We primarily collect and maintain three categories of information, which categories may include both information that can be used to identify or contact an individual (“personal information”) and other non-personal information:
- Customer Information. You may provide, and we may collect, information when you activate, subscribe for or otherwise use the Services (“Customer Information”). Examples of Customer Information include your account information such as username and password, billing information, name, email address, mailing address, phone number, usage details of the Service, information related to support or service requests, and current geographic location and language.
- Target Data. We collect data stored or uploaded by you into the Services about the behavior and demographics of your customers and other third parties that consent to the receipt of marketing and other content from you, or that otherwise interact electronically with you or your website (“Target Data”). All Target Data is controlled by our Customers, who are the data controllers for such information with respect to EU data protection laws and regulations. Each Customer is responsible for obtaining the requisite consent in accordance with applicable law from its customers and third parties for us to collect and use the Target Data as necessary for the provision of the Services. Except as provided herein, we will not process Target Data for other purposes or by other means than as instructed by our Customers.
- Information from Other Sources. We may obtain Customer Information, including personal information, about you or a prospective customer from our business partners or other third parties, for the purposes of providing you with improved Services.
Although we do not actively collect such information, certain information that is provided to us by our customers may relate to or contain personal information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of an individual (any such information, “Sensitive Information”).
The Site and Services are not intended to be used by children under the age of sixteen (16) for residents of the European Economic Area (“EEA”) and under the age of thirteen (13) for all others, and we do not knowingly collect information from such children. If we become aware that a child under the age of thirteen (13) (or a child from the EEA under the age of sixteen (16)) has provided us with information, we will remove it from our systems. If you believe we might have any information from or about underage children, please contact us at email@example.com.
how we use your information
We use information that we collect about you or that you provide to us, including any personal information, in various ways, including the following:
- Operations. We use Customer Information that we collect to provide, maintain, improve and develop our Services, to provide information, products, support or services that you request from us; to fulfill any other purpose for which you provide it; and to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- Marketing. If you have provided your contact information to us, you agree we may use such information to contact you for marketing purposes via direct mail, email, telephone, pre-recorded messages, text messages, instant messages or other communications methods. If, however, you live in the European Union or another jurisdiction where affirmative and express consent is required, we will obtain such consent before contacting you for marketing purposes. For all of our customers, if at any time you do not want us to use your information in this way, or to pass your details on to third parties for marketing purposes, please opt-out by following the instructions set forth below.
- Customer Support. If you have a problem, comment, or request concerning the Site or the Services, we will use the contact information provided by you to respond to those problems, comments or requests. In certain instances, our response may be provided to other WhatCounts customers or third parties as necessary to respond to any problem, comment, or request, but any such response shall not include your personally identifiable information.
- Target Data. WhatCounts may use Target Data in connection with its performance of the Services, and in accordance with the instructions provided by the applicable Customer. We may also use non-personally identifiable Target Data in aggregate and blinded formats that do not identify, reference or imply an association with, Customer or its customers, for the purposes of creating benchmarking, statistical, research and marketing analyses, surveys, reports and studies. If you are a customer of one of our Customers and would no longer like to be contacted by one of our Customers that use our Service, please contact the Customer that you interact with directly.
- Usage Information. We use Usage Information generally to improve the accessibility and usage of our Site and Services. We may use Usage Information to personalize the Services to you, provide customized advertising, marketing, content or information, communicate with Site visitors, monitor and analyze Site usage and access.
disclosure of your information
- Disclosures With Your Consent. We may disclose your personal information to third parties with your consent, or if we notify you that the information you provide will be shared in a particular manner and you provide such information.
- Disclosures To Our Partners. Where lawful to do so, and subject to your consent where required, we may provide Customer names to certain trusted business partners for marketing purposes, but will never share any Target Data with such business partners.
- Disclosures To Service Providers. In addition to Disclosures Required by Law, we may engage subcontractors, service providers and other third parties to help us deliver, maintain, upgrade, create, or improve the Site and/or the Service, and these parties may have access to certain of your information in the course of providing such services. Further, we may share your information with third parties in connection with our analysis of Site usage, as discussed below, under “Cookies and Web Beacons”. In the event you do not agree to any such disclosure, you may contact us as discussed below to modify or delete the information we hold. Additionally, aside from in connection with Disclosures Required by Law, any disclosure to a third party of personal information of data subjects within the EEA will only be made if such third party satisfies the requirements of the EU-U.S. Privacy Shield (as defined below), or has entered into a written agreement with us providing that it will provide at least the level of privacy protection as is provided in the EU-U.S. Privacy Shield Framework.
WhatCounts reserves the right to share any information that is not deemed personal information or is not otherwise subject to contractual restrictions.
third party websites
As part of the Services, the Site may contain links to websites operated by third parties. We are not responsible for the privacy practices or the content of any third party websites. Customers and visitors who link to third party websites from the Site should check the privacy and security policy statements of such third party websites to understand the policies and practices of such third party websites as we are not responsible for those policies and practices. Customers and visitors who access a linked site may be disclosing their private information to the owner of such third party websites. Please review these policies before you submit any personal data to these websites. It is your responsibility to keep such information private and confidential.
