Legal

1. What Information Do We Collect?

Personal Information You Disclose To Us

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our products and services, when participating in activities on our Services or otherwise contacting us. The personal information that we collect depends on the context of your interactions with us and our Services, the choices you make, and the products and features you use. The personal information we collect can include the following: first name, last name, job title, company, business email; business phone number; and any other information you choose to share with us. All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information Automatically Collected

We and our advertising and analytics partners automatically collect certain information when you visit, use or navigate our Services. This information may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information, which may qualify as personal information using cookies, web beacons, or similar technologies. We use this information to maintain the security and operation of our Services. Our advertising and analytics partners also use this information to help us conduct internal analytics and reporting, and to deliver content that we think will be of interest to you.

Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could negatively affect your ability to use our Services. While some internet browsers offer a “do not track” or “DNT” option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard adopted by industry groups, technology companies, or regulators. Therefore, we do not currently commit to responding to browsers’ DNT signals with respect to our Services.

Information Collected From Other Sources

We may obtain information about you from other sources, such as public databases, joint partners, as well as from other third parties. Examples of the information we receive from other sources that are made available via our services include: official corporate filings, official global trade records, official sanctions lists, etc. Examples of the information we receive from other sources that are used for marketing purposes include: social media profile information; marketing leads, search results and links, and paid listings (such as sponsored links).

Children

We do not knowingly process or store personal information of children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at [email protected].

2. How Do We Use Your Information?

We process the personal information we collect for the business objectives (and on the following legal basis, where required) outlined below:

• Account creation, management, and login facilitation, including linking with third-party accounts. Legal Basis: The performance of a contract and in some cases obtaining your consent.
• Sending marketing and promotional communications in line with your preferences, with the option to opt out. Legal Basis: Your consent and our legitimate interest in promoting our services. You can withdraw your consent or opt out at any time.
• Managing orders, payments, returns, and exchanges made through our Services. Legal Basis: The performance of a contract.
• Delivering targeted advertising tailored to your interests. Legal Basis: Your consent (where required) and our legitimate interests in effective marketing.
• Conducting analytics to better understand how you use the Services. Legal Basis: Your consent (where required) and our legitimate interests in improving our services and customer experience.
• Requesting feedback on your use of our Services. Legal Basis: Your consent and our legitimate interest in improving our services and customer experience.
• Providing services to identify risk. Non-Customer Data Legal Basis: Legitimate interest; Customer Data Legal Basis: The performance of a contract.
• Responding to user inquiries and offering support. Legal Basis: The performance of a contract and our legitimate interest in offering effective customer service.

3. Will Your Information Be Disclosed With Anyone?

We may disclose your personal information with third-parties, for example:

• External vendors and service providers, including those offering IT and system management services, as well as centralized administrative functions.
• Vendors engaged in marketing, conducting surveys, event planning and management, data enhancement services, payment processing, data analysis, email delivery, hosting services, and customer service.
• Professional consultants, such as legal advisors, financial institutions, auditors, and insurance providers.
• Regulatory and government authorities, when we are obliged to disclose information for reporting purposes or to comply with legal requirements and judicial processes.
• In accordance with legal mandates, in response to lawful requests by public authorities, including those pertaining to national security or law enforcement requirements.
• Collaborative partners, specifically for the purpose of enabling them to assist in providing our Services to you. 
• In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
• Our customers, only when the data was collected from other sources, as defined in Section 1: Information Collected From Other Sources, and made available via our services for the purpose of identifying risk.

4. International Transfers

Transferring and processing your information may involve moving your data beyond the boundaries of the European Economic Area (EEA). Under the regulations of the General Data Protection Regulation, which safeguards your personal information, we implement appropriate measures when transferring your data outside the EEA. These measures include:

• Transferring your personal information to nations recognized by the European Commission as having adequate data protection standards; or
• Engaging with our affiliates or service providers located outside the EEA, utilizing European Commission-approved Standard Contractual Clauses or other mechanisms approved by the European Commission that ensure a level of data protection comparable to that in Europe.

By providing us with your information, you acknowledge any such transfer, storage, or processing. For more information about our participation in the Data Privacy Framework program, please see the section “Data Privacy Framework” below.

