Effective as of October 25th 2019

PRIMARI Analytics Corp. PRIVACY POLICY

Welcome to PRIMARI Analytics Corp. (“PRIMARI“, “PRIMARI Analytics” “we“, “us“, or “our“). (“DAN”) PRIMARI’s Digital Analyst powered by A.I., provides support and assistance completing tasks and assignments for business users. PRIMARI is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by PRIMARI. This Privacy Policy applies to our websites and our related software and online and mobile services (collectively, our “Service“, “Services”). For information about how we collect and use information collected from our customers (“Customer Data“) during the provision of our Service, please see the “Customer Data” section.

You” or “your“, as used in this Privacy Policy, refers to the individual to whom Personal Data relates.

This Privacy Policy is incorporated into and forms part of our Terms of Service. Please read this Privacy Policy before using our Service or submitting any Personal Data to PRIMARI or PRIMARI’s DAN and contact us if you have any questions.

By accessing or using our Service, you signify that you have read, understood, and agree to our collection, storage, use, and disclosure of your personal information as described in this Privacy Policy and our Terms of Service.

  1. INFORMATION WE COLLECT

When you contact us or interact with our Service we collect information that alone or in combination with other information could be used to identify you (“Personal Data“) as follows:

Personal Data You Provide:

We may collect your name, email address, phone number, and payment information when you register for our Service, sign up for our mailing list, or otherwise communicate with us with inquiries, respond to one of our surveys, register for access to the Services or use certain Services.

We may also collect any email, sms-text, and voice communications (“Communications”) between you and PRIMARI and any other information you provide to PRIMARI.

We also have pages on social media sites like LinkedIn and Twitter (“Social Media Pages“). When you interact with our Social Media Pages, we may collect Personal Data that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.

By voluntarily providing us with Personal Data, you are consenting to our use of it in accordance with this Privacy Policy. If you provide Personal Data to the Services, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of PRIMARI and the authorized third parties referred to herein located in the United States.

Personal Data Collected Automatically:

DAN Content. We collect information from DAN’s features, including the content of drafts or snippets you create in the Service and read receipts.

Authentication Tokens. When you sign in to the Service, we collect and store encrypted Gmail authentication tokens.

Use of the Site and Service: 

We collect information about how you use the Service, your actions on the Service, and content you transmit to and through the Service, including the groups you belong to, your interaction with others on the Service, and documents and files, and any content you provide through messages, or other functionality (“User Content“). Please remember that PRIMARI may, but has no obligation to, monitor, record, and store User Content in order to protect your safety or the safety of other users, to assist with regulatory or law enforcement efforts, or to protect and defend our rights and property. By using the Service, you consent to the recording, storage, and disclosure of such communications you send or receive for these purposes.

We may monitor the number of people that visit our Site or Service, peak hours of visits, which page(s) are visited on our Site, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Site (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and Site-navigation pattern. PRIMARI may store such information itself or such information may be included in databases owned and maintained by PRIMARI’s affiliates, agents or service providers. In particular, the following information is created and automatically logged in our systems:

  • Log data: Information that your browser automatically sends whenever you visit the Site (“log data“). Log data includes your Internet Protocol (“IP“) address (so we understand which country you are connecting from when you visit the Site), browser type and settings, the date and time of your request, and how you interacted with the Site.
  • Cookies: Please see the “Cookies” section below to learn more about how we use cookies on the Site.
  • Device information: Includes the operating system and browser you are using. Information collected may depend on the type of device you use and its settings.
  • Usage Information: We collect information about how you use our Site and Service, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency and duration of your activities.
  • Anonymous Communications Information. We collect and store anonymous information about Communications you send and receive through the Service. This includes numeric identifiers and timestamps, but does not include Communications Content Data (as defined below) or other information that could identify the sender, the recipient or the subject of the Communications.

Personal Data We Receive From Third Parties: From time to time we may receive information about you from third parties and other users, such as your business Communications from your employer, who may be our customer, including your job title, employer, and location.  When you interact with us through a social media site or third-party service, such as when you like, follow, or share PRIMARI content on LinkedIn, Twitter, or other sites, we may receive information from the social network, including your profile information, picture, user ID associated with your social media account, and any other information you permit the social network to share with third parties. The data we receive from third-party sites is dependent upon that third party’s policies and your privacy settings on that third-party site. You should always review and, if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Service. We may also collect information about you that is publicly available.

Personal Data We Process on Your Behalf: We process the contents of Communications you send and receive through the Service, as well as the Communications addresses of the people you communicate with through the Service (collectively “Communications Content Data“), on your behalf and subject to your instructions.

Personal Data We Process on Behalf of Business Customers: If one of our business customers (such as your employer) provides you with access to the Service, we process your information pursuant to our Terms of Service and other agreements with the applicable business customer. If you are such an individual and would no longer like your data to be used by one of our business customers that use our Services or you would like to access, correct or request deletion of your data, please contact the business customer that you interact with directly.

