdom ('UK'), Switzerland, or other countries which restrict the transfer of Personal Information, our legal basis for collecting and using the Personal Information will depend on the Personal Information concerned and the specific context in which we collect it. However, we will normally collect Personal Information only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Information from you.

We use data to operate and provide our Services, to tailor our Services to your needs and preferences, to facilitate your transactions and payments and to provide you with the content or Services you access and request (e.g., to download content from our Website) in order to perform our contract with you.

We use data to understand and analyze trends, including how you use our Services, to identify future opportunities for the development, promotion and improvement of our Services, to identify new customers, to expand our business activities and to determine the effectiveness of our promotional campaigns and free trials in reliance on our legitimate interest in developing and improving our Services, or where required, with your consent. For example, we use data, often in an anonymous form, to develop new features, capabilities, or products, improve the user experience, assess capability requirements, and identify customer opportunities. We also may send push notifications to your device. You have choices with respect to the communications you receive from us. Please see the 'Your Privacy Rights and Choices' Section 11 below.

To communicate with you, including to respond to your inquiries and to send emails to an email address you provide to us for customer-service or technical-support purposes, to troubleshoot and diagnose technical problems and provide our customer care and support services, including to help us provide, improve, and secure the quality of our products, services, and training, and to investigate security incidents to perform our contract with you or if we do not have a contract directly with you, in reliance on our legitimate interests.

We process data by tracking use for the purposes of maintaining the safety and security of our Services, including detecting, preventing, or otherwise addressing fraud, verifying accounts and activity, investigating suspicious, unauthorized, or illegal activity, and enforcing our terms and policies, in reliance on our legitimate interest in promoting the safety, integrity and security of our Services, systems and applications and in protecting our rights and the rights of others.

We process your Personal Information when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws, to the extent this requires the processing or disclosure of Personal Information to protect our rights, or is necessary for our legitimate interest in protecting against misuse or abuse of our Services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, or to respond to lawful requests.

We use your Personal Information to send promotional communications, including product recommendations, and other non-transactional communications (e.g., marketing newsletters or push notifications) about data.ai according to your marketing preferences. This may include information about our products as necessary for our legitimate interest in conducting direct marketing, or to the extent you have provided your prior consent. Please see the 'Your Privacy Rights and Choices' Section 11 below to learn how you can control the processing of your Personal Information by data.ai for marketing purposes.

We use your Personal Information to provide personalized marketing information about us on and off our Services, and to provide other personalized content based on your activities and interests to the extent it is necessary for our legitimate interest in advertising our Services, or where necessary, to the extent that you have provided your prior consent. Please see the 'Your Privacy Rights and Choices' Section 11 below to learn how you can control the processing of your Personal Information for personalized advertising. For these purposes, we may link or combine information about you with other personal information we get from third parties, to help understand your needs and provide you with better and more personalized service or content.

data.ai uses your Personal Information to let you know about potential job opportunities or to answer your questions and provide tailored job recommendations based on your interests. For more information regarding how your Personal Information is processed when you submit an application for employment or to provide services to data.ai, please see our Applicant Privacy Notice ( https://dataai.docsend.com/view/tqtzz9ssb6f45xw3 ).

data.ai may also use your Personal Information for any purpose where you have given your consent (where legally required).

In carrying out these purposes, we combine data we collect from different contexts (for example, from your use of different Services) or that we obtain from third parties to give you a more seamless, consistent, and personalized experience, to make informed business decisions, and for other legitimate purposes. We do not engage in general profiling or automated decision-making practices.

5. How We Disclose Your Personal Information

We disclose your Personal Information with third parties as described below:

data.ai may share your information, including your Personal Information within the data.ai corporate group (also referred to as Related Companies, as listed here https://www.data.ai/en/legal/privacy/related-companies-subprocessors) and companies we may acquire in the future when they become part of the data.ai corporate group in the ordinary course of business, and for the purposes of the Services as set forth in this Policy.

We may share your Personal Information with our vendors, service providers, and other third parties that perform services on our behalf. This includes our payment processing service and data analytics service providers, providers that help us deliver and help us track our marketing and advertising content provider, and customer-service support. We enter into confidentiality and data processing terms with our service providers to provide appropriate and suitable safeguards for their processing of your Personal Information.

data.ai may work with and share your Personal Information with our third-party advertising partners to provide you with advertisements regarding data.ai and its services. For more information about our advertising and marketing practices and those of the third-party advertising partners, please see the 'Cookies and Similar Technologies' Section 3 above.