5. How Long Do We Keep Your Information?

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). In determining the appropriate duration for retaining data, we consider factors such as the volume, type, and sensitivity of the data, the potential risk of harm from unauthorized access or disclosure, the purposes for which we process the data, whether these purposes can be fulfilled through other means, and applicable legal obligations.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. How Do We Secure Your Information?

Sayari maintains a security and privacy program which includes a wide array of technical and organizational measures designed to protect against unauthorized access, disclosure, alteration, or destruction of personal information. However, no method of transmission over the internet and no means of electronic or physical storage is absolutely secure.

7. What Are Your Privacy Rights?

Under the data protection legislation applicable to you, you may possess specific rights regarding your personal information. Depending on the laws that apply, these rights might include:

• The right to request access to your personal information.
• The right to have any inaccuracies in your personal information corrected.
• The right to erase or delete your personal information.
• The right to request a restriction on our processing of your personal information.
• The right to transfer your personal information to another controller, where feasible.
• The right to restrict or object to the processing of your personal information (including for direct marketing purposes).
• The right to revoke your consent to the processing of your information for certain purposes.
• The right to opt out of the sale or sharing of your information, as such terms are defined in applicable law
• The choice of whether your personal information may be disclosed to third parties or used for purposes materially different from those for which it was originally collected or subsequently authorized by you

Many of the rights described above are subject to limitations or exceptions under applicable law. If you or your authorized agent wish to exercise any of these rights, please submit a request here: (https://prighter.com/q/17122117530).

To confirm your identity and your entitlement to access your personal information (or to exercise any other rights), we may need specific information from you. We may also reach out for additional information regarding your request to expedite our response. You may have a legal right to designate an authorized agent to make requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request as permitted by applicable law.  

If you have any concerns about how we handle your data, you may have the right to lodge a complaint with the data protection supervisory authority in your jurisdiction or country of residence. We would appreciate the opportunity to address your concerns before you approach the supervisory authority, so please contact us first at [email protected]. 

You may opt out of receiving marketing messages at any time. You can do this by clicking the unsubscribe link in any marketing message we send, or by submitting a request here: (https://prighter.com/q/17122117530). Please note that opting out of marketing communications does not apply to personal information provided due to other transactions, like purchases.

Residents of certain jurisdictions have a right to opt out of what the laws in those states call a “sale” of personal information, as well as to opt out of certain uses and disclosures of personal information for certain targeted advertising purposes. To exercise those rights, please visit our Your Privacy Choices page and follow the instructions there. If you use a cookie blocker such as Ghostery, it may block visibility of this tool or link, including in your web footer. See the sections on “Cookies and Other Information Collection Technology” and “Choices Regarding Cookies and Other Similar Technologies” above for more information about how we use cookies and other choices you may have related to those cookies. 

You must opt out on each device and each browser where you want your choice to apply. Your preference may be lost if you clear, or your browser is set to clear, cookies. If you have enabled a legally recognized browser-based opt out preference signal (such as Global Privacy Control) on your browser, we recognize such preference in accordance and to the extent required by applicable law. You will need to turn this on for each browser you use.

Additionally, we may disclose or use contact information to enable us and our advertising partners to deliver more relevant (targeted) ads to you (for example to display ads to you on a third-party social media platform) and for other advertising activities. To opt out of such disclosures, please email us at [email protected]. 

Even if you opt out, you will still see advertising, but it may be less relevant to you, or it may be personalized for you based only on a more limited set of data. 

7.1 California Privacy Notice

This California Privacy Notice (also referred to as “consumers” in the CCPA and the CPRA) applies to personal information we process about California residents. about individuals who are not residents of California is handled differently and is not subject to the same rights described in this Section. This Section does not apply to data that Sayari handles in its capacity as a processor for its customers, even when such data is about a resident of California, or to other data or activities that are not subject to the relevant provisions of the CCPA.

We collect the following categories of personal information for the business purposes described below. 