2. HOW WE USE PERSONAL DATA

PRIMARI does not have any advertising on our site. PRIMARI uses Personal Data to provide the Service and improve your experience with our Service. This processing is necessary to perform our contract with you.

Any use of Personal Data and the information we collect from you may be used in one of the following ways and for the following legitimate business interests:

  • To personalize your experience and improve customer service, i.e, your information helps us to better respond to your individual needs;
  • To improve our Services, i.e., we continually strive to improve our service based on the information and feedback we receive from you;
  • To respond to your inquiries, comments, feedback or questions and provide onboarding support;
  • To update and synchronize Service features across multiple devices;
  • To display information in the Service (such as Communications and insights (such as job titles and profile photos) about other individuals with whom you communicate through the Service);
  • To solicit referrals for new users from current users and to contact such referrals and other potential users;
  • To manage our relationship with you, which includes sending administrative information to you relating to our Service and changes to our terms, conditions, and policies and sending account verification or technical/security notices;
  • To analyze how you interact with our Service and provide, maintain and improve the content and functionality of the Service and our customer relationships and experiences, develop our business and inform our marketing strategy;
  • To administer and protect our business and the Site, prevent fraud, criminal activity, or misuses of our Site, and to ensure the security of our IT systems, architecture and networks (including troubleshooting, testing, system maintenance, support and hosting of data); and
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties, and recover debts due to us.

PRIMARI uses the Personal Data you provide in a manner that is consistent with this Privacy Policy. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services.

Any data that we do have will never be shared except under the circumstances described below in the How we Share and Disclose Personal Data section.

If PRIMARI intends on using any Personal Data in any manner that is not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time at which the Personal Data is collected.

For information about what we mean by legitimate interests and the rights of individuals in the European Union (“EU“), please see the “EU Users” section below.

Aggregated Personal Data. In an ongoing effort to analyze the effectiveness of our Service, better understand and serve the users of our Services, PRIMARI we may often analyze the general behavior and characteristics of the users of our Services and conduct research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. We may also collect aggregated information through the Service, through cookies, and through other means described in this Privacy Policy. This research may be compiled and analyzed on an aggregate basis, and PRIMARI may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. PRIMARI may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

Marketing. We may contact you to provide information we believe will be of interest to you. For instance, if you elect to provide your email address or phone number, we may use that information to send you promotional information about our products and services. If we do, where required by law, for example if you are in the EU, we will only send you such Communications if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving Communications by following the instructions contained in each promotional Communications we send you or by contacting us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding our Site and Services and to respond to your requests.

  1. HOW WE SHARE AND DISCLOSE PERSONAL DATA

PRIMARI is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may transfer or share your personal information without further notice to you, unless required by the law. we may transfer or share your personal information with trusted and GDPR-compliant third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety, as set forth below:

  • Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with service providers, including web hosting, debugging services, Communications and productivity services, survey providers, data base and sales/customer relationship management services, customer service providers, payment processors; web and app analytics services, and data brokers. Notwithstanding the foregoing, we only share Communications Content Data with our hosting provider (Google, Inc.). Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.
  • Business Transfers:If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.
  • Legal Requirements:If required to do so by law or in the good faith belief that such action is necessary to (i) comply with legal or regulatory obligations, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Site, or the public, or (v) protect against legal liability.
  • Other users of the Service. We share your information with third parties with whom you communicate through the Service. You control who you want to communicate with and what information you share.
  • Third parties at your request. For example, you may have the option to share your activities on the Service through Communications, text, or on various social media sites.
  • Third-party vendors and other service providers that perform services on our behalf, as needed to carry out their work for us, which may include identifying and serving targeted advertisements, providing mailing services, providing tax and accounting services, contest fulfilment, web hosting, or providing analytic services.
  • The public when you provide feedback or user content on our site. For example, if you post user content on our blog or comment on our social media sites, your information, such as your first name, last initial, state of residence, and your comments, may be displayed on our website or on our social media pages.

We may also share information with others in an aggregated or otherwise anonymized form that does not reasonably identify you directly as an individual.

For further information on your choices regarding your information, see the “Your Choices and Control Over Your Information” section below.

  1. CUSTOMER DATA

In providing our Service, our Customers may upload data to our Service, which may include personal information or data about our customers’ end users (all of which we call “Customer Data”). Customer Data is owned and controlled by our Customers, and any Customer Data that we maintain or process we consider to be strictly confidential. We collect and process Customer Data solely on behalf of our Customers, and in accordance with our agreements with the Customers. We do not use or disclose Customer Data except as authorized and required by our Customers and as provided for in our agreements with our Customers.

  1. DATA PROTECTION, RETENTION, and STORAGE

Data Protection

We protect your data throughout the data flows of DAN, from account creation and integration through Google’s OAuth service, to encryption of data in transit to PRIMARI servers (using browser-based TLS) and encryption of that data at rest (using AES-256), to a variety of administrative, physical, and technical safeguards designed to create a secure environment for our customers’ data. All PRIMARI applications include failover and backup instances and our infrastructure respects and maintains industry-standard security certifications, including ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, FedRAMP ATO and PCI DSS v3.2.

