Last Updated: May 7, 2020
Tapwage Inc (“Tapwage,” “Datapeople,” “we,” “us,” or “our”) is strongly committed to protecting your privacy.
To the extent permitted by applicable law, by using any of the Services or by affirmatively accepting any Subscriber Agreement which links to or incorporates this Policy, you consent to the collection and use of all information that you provide or that is legally or contractually provided to Datapeople, and all information that Datapeople.iollects based on your use of the Services, in accordance with this Policy and/or Subscriber Agreement.
Datapeople EU-US and Swiss-US Privacy Shield Notice
Datapeople has certified with the EU-U.S. and Swiss-U.S. Privacy Shield with respect to the personal data we receive and process on behalf of our customers through our platform (the “Services”). Datapeople certifies that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement for personal data submitted by our customers in the European Union, the United Kingdom, and Switzerland through the Services, and our Privacy Shield certification will be available here (Link to be Provided – Once Approved). We may also process personal data our customers submit relating to individuals in the E.U. via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
The Services may contain links to websites or services operated by individuals or entities other than Datapeople. Such links, where applicable, are provided for your reference and convenience only, and are the exclusive responsibility of the owners of each such Website or service. Datapeople is not responsible for the content or operation of such websites or services, nor the security or privacy of any information collected by such third-parties. You are solely responsible for determining the extent to which you may use any content at any other such website or services, and you should review the privacy statements or policies applicable to these third-party websites or services.
Information We Collect
Datapeople.iollects personal information that you voluntarily provide through interaction with, or use of, the Services, or to the extent applicable, via third-party websites and applications when requesting information regarding the Services, which information may respectively include, but is not limited to, your name, email address, billing information, participation on social or professional networks, etc.
For marketing purposes, we collect information about your visits to, and activity on, the Website, the number of times you have viewed an advertisement or opened an email, and other such usage information. When you receive promotional emails or other such communications from Datapeople, we may use certain service providers, customized links, or similar technologies to determine whether an email has been opened and which links were accessed. We also may make use of location-based data for our Services and might ask you to enter your general location, specifically to provide more relevant advertisements or promotional offers, rather than to personally identify you.
Some of the personal information we collect may not be provided directly by you (e.g. your name, email address, or role may be provided by your employer if they have purchased Services for you). Under no circumstances should you provide personal information about others unless you are authorized and permitted to do so. By submitting personal information about others, you represent and warrant that you have received authorization and consent from the person about whom you are providing the personal information. We also collect information from certain third parties (such as service providers or via publicly available sources), to offer Services we think may be of interest, to enable us to maintain data accuracy or to provide and improve the Services continuously.
When you access the Services, we may automatically collect certain information regarding usage of the Services. This information, which is collected passively using various technologies, generally will not specifically identify you or other individuals. Examples may include I.P. addresses, browser types, domain names, and other anonymous statistical data regarding aggregate usage.
If you contact us to provide feedback, file an inquiry, or otherwise communicate in a manner that necessitates action or a response, we will record personal information and other content that you provide for us to respond to your communication or act as required effectively.
Regarding payment information, if you purchase any of the Services, we will collect financial or credit card information and other information necessary to process the transaction. Such information is collected and used strictly for billing purposes only, is not shared or used for any other purposes, and is and will be processed in accordance with all applicable laws.
Please note that, during the provision of our Services, we may also process information provided by our customers directly or through authorized third-party integrations (which we call “Customer Data”). Datapeople has no direct relationship with the individuals whose personal data (Personal Data) it hosts as part of Customer Data. Each customer or user is responsible for providing notice to its users and third persons concerning the purpose for which the customer collects their Personal Data and how this Personal Data is processed in or through the Service as part of Customer Data.
We utilize Google Analytics and Mixpanel to improve your experience. To our knowledge, Google Analytics and Mixpanel use both session and permanent cookies to collect information on how such relevant Services perform, as well as certain usage statistics. Datapeople solely uses Google Analytics and Mixpanel to evaluate and assess your use of the Services, review aggregate and statistical reports, and generally improve the Services for you. We further use Mixpanel to track or to collect Personally Identifiable Information (PII) of visitors to our site including your account information and email address. We will use this information in order to maintain, enhance, or add to the functionality of the Website. Mixpanel will not share your PII or associate your PII with any other data held by Mixpanel. Mixpanel respects “Do Not Track” settings in web browsers. Follow the instructions in this guide to prevent your browser from sending data to Mixpanel. You can learn more about Google Analytics’ privacy practices and the ability to opt-out of Google Analytics tracking by clicking here.
Use of Personal Information.
Datapeople’s goal is to provide our clients with the best Services possible and to maintain a focus on client satisfaction. As such, we are committed to providing you with responsive, personalized offerings and ensuring that individuals are informed about relevant and new information and Services that may be of immediate interest or which will enable you to derive the greatest value from the Services. We, therefore, use personal information for the following business-related purposes:
User Registration and Client Services/Support: We use personal information such as your name and email address to register and administer your account, provide technical and client support and training, verify your identity, and send important account, subscription, and Services information.
Provision of the Services and Personalization: Personal and aggregate information gathered from usage is utilized to analyze trends and better understand how individuals can most effectively use the Services, to ultimately deliver and suggest tailored content and to personalize your experience with our Services. Such information is utilized for internal research and development purposes, and strictly related to improving and testing the features and functions of our Services.
Marketing Communications: We use personal information to deliver marketing communications to you across various platforms, including but not limited to, email, telephone, and various other channels. As described further below, we will comply with all applicable laws which may require us to obtain your clear and unambiguous consent or maintain other lawful and legitimate reasons for using your personal information for such initiatives. If we send you a marketing email, it will include instructions on how to opt-out of receiving these emails in the future. For clients, it is important to note that even if you opt-out of receiving marketing emails, we may still send you important information related to your accounts and subscriptions. If you choose to participate in a survey or poll, any personal information you provide may be used for marketing or market research purposes.