Categories of Personal Information	Purpose for Collection and Use (See Section 2 for additional details)
Identifiers: First name, last name, job title, company, business email, business phone number, IP address.	Account creation/managementSending marketing/promotional communicationsManaging orders/paymentsDelivering targeted advertisingRequesting feedbackResponding to user queries
Commercial Information: Orders, payments, returns and exchanges made through our services.	Managing orders, payments, returns and exchanges made through our services
Internet or Other Electronic Network Activity Information: Browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, cookies, web beacons and similar technologies.	Maintaining security and operation of our Services, internal analytics and reporting, delivering and targeted advertising.
Professional or Employment-Related Information: Job title, company.	Account creation/managementSending marketing communicationsProviding services
Inferences: Used to deliver targeted advertising tailored to your interests.	Delivering targeted advertising tailored to your interests and/or location.
Information from Other Sources: Official corporate filings, global trade records, sanctions lists, marketing leads, search results and links and paid listings.	Providing services

Do We Sell or Share Your Personal Information?

Some of our disclosures of personal information qualify under the CCPA as “sales” or “sharing” of personal information, as such terms are defined in CCPA. For example, the CCPA broadly defines “sale” and “sharing” broadly to include common data sharing practices that enable, among other things, cross-context behavioural advertising. We have “sold” or “shared” the following categories of personal information: identifiers, commercial information, internet or other electronic network activity, and commercial information to third parties that assist us, such as marketing, advertising, and analytics providers. To our knowledge, we do not “sell” or “share” (as those terms are defined under the CCPA) the personal information of individuals under 16 years old.

Your California Rights

Subject to certain exceptions, you have the right to:

• Request to know the categories and specific pieces of personal information we have collected, the sources of the personal information, the purposes for collecting and sharing the personal information, and the categories of third parties with whom we sell or share the personal information.
• Request the deletion of your personal information.
• Request the correction of inaccurate personal information.

As mentioned above, certain information is exempt from such requests under California law. For example, we need certain information to provide our services to you, so we may reject a deletion request for that information while providing services to you. To exercise any of these rights, please submit a request here:(https://prighter.com/q/17122117530). California law grants you the right not to receive “discriminatory treatment” (within the meaning of the CCPA) for the exercise of the privacy rights conferred by the CCPA.

We will take steps to verify your identity to our satisfaction before responding to your request, which may include, depending on the type of request you are making, the sensitivity of any data you are requesting, and the nature of your relationship with us: verifying your name, asking you to click on a link that we send to your email address, requesting that you login to an account you maintain with us, or requesting that you provide us with information about our relationship that only you are likely to have.

Right to Opt Out of Sale/Sharing

Additionally, you can exercise your right to opt out of the “sale” or “sharing” of your personal information by following the instructions on our Your Privacy Choices page. To opt out of our disclosures of contact information to advertising partners, please email us at [email protected]. Please note, opting out of “sales” and “sharing” limits only some types of disclosures of personal information.

Your browser may also offer a way to activate the Global Privacy Control signal (“GPC”).  The Services treat qualifying browsers for which the user has activated the GPC signal as having opted out of what CCPA calls a “sale” or “sharing” of any California personal information that is collected on that site from that browser using cookies and similar technology.  You can override that treatment for a GPC-enabled browser by using the cookie controls available via the Your Privacy Choices link in the website footer to opt into particular categories of cookies from that browser. In that case, “sales” and “sharing” via cookies and similar technology in those categories may resume on that browser. 

Requests Made by Agents

For security and legal reasons, we do not accept personal information requests that require us to use a third-party service (such as one operated by an agent) to view or respond to the requests. If you are an agent making a request on behalf of a consumer, we reserve the right to take steps to verify that you are authorized to make that request, We also may require the consumer to verify their identity directly with us. Because opt-out requests for sales or sharing made through cookies and related technology must be performed from each browser that is used to access our Services, it is easiest for the consumer to perform such opt-outs themselves. However, if a consumer wishes for an agent to perform browser-based requests on their behalf, the consumer may arrange for the agent to use the consumer’s browser to make such requests. We are not responsible for the security risks of this or any other arrangements that a consumer may have with an agent. For clarity, this is not permission for any user to share their login credentials with an agent or any third party. Such sharing is prohibited and is not required for an agent to make requests under this Privacy Policy.