Data in Google Cloud Platform is broken into subfile chunks for storage, and each chunk is encrypted at the storage level with an individual encryption key. The key used to encrypt the data in a chunk is called a data encryption key (DEK). Because of the high volume of keys at Google, and the need for low latency and high availability, these keys are stored near the data that they encrypt. The DEKs are encrypted with (or “wrapped” by) a key encryption key (KEK). For more information, please see Google Cloud.

All user data is tagged with a project-specific token, and a customer must have access to the corresponding API key and secret in order to retrieve that data via API. This provides logical separation between data belonging to multiple clients. PRIMARI is the sole tenant on our infrastructure. A user’s data may reside on database systems which house data belonging to other users, but our logical controls (token, key and secret) separates one client from another client’s data.

Data Confidentiality

We do not rent, sell or trade your Personal Information to third parties. We may disclose some of your Personal Information with specific trusted third-parties or sub-processors as specified in our Privacy Policy.

Access to user data by PRIMARI employees is limited to an as-needed basis, e.g., to resolve customer issues. When such access is required, only personnel with a direct need will access the PRIMARI-related data, and such access will be limited as much as possible. Breach of this policy by a PRIMARI employee is a serious matter, requiring investigation and appropriate disciplinary action, up to and including termination as well as legal action.

A PRIMARI user can delete at any time her or his PRIMARI account and remove all data associated with that account from the Account page.

Incident Response and Remediation

We monitor our systems 24/7/365 with a variety of performance measurement and error-checking tools. When problems are detected, our team is notified immediately, and the issues are investigated. We work closely with our hosting providers to ensure that underlying systems remain secure, and any security breaches are investigated, patched and remediated promptly.

Our system operations are logged, and the logs are stored for at least a 7-day period in the cloud. If needed, these logs may be mined to investigate incidents or to reconstruct a chain of events.

When a serious incident occurs, or a long interval of downtime is anticipated, we notify our users via our blog, Twitter and/or Communications. Should a security breach occur, we will promptly notify affected users of the nature and extent of the breach, and take steps to minimize any damage.

Data Retention

We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Data Storage

Your information collected through our website may be stored and processed in the United States or any other country in which PRIMARI or its affiliates or service providers maintain facilities. If you are located in the European Union (“EU“) or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which PRIMARI or its parent, subsidiaries, affiliates, or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

Keeping your information safe: We care about the security of your information and employ physical, administrative, and technological safeguards designed to preserve the integrity and security of all information collected through our Service. However, no security system is impenetrable, and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and, where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

Customer Agreements:  Each customer will remain responsible for the privacy and security of the Customer Data that it collects and processes and for compliance with applicable data protection laws that may apply to the collection, processing and disclosure of Customer Data through the Service.

6. UPDATE YOUR INFORMATION

If you need to change or correct your Personal Data, or wish to have it deleted from our systems, you may contact us. We will address your request as required by applicable law.

7. CALIFORNIA PRIVACY RIGHTS DISCLOSURES

If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of personal information to third parties for their direct marketing purposes during the immediately preceding calendar year. You may make one request each year to us at info@primari.ai  or writing to us at 276 5th Avenue, Suite 704, New York, NY 10001.

Online Tracking and Do Not Track Signals : We may allow third party service providers to use cookies or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site. Our Site currently does not respond to “Do Not Track” (“DNT“) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will describe how we do so in this Privacy Policy.

8. CHILDREN

Our Service is not directed to children who are under the age of 13. PRIMARI does not knowingly collect Personal Data from children under the age of 13. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to PRIMARI through the Service please contact us and we will endeavor to delete that information from our databases.

9. EU USERS

This section applies if you are located in the EU.

PRIMARI is committed to complying with the General Data Protection Regulation (“GDPR”), and enabling our customers to comply with the latter data protection law. We follow a strict Privacy by Design framework and maintain a robust privacy and security program that we continually assess and improve. We understand the GDPR has robust requirements and obligations for both data controllers and data processors and we are committed to helping our customers use PRIMARI in a compliant manner. Our DPA (Data Processing Addendum) is available at www.pimari.ai/privacy-policy  so that our customers can be confident that their data is processed in a lawful and transparent manner.

Scope . This section applies to individuals in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway, the United Kingdom, and, to the extent applicable, Switzerland).

Data Controller . Data protection laws in the EU differentiate between the “data controller” and “data processor” of Personal Data. If you signed up for the Service on your own, PRIMARI is the data controller for the processing of your Personal Data. You can find our contact information, and the contact information of our EU-based representative, in the “Contact Us” section below.

Data Processor . If one of PRIMARI’s business customers has granted you access to the Service, PRIMARI is the data processor for the processing of your Personal Data. To exercise the rights described below in relation to such processing of Personal Data, please contact the applicable business customer. PRIMARI is also the data processor for the processing of Communications Content Data on your behalf.