We may disclose Personal Information we have about you: (i) if we are required to do so by law, regulation, or legal process, such as a court order or subpoena; (ii) in response to requests by government agencies, such as law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to protect against or respond to physical, financial or other harm, injury, or loss to property; or (iv) in connection with an investigation of suspected or actual unlawful activity.

data.ai may disclose your Personal Information to a potential or actual acquirer, successor, or assignee as part of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in bankruptcy or similar proceedings).

data.ai may further disclose your Personal Information with your consent, for example, when you agree to our sharing your information with other third parties for their own marketing purposes, subject to their separate privacy policies.

We may share anonymous usage data on an aggregate basis with third parties to help us perform analysis and make improvements. Additionally, we may share anonymous usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends in the use of the Services.

For further information on the recipients of your Personal Information, see the 'How to Contact Us' Section 13 below.

We will share your Personal Information where we are satisfied that we have an appropriate legal basis under applicable law to do this. This may be because:

• you have provided your consent for us to use the Personal Information (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality);
• our use of your Personal Information is necessary to perform a contract or take steps to enter into a contract with you (e.g., providing you with our Services, creating your user account);
• our use of your Personal Information is in our legitimate interest as a commercial organisation, subject to your interests and fundamental rights. In these cases we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the 'Your Privacy Rights and Choices' Section 11 below;
• our use of your Personal Information is necessary to comply with a relevant legal or regulatory obligation that we have (e.g., the disclosure of information to law enforcement or tax authorities).

6. Transfers to Other Countries

The Services are provided from the United States and other locations, and we may transfer your Personal Information to multiple countries throughout the world where we or our service providers maintain facilities or operations, including the United States, in accordance with applicable local laws and regulations. We maintain primary data centers in the United States.

These countries may not have the same high level of data protection as the data protection laws in the country where you are located. We take steps designed to ensure that the data we collect under this Policy is processed as described in this Policy and according to applicable law wherever the data is collected.

If you are located in the EEA, UK, Switzerland or other countries which restrict the transfer of Personal Information, we comply with applicable data protection laws when transferring your Personal Information outside of these areas. In particular, we may transfer your Personal Information to countries for which adequacy decisions have been issued; implement appropriate and suitable safeguards such as the European Commission’s Standard Contractual Clauses or the Addendum B.1.0 issued by the Information Commissioner of the UK for the transfer of Personal Information to our U.S. headquarters, other offices or third parties, where applicable, or where required, we will ask you for your prior consent.

See a list of our Related Companies and service providers, their locations as well as the transfer safeguards applied or whether an adequacy decision exists here: https://www.data.ai/en/legal/privacy/related-companies-subprocessors. You may contact us as specified in the 'How to Contact Us' Section 13 below to obtain a copy of the clauses, relevant data transfer agreements or safeguards we use to transfer Personal Information outside of these countries/regions.

7. Data Retention

Personal Information will be stored and kept as long as needed to carry out the purposes described in this Policy or as otherwise required by applicable law. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly.

When determining the retention period, we take into account various criteria, such as the type of products and Services requested by or provided to you, the nature and length of our relationship with you, possible re-enrollment with our products or Services, the impact on the Services we provide if we delete some Personal Information from or about you, mandatory retention periods provided by law and the statute of limitations.

Unless we are required or permitted by law to keep this information for a longer period of time, when this information is no longer necessary to carry out the purposes for which we process it, we will delete your Personal Information or keep it in a form that does not permit identifying you. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of that data.

For further information on applicable data retention periods, please contact us at the 'How to Contact Us' Section 13 below.

8. Our Commitment to Security

data.ai cares about the security of your information, and employs physical, technological and administrative measures to protect the information you submit via the Services against loss, theft, and unauthorized access, use, disclosure or modification. However, we cannot ensure or warrant the security of any information you transmit to us or guarantee that information on the Services may not be accessed, disclosed, altered or destroyed. No security measure or modality of data transmission over the Internet is 100% secure. Although we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee absolute security.