Shine the Light

With certain exceptions, California’s Shine the Light Law (CA Civil Code § 1798.83) allows California residents with which a business has an established business relationship primarily for personal, family, or household purposes (a “customer”) to request a list of the “third parties” to which the business has disclosed certain “personal information” during the preceding calendar year where the business knows or reasonably should know that those third parties used the personal information for the third parties’ own “direct marketing purposes” (each term as defined by the Shine the Light Law). With certain exceptions, direct marketing purposes generally means use of such personal information to solicit or induce a purchase, rental, lease, or exchange of products, goods, property, or services directly to individuals by means of the mail, telephone, or electronic mail for their personal, family, or household purposes. However, a business is not required to provide this information where the business adopts and discloses a policy of not disclosing “personal information” to “third parties” for their “direct marketing purposes” (each term as defined by the Shine the Light Law) (i) unless the customer first affirmatively agrees or (ii) if the customer has exercised an option that prevents that information from being disclosed for such purposes within the meaning of that law. Sayari maintains such a policy and thus is not required to provide this information.  Sayari allows California residents to opt out of such disclosures by sending an email with “Shine the Light opt-out” in the subject line to [email protected] after which we will only make such disclosures when the consumer affirmatively opts in. We will apply those opt-outs to the sender’s email address and to other personal information we have associated with that email address or with other personal information that the sender includes for themselves in the opt-out email.

8. Data Privacy Framework

In relation to the personal information we process and transfer from the European Union, Switzerland, or the UK to the United States, as outlined in this Policy, we are a participant in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as applicable. The Federal Trade Commission oversees our compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

In instances where this notice might conflict with the Principles of the Data Privacy Frameworks, the Principles shall take precedence. For further details on the Data Privacy Framework program and our certification, please visit https://www.dataprivacyframework.gov/s/.

For individuals in the EU, UK, and Switzerland, there is an option to seek binding arbitration in certain scenarios for complaints concerning our adherence to the Data Privacy Framework Principles, which are not resolved by other Data Privacy Framework mechanisms. Additional details can be found here: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

When we engage third parties to process personal information on our behalf under the Data Privacy Framework, these third parties must also comply with the obligations of the Framework. When we receive personal data under the DPF and then transfer it to a third party acting as our agent on our behalf, we may have certain responsibility under the DPF if both (a) the agent processes the personal data in a manner inconsistent with the DPF and (b) we are responsible for the event giving rise to the damage.

If a privacy complaint or dispute relating to Personal Data received by Sayari Labs Inc in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

If your dispute or complaint related to your Personal Data that we received in reliance on the Data Privacy Framework cannot be resolved by us, nor through the dispute resolution mechanism mentioned above, you may have the right to require that we enter into binding arbitration with you under the Data Privacy Framework “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.

9. How Can You Contact Us?

To exercise your privacy rights, please submit a request here: (https://prighter.com/q/17122117530).

The address and contact details of our office where Sayari is located can be found here: (https://sayari.com/contact-us/). You can contact a member of our privacy team at [email protected].

We have appointed as our outsourced DPO, GRCI Law Limited, a company incorporated under the UK Companies Act with registered number 11311669 and with its office at Unit 3, Clive Court, Bartholomew’s Walk, Cambridgeshire Business Park, Ely, CB7 4EA.

You can contact our DPO via email at [email protected].

10. Third Party Links

Our Services provide links to external third-party websites, plug-ins, and applications for your convenience. When you click on these links or activate these connections, third parties might collect or share your data. We do not have authority over these external sites and their privacy policies. Therefore, once you navigate away from our website, we advise you to review the privacy notices of each site you visit, as our Policy and procedures do not extend to those external websites.

Additionally, we may offer access to forums, message boards, and news groups on our Services. It’s important to be aware that any information you share in these forums becomes publicly accessible. We do not oversee the subsequent use of this information and urge you to be mindful of the data you choose to disclose. Please note that our sites, along with these message boards, chat rooms, and forums, are not designed for or targeted at individuals under the age of 18.

11. Changes To This Policy

We may periodically update this Policy to accommodate evolving legal, regulatory, or operational needs. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We recommend that you regularly visit this page to stay informed about our current privacy practices.