Legal Bases for Processing . This Privacy Policy (the paragraph “How We Use Personal Data”) describes the legal bases we rely on for the processing of your Personal Data. Please contact us if you have any questions about the specific legal basis we are relying on to process your Personal Data.

As used in this Privacy Policy, “legitimate interests” means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Your Rights . Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:

  • Right of access:If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification:If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to erasure:You may ask us to delete or remove your Personal Data, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
  • Right to restrict processing:You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to object:You may ask us at any time to stop processing your Personal Data, and we will do so:

– If we are relying on a legitimate interest to process your Personal Data — unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims;

– If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above);

  • Right to withdraw consent:If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns (in the UK, the Information Commissioner’s Office (ICO), who can be contacted at https://ico.org.uk/concerns.

You also have the right to lodge a complaint to your local data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/dataprotection/bodies/authorities/index_en.htm.

Please see the “Contact Us” section below for information on how to exercise your rights.

Data Transfers. We rely on our EU-U.S. and Swiss-U.S. Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to PRIMARI in the U.S. (for more information, please read the “Privacy Shield” section below).

10. PRIVACY SHIELD

PRIMARI complies with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (“Frameworks“) as set forth by the U.S. Department of Commerce regarding the processing of Personal Data transferred from the EU and Switzerland to the U.S. (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway). PRIMARI has certified that it adheres to the Privacy Shield Principles (described below). If there is any conflict between the policies in this Privacy Policy and the EU or Swiss Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Frameworks and to view our certification page, please visit https://www.privacyshield.gov/ .

General. We rely on our Privacy Shield certification to transfer Personal Data that we receive from the EU and Switzerland to PRIMARI in the U.S. and we process such Personal Data in accordance with the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (“Privacy Shield Principles“), as described below.

Notice and Choice. This Privacy Policy provides notice of the Personal Data collected and transferred under the Privacy Shield and the choice that you have with respect to such Personal Data. It also provides information about other Privacy Shield Principles that are set forth below.

Accountability for Onward Transfers. We may be accountable for the Personal Data we receive under the Privacy Shield that we may transfer to third-party service providers (described in the section “How We Share and Disclose Personal Data” above). If such service providers process Personal Data in a manner inconsistent with the Privacy Shield Principles, we are responsible for the harm caused.

Security. We maintain security measures to protect Personal Data as described in the “Security” section of this Privacy Policy.

Data Integrity and Purpose Limitation. We take reasonable steps to ensure that Personal Data is reliable for its intended use, and that it is accurate, complete and current for as long as we retain it. Our data retention practices are described in the “Data Retention” section of this Privacy Policy.

Access. EU users have certain rights to access, correct, amend, or delete Personal Data where it is inaccurate, or has been processed in violation of the Privacy Shield Principles. Please see the “Your Rights” section above for more information on the rights of users in the EU (and, to the extent applicable, users in Switzerland).

Recourse, Enforcement, Liability. In compliance with the Privacy Shield Principles, PRIMARI commits to resolve complaints about our processing of your Personal Data. EU and Swiss users with inquiries or complaints regarding this Private Shield Policy should first contact PRIMARI at: info@primari.ai .

We have further committed to refer unresolved Privacy Shield complaints to an alternative dispute resolution provider. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider JAMS (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.

If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

We are subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to Personal Data received or transferred pursuant to the Frameworks.

11. LINKS TO OTHER WEBSITES

The Site may contain links to other websites not operated or controlled by PRIMARI, including social media services (“Third Party Sites“). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

You expressly relieve PRIMARI from any and all liability arising from your use of any third-party website, service, or content, including without limitation User Content submitted by other Users. Additionally, your dealings with or participation in promotions of advertisers found on the Service, including payment and delivery of goods, and any other terms (such as warranties) are solely between you and such advertisers. You agree that PRIMARI shall not be responsible for any loss or damage of any sort relating to your dealings with such advertisers.

12. THIRD PARTY ANALYTICS, TRACKING and COOKIES

Third Party Analytics. We use Google Analytics to recognize you and link the devices you use when you visit our site or Service on your browser or mobile device, log in to your account on our Service, or otherwise engage with us. We share a unique identifier, like a user ID or hashed Communications address, with Google to facilitate the service. Google Analytics allows us to better understand how our users interact with our Service and to tailor our advertisements and content to you. For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google’s site “How Google uses data when you use our partners’ sites or apps” located at https://www.google.com/policies/privacy/partners/. You can learn about Google Analytics’ currently available opt-outs, including the Google Analytics Browser Ad-On here https://tools.google.com/dlpage/gaoptout/.

Cross-Device Linking. We, or our third-party partners, may link your various devices so that content you see on one device can result in relevant advertising on another device. We do this by collecting information about each device you use when you are logged in to our Service. We may also work with third-party partners who employ tracking technologies or the application of statistical modeling tools to determine if two or more devices are linked to a single user or household. We may share a common account identifier (such as an Communications address or user ID) with third-party advertising partners to help recognize you across devices. We, and our partners, can use this cross-device linkage to serve interest-based advertising and other personalized content to you across your devices, to perform analytics, and to measure the performance of our advertising campaigns.