Electronic communications sent to or from the Services may not be secure. You should use caution whenever submitting information online and take special care in deciding what information you send to us. You are solely responsible for protecting your password, limiting access to your devices, and signing out of websites after your sessions.

If you have reason to believe that your Personal Information is no longer secure or if you have any questions about the security of our Services, please contact us at the email address provided in the 'How to Contact Us' Section 13 below.

9. Children’s Privacy

Our Services are not intended for children under 18 years of age (or such greater age required in the applicable jurisdiction for you to be bound by a contract without guardian consent). We do not knowingly collect, maintain, or use Personal Information from children under 18 years of age, and no part of the Services is directed to children under the age of 18. If you learn that your child has provided us with Personal Information without your consent, then you may alert us at privacy@data.ai. If we learn that we have collected any Personal Information from children under 18, then we will promptly take steps to delete such information.

10. Do Not Track

Some web browsers incorporate a 'Do Not Track' feature that signals to websites you visit that you do not want to have your online activity tracked. Because there is not yet an accepted standard for how to respond to Do Not Track signals, our Services do not currently respond to such signals. If you want to restrict ads in general on your devices you may opt out from ad tracking by enabling 'Limit Ad Tracking' or 'Opt Out of Ads Personalization' (as applicable to your device) in your device settings.

11. Your Privacy Rights and Choices

i. Global Rights & Choices

• Right to Object. You have the right to object at any time to the processing of Personal Information on grounds relating to your particular situation, including a right to object to the processing of your Personal Information for processing performed on the basis of legitimate interest, unless we are able to demonstrate overriding compelling legitimate grounds.
• Right to Know/Access. You have the right to obtain confirmation from us as to whether we are processing your Personal Information and the right to access and receive a copy of such Personal Information.
• Right to Delete/Erasure. In some cases, you may request the deletion or erasure of Personal Information concerning you.
• Right to Rectify/Correct Inaccurate Information. If we process inaccurate, incomplete, or outdated Personal Information, you have the right to rectification.
• Right to Withdraw Consent. Once you have consented to the collection of your Personal Information, you may withdraw your consent at any time. Please note that your withdrawal of consent would not affect the lawfulness of processing based on consent before it was withdrawn.
• Right to Data Portability. You have the right to receive the Personal Information concerning you in a structured, commonly-used and machine-readable format and the right to transmit that information data to another company where feasible.
• Right to Restrict. You have the right to restrict us from processing your Personal Information under certain circumstances (e.g., you contest the accuracy of your Personal Information or when you believe that we are processing your Personal Information beyond the original purpose).
• Right to Lodge a Complaint. You have the right to lodge a complaint with the competent data protection supervisory authority. You can, for example, contact the supervisory authority in the EU Member State of your residence, place of work or place of the alleged infringement. For more information on how to lodge a complaint in the EU/EEA, please see https://edpb.europa.eu/about-edpb/board/members_en
• Right to Opt Out of the Sale of Personal Information. We do not sell your personal information as defined under California and other state laws and we do not collect any sensitive personal information for the purpose of inferring characteristics about you. If you consent, we do share certain information with advertisers to market our products and services, but you can opt out of such sharing by rejecting cookies that are not strictly necessary as described in Cookie Settings in Section 3 (“Cookies and Similar Technologies”) above.
• Certain states in the United States (e.g., Colorado, Connecticut, and Virginia) allow you to appeal instances of where we are not able to honor your exercise of your Personal Information rights. If you are in one of these states and wish to appeal a decision we made with respect to exercising a right about your Personal Information, you must email us at privacy@data.ai and (a) in the email subject line include your state of residence and the words 'Appealing Rights Decision,' and (b) in the email body provide an explanation of the basis of your appeal.
• Right to Non-Discrimination. We will not discriminate against you for exercising any of your privacy rights.

You can exercise your privacy rights by reaching out to us via our web form.

If you have an opt out preference signal enabled (e.g., the Global Privacy Control), you will automatically be opted out of any sale or sharing of your information, but we may ask you to confirm your preference if you have previously consented to the sale or sharing of your personal information.

ii. For Residents of California

Below is additional information applicable to California residents.