Legal Obligations: We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law, which may include laws outside your country of residence; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; (c) to enforce our terms of service or other terms and conditions; and (d) to protect our rights, privacy, safety, or property, or those of other persons.
Sharing Information and Accountability for Onward Transfer
We only share or disclose personal information to the extent necessary to provide the Services, conduct our business operations, or when we believe that applicable law permits or requires disclosure. When sharing personal information, we strive to abide by all applicable privacy and security requirements. Occasionally, we may share non-personal, anonymized, and statistical data with third-parties. In the event of a merger, acquisition, consolidation, change of control, corporate divestiture or dissolution where we sell all or a portion of our business or assets, we will disclose necessary personal information and such information will be governed by the privacy policies of acquiring entities.
Our business operations are supported by several Datapeople teams and departments, and certain, limited personal information will be made available to them as necessary to conduct such operations (for example, for teams engaged with the provision of Services, client services, sales and marketing, technical support, product development, etc.). Any and all Datapeople employees and agents are required to follow strict data privacy and security policies when handling personal information.
In certain circumstances, we are supported by third-parties which provide limited and necessary services on our behalf. These third-parties only receive personal information necessary to fulfill the services they provide to us, such as hosting promotional websites, marketing services, performing statistical analysis of our Services, etc. Under no circumstances are such third-party providers permitted to use obtained personal information for any purpose other than to provide Datapeople with the designated services. We further require all such third-parties to maintain the confidentiality of the information. We regularly assess our third-parties to ensure they are maintaining strict compliance with our policies in regard to data security and compliance.
We require our third-parties, that maintain any access to privacy or compliance data, to comply with the Notice and Choice Principles under our Privacy Shield Agreement.
If a third-party is unable to meet those obligations, we reserve the right to terminate their agreement with us and securely remove all data from their systems. We will take necessary and reasonable steps to ensure that unauthorized processing is prohibited. We can provide a summary or representative copy of our relevant privacy provisions of our contract with specific agents as requested with advanced notice.
Lastly, we will share personal information when we believe it is legally required or necessary. For example, when and to the extent we believe, in good faith, that we are legally compelled to do so pursuant to an order of a court of competent jurisdiction or other governmental body.
In the context of an onward transfer Datapeople has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Datapeople shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
Data Storage and Security Protocols
We use Amazon Web Services (AWS) to host our Services and store information on servers located in the United States. By using the Services, you agree and consent to allow your data to be stored on such AWS servers, all of which are based solely in the United States. AWS does not control, and neither is permitted to access or use your personal information, except for the limited purpose of storing the information. More information about AWS‘s compliance can be found on their compliance page.
In addition to the protections offered by AWS, we use reasonable administrative, technical, personnel, and physical measures to safeguard information against loss, theft, unauthorized use, etc. To help us protect your privacy, you should always maintain the secrecy of any combination of username or password in connection with your participation in the Services. Nonetheless, you acknowledge that no Internet transmission can be guaranteed to be entirely secure or error-free, and you further agree that any transfer of personal information over the Internet, as related to the Services, is at your own risk. If we or any of our service providers are required to disclose or provide notice to you of unauthorized access to or other invasions of certain security systems, you agree that we may provide you notice by either posting the notice on the Website or sending notice to any email address we have on file for such communications.
Accessing and Controlling Your Information
We will review your requests for personal information and, where applicable, will correct, amend, or delete your personal information. While we will make reasonable commercial efforts to accommodate requests, we also reserve the right to impose certain restrictions and requirements on such access requests or refrain from replying, if required or permitted by applicable laws.
To protect personal information, all requests for information are subject to relevant legal requirements and exemptions, including identity verification procedures. Before providing any data, including even confirming whether we have any data, we will ask for proof of identity and sufficient information about your interaction with us to locate relevant data and confirm that the request is indeed coming from you. We may also charge you a fee for providing you with a copy of your data (except where this is not permissible under local law).
In some jurisdictions, you have the right to correct or amend your personal information if it is inaccurate or requires updating. You may also have the right to request the deletion of your personal information; however, this is not always possible due to legal requirements and other obligations and factors. Of course, you can always contact the applicable government or regulatory authorities in your jurisdiction.
To opt-out of email marketing, you can use the unsubscribe link found in the email communication you receive from us, visit the applicable email preference center, or contact us as described below, as applicable.
Questions Regarding this Policy and Your Information
For all inquiries regarding Privacy Shield, compliance, further information, complaints, or requests please contact us in writing at the following address:
90 Broad Street, #803
New York, NY 10004
In addition to writing at the above address, you can email us at Hello@Datapeople.io.
We will work with you to resolve your issue.
If you are a resident of a European country participating in the Privacy Shield and you have not received a timely response to your concern, or we have not addressed your concern to your satisfaction, you may seek further assistance, at no cost to you, from JAMS, which is an independent dispute resolution body in the United States.
We also commit to cooperate with competent EU, Swiss and U.K. data protection authorities (DPAs) with regard to our customers end-users’ human resources data transferred from a European country participating in the Privacy Shield in the context of the employment relationship.
You may also be able to invoke binding arbitration for unresolved complaints, but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles concerning the resident.
U.S. Federal Trade Commission Enforcement
Our Privacy Shield compliance is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Right of Access
Requirement to Disclose
We may disclose personal data when we have a good faith belief that such action is necessary to: conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; or to enforce our contractual obligations.