Cookies. Like most websites, to operate our Services, we may use a technology called “cookies.” This Cookie Policy explains how PRIMARI. and our sub-processors use cookies and similar technologies to recognize you when you visit our Website and other Services owned and controlled by PRIMARI. It explains what these technologies are and why we use them, as well as your rights to control our use of them.

What are cookies?

A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the site again, the cookie allows that site to recognize your browser. Cookies provide a convenience feature to save you time, or tell the Web server that you have returned to a specific page. Cookies may store user preferences and other information. Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For example, our Site may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Site. if you personalize pages on our Websites, or register for the Subscription Service, a cookie helps us to recall your specific information on subsequent visits. When you return to the same Website, the information you previously provided can be retrieved, so you can easily use the customized features.

Cookies can be stored on your computer for different periods of time. Some cookies expire after a certain amount of time, or upon logging out (session cookies), others survive after your browser is closed until a defined expiration date set in the cookie (as determined by the third party placing it) and help recognize your computer when you open your browser and browse the Internet again (persistent cookies). Our Site uses cookies from the third parties described below. For more details on cookies please visit All About Cookies.

Cookies set by the website owner (in this case, PRIMARI) are called “first party cookies”. In all cases in which we use cookies, we will not collect Personal Data except with your permission. On most web browsers, you will find a “help” section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off.

By choosing to use the Site after having been notified of our use of cookies and other technologies in the ways described in this Privacy Policy, and, in applicable jurisdictions, through notice and unambiguous acknowledgement of your consent, you agree to such use.

Cookies set by parties other than the website owner are called “third party cookies”. Third party cookies enable third party features or functionality to be provided on or through the website (e.g. like interactive content and analytics). The parties that set these third party cookies can recognize your computer both when it visits the website in question and also when it visits certain other websites.

Why do we use cookies?

We use first party and third-party cookies for several reasons. Some cookies are required for technical reasons in order for our Website to operate, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies also enable us to monitor and target the interests of our users to enhance the experience on our Website and Services. Third parties serve cookies through our Website for analytics and communication purposes.

Type of Cookies Used/ What cookies does PRIMARI set in your browser?:

The following chart sets out how we use different categories of cookies and similar technologies, as well as information on your options for managing the settings for the data collection by these technologies:

Category:

A) Strictly necessary:

Used to provide users with services available through the Site and to use some of its features, such as the ability to log-in and access secure areas. These cookies are essential for using and navigating the Site.

Who Serves the Cookie/Technology:

PRIMARI. These cookies will expire in six months.

Opt-Out:

Because these cookies are strictly necessary to deliver the Service, users cannot refuse them.

B) Security:

Used to secure traffic to the Site.

Who Serves the Cookie/Technology:

Cloudflare, Inc. For more information, please visit https://support.cloudflare.com/hc/en-us/articles/360024915491

 Opt-Out:

Because these cookies are strictly necessary to secure the Site, users cannot refuse them.

C) Analytics/Performance:

Used to recognize and count the number of visitors and to see how visitors move around the Site. This helps us to improve the way our site works, for example by making sure users are finding what they need easily. The collected data provides us only with anonymous traffic statistics (like number of page views, number of visitors, source, and time spent on each page). We also include pixels in outgoing Communications from PRIMARI to monitor the performance of our Communications campaigns and to see whether the Communications have been opened.

Who Serves the Cookie/Technology:

Google Analytics (provided by Google, Inc.). The information generated by Google Analytics about your use of the Site (including your IP address) will be transmitted to and stored by Google, Inc. in the United States (pursuant to Google’s Privacy Shield certification). For more information on Google Analytics privacy practices, read here . For information on Google Analytics cookies expiration, read here .

Mailgun

Opt-Out:

You can also block or delete these cookies by changing the browser settings as explained in the “Your Options” section below.

How can I control cookies?

You have the right to decide whether to accept or reject cookies – for details, see aboutcookies.org. Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. But, this may prevent you from taking advantage of some of our features.

Further information on cookies can be found at:

http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm

https://ico.org.uk/for-the-public/online/cookies/

http://www.allaboutcookies.org/

Where can I get further information?

If you have any questions about our use of cookies or other technologies, please Contact Us.

How often will you update this Cookie Policy?

We may update this Cookie Policy from time to time in order to reflect, for example, changes to the cookies we use or for other operational, legal or regulatory reasons. Please therefore re-visit this Cookie Policy regularly to stay informed about our use of cookies and related technologies.

The date at the top and bottom of this Policy indicates when it was last updated.

Your Choices:

  • Cookies. Most browsers allow you to adjust your browser settings to: (i) notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to automatically reject cookies.

Blocking or deleting cookies may negatively impact your experience using the Service, as some features and services on our Service may not work properly.

Deleting cookies does not delete Local Storage Objects (LSOs) such as HTML5.