Verification and Authorized Agent

To exercise your rights, please follow the instructions above and the contact information at the end of this Policy. We will confirm receipt of your requests and respond within 30 calendar days, unless additional time is needed, in which case we will provide notice and an explanation of the reason. Also, to respond to your request to correct, request to know, or request to delete, we must verify your identity or authority to make the request and confirm the Personal Information relates to you or to others. To do so, we collect your email address and may contact you by email (if you have provided it to us) to verify your identity and ask you additional questions so that we can match your identity with the data we have about you. In some instances, we may ask you to declare under penalty of perjury that you are the consumer whose Personal Information is the subject of the request. If we cannot verify your identity, we may reject your request in whole or in part.

You also may designate an authorized agent to make a request for you. To use an authorized agent, we may require: (1) your signed permission designating the authorized agent, (2) evidence that the authorized agency has power of attorney under the California Probate Code, or (3) proof that the authorized agent is registered with the California Secretary of State and that you have authorized such authorized agent to be able to act on your behalf. We may deny a request from an authorized agent who does not submit sufficient proof.

Collection of Personal Information

In the preceding twelve (12) months, we may have collected categories of Personal Information as described in 'The Personal Information We Collect' Section 2 above.

Purposes

In the preceding twelve (12) months, we may have used and disclosed the categories of Personal Information from the sources described in Sections 2 and 3 above, for business purposes, including:

• Auditing consumer interactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
• Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting or otherwise blocking those responsible for that activity.
• Debugging to identify and repair errors that impair existing intended functionality.
• For our short-term, transient use.
• Providing services (including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, analytic, or providing similar services on behalf of the business or service provider).
• Undertaking internal research for technological development and demonstration (e.g., to develop new products or features).
• Undertaking activities to maintain the quality or safety of the Services and to improve, upgrade, or enhance the Services.

Disclosure of Personal Information

In the preceding twelve (12) months, we may have disclosed your Personal Information for a business purpose, including to the following categories of third parties:

Shine the Light Law

If you are a California resident, California Civil Code § 1798.83 permits you to request information regarding the disclosure of your Personal Information by us to third parties for the third parties’ direct marketing purposes (as those terms are defined in that statute). To make such a request, please contact us at the contact information in the “How to Contact Us” Section 13 below.

iii. For Residents of China

If you are a resident of the People’s Republic of China and are accessing the Website, you should be aware that by doing so you are exporting your Personal Information from China and you consent to data.ai. processing your Personal Information in accordance with this Policy. If you do not wish data.ai to process your Personal Information, you may withdraw your consent by using the contact details at the end of this Policy.

12. Updates to this Policy

We reserve the right to change this Policy at any time. We will post any adjustments to this Policy on this page, and the revised version will be effective the date it is posted, which is identified at the top of the page (see “Last Updated” date above). If we materially change the ways in which we process your Personal Information previously collected from you, we will notify you through our Website, or email or any other means prior to the update taking effect. We encourage you to review this Policy periodically, which may be updated from time to time. Your continued use of our Services after such amendments will be deemed your acknowledgement of these changes to this Policy.

13. How to Contact Us

data.ai inc. is the entity responsible (data controller) for the processing of your Personal Information.

data.ai
44 Montgomery Street, 3rd Floor
San Francisco, CA 94104 USA

If you have any questions or concerns about data.ai’s privacy practices or about this Policy, or would like to exercise your rights in relation to your Personal Information, you may reach out to us via our web form, email at privacy@data.ai or write us by registered mail at :

data.ai Legal Department
44 Montgomery Street, 3rd Floor
San Francisco, CA 94104 USA

data.ai’s Data Protection Officer may be contacted via email (dpo@data.ai) or at the following address:

data.ai Legal Department
ATTN: Data Protection Officer
44 Montgomery Street, 3rd Floor
San Francisco, CA 94104 USA

Our EEA representative may be reached by contacting: via email (dpo@data.ai) or at the following address:

data.ai Legal Department
ATTN: Data Protection Officer
Pietersbergweg 283
1105 BM Amsterdam
The Netherlands

Our UK representative may be reached by contacting: via email dpo@data.ai or at the following address:

data.ai Legal Department
ATTN: Data Protection Officer
data.ai Europe Limited
7 Albemarle Street
London W1S 4HQ
England