From time to time, personal information from data subjects in the EEA that we collect may be transferred or accessed by entities who may be based outside of the EEA. We may also allow our service providers or assistance providers, who may be located outside the EEA, access to your personal data. We may also make other disclosures of your personal data overseas, for example, if we receive a legal or regulatory request from a foreign law enforcement body. We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests. For example, transfers to our service providers and other third parties will always be protected by contractual commitments, further assurances where appropriate, such as the European Commission’s approved Standard Contractual Clauses, or certification schemes such as the EU – U.S. Privacy Shield for the protection of personal data transferred from within the EU to the United States of America.
WhatCounts will not retain your personal information longer than is necessary to fulfill the purposes for which it was collected unless a longer retention period is required or permitted by law.
choice and access – control, e-mail and opt-out
You may request access to and correction of, amendment to, or deletion of any information provided to us at any time by contacting us at firstname.lastname@example.org. You may also request your information by mail addressed to WhatCounts, 3445 Peachtree Road NE, Suite 600 Atlanta GA 30326. We will respond to any written requests within thirty days.
You may always decline to share certain personal information with us, in which case we may not be able to provide to you some of the features and functionality of the Services.
If you received one or more e-mails from us, it means one of two things: (i) your e-mail address is on our list of customers, free trial users or prospective customers; or (ii) you have provided us your e-mail address so that we could contact you. If you believe you received an email from us in error, please contact us immediately at email@example.com.
We provide you with the opportunity to opt-out of receiving certain communications from us at any point in time. If you wish to cease receiving e-mails and other communications from us, you can opt-out of by contacting us at firstname.lastname@example.org.
In the event we become aware that we have collected Sensitive Information, we will obtain your consent prior to revealing such Sensitive Information to any unauthorized third party or to using it for purposes other than those for which it was originally collected.
In addition to the above rights of access, correction, amendment or deletion, if you live in the EU, you may, subject to applicable law, have some or all of the following rights with respect to your personal information:
- to restrict processing of your personal data under certain circumstances
- to transmit your data (as provided by you, directly or otherwise collected by us by virtue of your use of the Services) in machine-readable format to you or to a third party when we justify our processing on the basis of your consent or the performance of a contract with you;
- to withdraw your consent to our processing of your personal data (where that processing is based on your consent);
to obtain, or see a copy of the appropriate safeguards under which your personal data is transferred to a third country or international organization;
- to object, at any time, to the processing of your personal information, on legitimate grounds, except if otherwise permitted by applicable law;
- to erase your personal data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed); and
- to file a complaint with your local supervisory authority for data protection.
If you are seeking to exercise any of the foregoing rights, please contact us at email@example.com.
Please note that WhatCounts has no direct relationship with our Customer’s customers or other third parties whose personal information we may process as Target Data on behalf of a Customer. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, or has other inquiries with respect to their personal information should direct his or her query to the Customer they deal with directly.
your California privacy rights
California Civil Code Section § 1798.83 permits users of our Site or Services that are California residents to request certain information, including the categories of personal information disclosed to third parties for their marketing purposes and the names and addresses of those third parties, regarding our disclosure of personal information to third parties for their direct marketing purposes. If you are California resident and would like to make such a request, please submit your request via email to firstname.lastname@example.org.
Some Internet browsers include the ability to transmit “Do Not Track” signals. We do not currently process or respond to “Do Not Track” signals. To learn more about “Do Not Track”, please visit “All About Do Not Track.”
security of the information collected
We use technical, administrative, and physical security measures to protect against the loss, misuse, alteration, disclosure, and unauthorized access of data used by our system, and to ensure that all data used by our system is reliable for its intended use, and is accurate, complete, and current. Also, we provide each customer with a unique username and password that must be entered each time a customer logs into its account. No data transmissions over the Internet, however, are guaranteed to be completely secure. While we strive to protect your data from unauthorized use or disclosure, WhatCounts does not warrant or guarantee the security of the data that you provide to us; any transmission of data is at your own risk.
cookies and web beacons
There are two types of cookies: session-based cookies and persistent-based cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you have closed your browser or turned off your computer. They include such information as a unique identifier for your browser. Standing alone, cookies do not contain personal data, and therefore do not identify you personally; they merely recognize your browser. Unless you choose to identify yourself to WhatCounts, either by responding to a promotional offer, using the Services, or registering for a free trial, you will remain anonymous to WhatCounts.
The cookies we use do not transmit personally identifiable information to us or to our service providers. You have the choice to opt-out of receiving cookies from both WhatCounts and third parties which will prevent WhatCounts and third parties from tracking information about the online advertisements that you visit. Please note that you still will have the ability to view our online advertisements even if you opt-out of receiving cookies OR if you choose to disable cookies, you may still use the Site; however, you may have limited access to some areas within the Site.
You may block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies; however, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our Site.
Pages of the Site and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us for example, to count users who have visited those pages or opened an email and for other related statistics (for example, recording the popularity of certain delivered content and offers). Our web beacons may collect some contact information (e.g., the email address associated with an email message that contains a web beacon).
EU-U.S. Privacy Shield
WhatCounts’s accountability for personal data that it receives under the EU-U.S. Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, WhatCounts remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless WhatCounts proves that it is not responsible for the event giving rise to the damage.