  • Interest-based advertising. To learn about interest-based advertising and how you may be able to opt-out of some of this advertising, you may wish to visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org/choices and/or the DAA’s resources at http://www.aboutads.info/choices. You may also manage certain advertising cookies by visiting the EU-based Your Online Choices at http://www.youronlinechoices.eu.
  • Cross-device linking. Please note that opting-out of receiving interest-based advertising through the NAI’s and DAA’s online resources will only opt-out a user from receiving interest-based ads on that specific browser or device, but the user may still receive interest-based ads on his or her other devices. You must perform the opt-out on each browser or device you use.
  • Mobile advertising. You may also be able to limit interest-based advertising through the settings on your mobile device by selecting “limit ad tracking” (iOS) or “opt-out of interest based ads” (Android). You may also be able to opt-out of some—but not all—interest-based ads served by mobile ad networks by visiting http://youradchoices.com/appchoices and downloading the mobile AppChoices app.
  • Some of these opt-outs may not be effective unless your browser is set to accept cookies. If you delete cookies, change your browser settings, switch browsers or computers, or use another operating system, you will need to opt-out again.

Your Choices . Most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit the Network Advertising Initiative’s online resources at http://www.networkadvertising.org and follow the opt-out instructions there or if you are located in the European Union, visit the European Interactive Digital Advertising Alliance’s Your Online Choices opt-out tool here.

If you access the Site on your mobile device, you may not be able to control tracking technologies through the settings.

13. SECURITY

You use the Service at your own risk. We comply with industry standards to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to PRIMARI via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.

14. Third Party Payment Services

We rely on third parties to process credit card transactions and do not store your credit card details. Currently, we use the service of Stripe, Inc. (certified PCI level 1). For more information on Stripe’s privacy practices, please refer to their Privacy Policyhttps://stripe.com/privacy

15. YOUR CHOICES and CONTROL OVER YOUR INFORMATION

Your Choices

Whether or not you provide Personal Data to us is completely up to you. If you choose not to provide any Personal Data, you will not be able to use the Services.

Control Over Your Information

Profile and Data Sharing Settings. You may update your profile information, such as your user name, e-mail address, title and profile photo, and may change some of your data sharing preferences on your settings page.

How to control your communications preferences. You have a choice about whether or not you wish to receive information from us. If you do not want to receive communications from us about our products and services, then you can select your choices by ticking the relevant boxes situated on your Account page.

You can stop receiving Communications notifications communications from us by clicking on the “notifications settings link” provided in such communications. We make every effort to promptly process all unsubscribe requests. You may not opt out of service-related communications (e.g., account verification, transactional communications, changes/updates to features of the Service, technical and security notices).

Modifying or deleting your information. You have a choice to access and export all your PRIMARI data from the PRIMARI dashboard. You have a choice to rectify at any time your personal information by contacting PRIMARI support. You can contact us to request access to your data or to ask us to update, correct, or delete your Personal Data. You also have a choice to delete all data associated with your PRIMARI account by heading to your Account page.

If you have any questions about reviewing, modifying, or deleting your information, or if you want to remove your name or comments from our Service or publicly displayed content, you can contact us directly at info@primari.ai. We may not be able to modify or delete your information in all circumstances. Please note that PRIMARI does not own or control the Customer Data uploaded to our Service by our Customers, and cannot modify or delete Customer Data except at the request of our Customer, or as permitted by our Terms of Service.

Exclusions: This Privacy Policy does not apply to any Personal Data collected by PRIMARI other than Personal Data collected through the Services. This Privacy Policy shall not apply to any unsolicited information you provide to PRIMARI through the Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Services, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and PRIMARI shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

16. CHANGES TO THE PRIVACY POLICY

The Service, and our business may change from time to time. As a result we may change this Privacy Policy at any time. When we do, we will post an updated version of this policy on our website, unless another type of notice is required by the applicable law. We will notify you by e-mail (sent to the e-mail address specified in your account) or by means of a notice on this Site of any material changes to this Privacy Policy. Please review this policy periodically, and especially before you provide any Personal Data.  By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you if applicable, you consent to the revised Privacy Policy and practices described in it.

17. CONTACT US

If you have any questions about our Privacy Policy or the information practices of the Site, please feel free to contact us at info@primari.ai

Effective as of October 25th 2019

 

-Data Processing Addendum-

Effective as of October 25th 2019

PRIMARI Analytics Corp. DATA PROCESSING ADDENDUM

PRIMARI Analytics is committed to complying with the General Data Protection Regulation (“GDPR”), and enabling our customers to comply with the latter data protection law. We follow a strict Privacy by Design framework and maintain a robust privacy and security program that we continually assess and improve. We understand the GDPR has robust requirements and obligations for both data controllers and data processors and we are committed to helping our customers use PRIMARI in a compliant manner. Our Data Processing Addendum (“DPA”) is available below so that our customers can be confident that their data is processed in a lawful and transparent manner.

The purpose of this DPA is to reflect the parties’ agreement with regard to the processing of personal data in accordance with the requirements of Data Protection Legislation.

This GDPR Data Processing Addendum is incorporated into the Terms of Service between the Company and the Customer and applies in respect of the provision of the Services to the Customer if the Processing of Customer Personal Data is subject to the GDPR, only to the extent the Customer is a Controller of Customer Personal Data and Company is a Processor. The Addendum is intended to satisfy the requirements of Article 28(3) of the GDPR and shall be effective for the term of the Agreement.

If the Customer entity entering into this DPA has executed an order form or statement of work with PRIMARI pursuant to the Agreement (an “Ordering Document”), but is not itself a party to the Agreement, this DPA is an addendum to that Ordering Document and applicable renewal Ordering Documents. If the Customer entity entering into this DPA is neither a party to an Ordering Document nor the Agreement, this DPA is not valid and is not legally binding. Such entity should request that the Customer entity that is a party to the Agreement executes this DPA.

This DPA shall not replace or supersede any agreement or addendum relating to processing of personal data negotiated by Customer and referenced in the Agreement, and any such individually negotiated agreement or addendum shall apply instead of this DPA.

In the course of providing the Application Services to Customer pursuant to the Agreement, PRIMARI may process personal data on behalf of Customer. PRIMARI agrees to comply with the following provisions with respect to any personal data submitted by or for Customer to the Application Services or collected and processed by or for Customer through the Application Services. Any capitalized but undefined terms herein shall have the meaning set forth in the Agreement.

  1. Definitions

1.1. For the purposes of the Addendum:

1.1.1. “Customer Personal Data” means the Personal Data described under Section 2 of this Addendum, in respect of which the Customer is the Controller;

1.1.2.”Data Protection Legislation” means all applicable legislation relating to data protection and privacy including without limitation the GDPR together with any national implementing laws in any Member State of the European Union or, to the extent applicable, in any other country, as amended, repealed, consolidated or replaced from time to time;

1.1.3.”GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data;

1.1.4.”Personal Data“, “Data Subject“, “Personal Data Breach“, “Processing” (or “Process“), “Processor” and ” Controller” will each have the meaning given to them in the GDPR; and

1.1.5.“Privacy Shield” means the EU-U.S. or Swiss-U.S., as applicable, Privacy Shield frameworks operated and administered by the U.S. Department of Commerce.

2. Details of the Processing

2.1. Categories of Data Subjects. This Addendum applies to the Processing of Customer Personal Data relating to Customer’s employees (where Customer is a business) and the individuals with whom Customer corresponds through the Service (where Customer is an individual).

2.2. Types of Personal Data. Customer Personal Data includes Personal Data, the extent of which is determined and controlled by the Customer in its sole discretion, such as the contents, senders, and recipients of communications (emails, sms-text, voice) sent and received through the Service.

2.3. Subject-Matter and Nature of the Processing. The subject-matter of Processing of Customer Personal Data by Company is the provision of the Services to the Customer that involves the Processing of Customer Personal Data. Customer Personal Data will be subject to those Processing activities which Company needs to perform in order to provide the Services pursuant to the Agreement and any applicable statement of work.

2.4. Purpose of the Processing. Customer Personal Data will be Processed by Company for purposes of providing the Services set out into the Agreement and any applicable statement of work.

2.5. Duration of the Processing. Customer Personal Data will be Processed for the duration of the Agreement, subject to the Return or Deletion of Customer Personal Data Section of this Addendum.

  1. Processing of Customer Personal Data

3.1. The parties acknowledge and agree that Customer is the Controller of Customer Personal Data and the Company is the Processor of that data. Company will only Process Customer Personal Data as a Processor on behalf of and in accordance with the Customer’s prior written instructions, including with respect to transfers of personal data. Company is hereby instructed to Process Customer Personal Data to the extent necessary to enable Company to provide the Services in accordance with the Agreement.

3.2. If Company cannot Process Customer Personal Data in accordance with Customer’s instructions due to a legal requirement under any applicable European Union or Member State law, Company will (i) promptly notify the Customer of such inability, providing a reasonable level of detail as to the instructions with which it cannot comply and the reasons why it cannot comply, to the greatest extent permitted by applicable law; and (ii) cease all Processing of the affected Customer Personal Data (other than merely storing and maintaining the security of the affected Customer Personal Data) until such time as the Customer issues new instructions with which Company is able to comply. If this provision is invoked, Company will not be liable to the Customer under the Agreement for failure to perform the Services until such time as the Customer issues new instructions.

3.3. Each of the Customer and the Company will comply with their respective obligations under the Data Protection Legislation. Customer shall ensure that Customer has obtained (or will obtain) all rights and consents (if required) which are necessary for Company to Process Customer Personal Data in accordance with this Addendum.

3.4. In connection with the performance of the Agreement, Customer authorizes Company to transfer Customer Personal Data from the European Economic Area (“EEA“) to the United States. Company has certified to the [EU-U.S. and Swiss-U.S.] Privacy Shield frameworks as administered by the U.S. Department of Commerce and commits to comply with its obligations for the Customer Personal Data transferred under the Privacy Shield throughout the term of this Addendum.

  1. Confidentiality

4.1. Company will ensure that any person whom Company authorizes to Process Customer Personal Data on its behalf is subject to confidentiality obligations in respect of that Customer Personal Data.

  1. Security Measures

5.1. Company will implement appropriate technical and organisational measures to protect against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Customer Personal Data.

5.2. Company will, at the Customer’s request and subject to the Customer paying all of Company’s fees at prevailing rates, and all expenses, provide the Customer with reasonable assistance as necessary for the fulfilment of the Customer’s obligation to keep Customer Personal Data secure.

  1. Sub-Processing

6.1. Customer authorizes Company to appoint sub-Processors to perform specific services on Company’s behalf which may require such sub-Processors to Process Customer Personal Data. Company will inform Customer of any intended changes concerning the addition or replacement of any sub-Processors and Customer will have an opportunity to object to such changes on reasonable grounds within fifteen (15) business days after being notified. If the parties are unable to resolve such objection, either party may terminate the Agreement by providing written notice to the other party.

6.2. Company will enter into a binding written agreement with the sub-Processor that imposes on the sub-Processor the same obligations that apply to Company under this Addendum. PRIMARI remains responsible for its subcontractors’ compliance with the obligations of this DPA. Any subcontractors to whom PRIMARI transfers personal data will have entered into written agreements with PRIMARI requiring that the subcontractor abide by terms substantially similar to this DPA.

  1. Data Subject Rights

7.1. Company will, at the Customer’s request and subject to the Customer paying all of Company’s fees at prevailing rates, and all expenses, provide the Customer with assistance necessary for the fulfilment of the Customer’s obligation to respond to requests for the exercise of Data Subjects’ rights. Company shall not respond to such requests without Customer’s prior written consent and written instructions. Customer shall be solely responsible for responding to such requests.

  1. Personal Data Breaches

8.1. Company will notify the Customer as soon as practicable after it becomes aware of any Personal Data Breach affecting any Customer Personal Data. At the Customer’s request and subject to the Customer paying all of Company’s fees at prevailing rates, and all expenses, Company will promptly provide the Customer with all reasonable assistance necessary to enable the Customer to notify relevant security breaches to the competent data protection authorities and/or affected Data Subjects, if Customer is required to do so under the GDPR. Customer is solely responsible for complying with data incident notification requirements applicable to Customer and fulfilling any third-party notification obligations related to any data incidents.

  1. Data Protection Impact Assessment; Prior Consultation

9.1. Company will, at the Customer’s request and subject to the Customer paying all of Company’s fees at prevailing rates, and all expenses, provide the Customer with reasonable assistance to facilitate conducting data protection impact assessments and consultation with data protection authorities, if the Customer is required to engage in such activities under the GDPR, and solely to the extent that such assistance is necessary and relates to the Processing by the Company of the Customer Personal Data, taking into account the nature of the Processing and the information available to the Company.

  1. Return or Deletion of Customer Personal Data

10.1. Company will return or delete, at Customer’s choice, Customer Personal Data to the Customer after the end of the provision of Services relating to the Processing, and delete existing copies unless the applicable European Union or member state law requires storage of the data.

  1. Information

11.1. The Company will, at Customer’s request and subject to the Customer paying all of Company’s fees at prevailing rates, and all expenses, provide the Customer with information sufficient to demonstrate compliance with its obligations under the GDPR, and, where such information does not demonstrate Company’s compliance with the GDPR, allow for and contribute to audits, including inspections, conducted by the Customer or an auditor mandated by the Customer, to the extent that such information is within Company’s control and Company is not precluded from disclosing it by applicable law, a duty of confidentiality, or any other obligation owed to a third party, and provided that such audits shall be carried out with reasonable notice during regular business hours not more often than once per year. Company will immediately inform Customer if, in its opinion, an instruction from Customer infringes the Data Protection Legislation.

  1. Liability

12.1. Each party’s liability towards the other party under or in connection with this Addendum will be limited in accordance with the provisions of the Agreement.

12.2. Notwithstanding the foregoing, the Customer acknowledges that the Company is reliant on the Customer for direction as to the extent to which Company is entitled to Process Customer Personal Data on behalf of Customer in performance of the Services. Consequently the Company will not be liable under the Agreement for any claim brought by a Data Subject arising from any action or omission by the Company, to the extent that such action or omission resulted from the Customer’s instructions or from Customer’s failure to comply with its obligations under applicable Data Protection Legislation.

  1. General Provisions

13.1. With regard to the subject matter of this Addendum, in the event of inconsistencies between the provisions of this Addendum and the Agreement, the provisions of this Addendum shall prevail.

If you require a signed copy of this addendum, please email info@primari.ai

 

Effective as of October 25th 2019

Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from Youtube
Vimeo
Consent to display content from Vimeo
Google Maps
Consent to display content from Google