Legal

Privacy Policy

Thank you for choosing to be part of our community at Sayari Labs, Inc & Sayari Analytics, LLC, doing business as Sayari (“Sayari”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at [email protected].

When you visit our websites and use our Services (e.g. sayari.com, graph.sayari.com), you trust us with your personal information. We take your privacy very seriously. In this privacy policy, we seek to explain in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it. Please read through this Privacy Policy carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue the use of our Services.

This Privacy Policy applies to all Sayari websites, services, and sales or marketing events (we refer to them collectively in this privacy policy as the “Services“). Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us and exercising your privacy rights.

1. What Information Do We Collect?

Personal Information You Disclose To Us

We collect personal information that you voluntarily provide to us when expressing an interest in obtaining information about us or our products and services, when participating in activities on our Services or otherwise contacting us. The personal information that we collect depends on the context of your interactions with us and our Services, the choices you make, and the products and features you use. The personal information we collect can include the following: first name, last name, job title, company, business email; business phone number; and any other information you choose to share with us. All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information Automatically Collected

We automatically collect certain information when you visit, use or navigate our Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services and other technical information, which may qualify as personal information using cookies, web beacons, or similar technologies. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could negatively affect your ability to use our Services. While some internet browsers offer a “do not track” or “DNT” option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard adopted by industry groups, technology companies, or regulators. Therefore, we do not currently commit to responding to browsers’ DNT signals with respect to our Services.

Information Collected From Other Sources

We may obtain information about you from other sources, such as public databases, joint partners, as well as from other third parties. Examples of the information we receive from other sources that are made available via our services include: official corporate filings, official global trade records, official sanctions lists, etc. Examples of the information we receive from other sources that are used for marketing purposes include: social media profile information; marketing leads, search results and links, and paid listings (such as sponsored links).

Sensitive Information

We do not intentionally collect any Sensitive Information about you for the purposes of the activities described in this Policy. Sensitive information refers to data that includes details about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data, health-related data, or data concerning a person’s sex life or sexual orientation. If you volunteer such information when using our Services, it may be stored and processed by Sayari.

We do not knowingly process or store personal information of children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 18, please contact us at [email protected].

2. How Do We Use Your Information?

We process the personal information we collect for the business objectives outlined below:

  • Account creation, management, and login facilitation, including linking with third-party accounts. Legal Basis: The performance of a contract and in some cases obtaining your consent.
  • Sending marketing and promotional communications in line with your preferences, with the option to opt out. Legal Basis: Your consent and our legitimate interest in promoting our services. You can withdraw your consent or opt out at any time.
  • Managing orders, payments, returns, and exchanges made through our Services. Legal Basis: The performance of a contract.
  • Delivering targeted advertising tailored to your interests and/or location. Legal Basis: Your consent (where required) and our legitimate interests in effective marketing.
  • Requesting feedback on your use of our Services. Legal Basis: Your consent and our legitimate interest in improving our services and customer experience.
  • Providing services to identify risk. Non-Customer Data Legal Basis: Legitimate interest; Customer Data Legal Basis: The performance of a contract.
  • Responding to user inquiries and offering support. Legal Basis: The performance of a contract and our legitimate interest in offering effective customer service.

3. Will Your Information Be Shared With Anyone?

We may share your personal information with third-parties, for example:

  • External service providers, including those offering IT and system management services, as well as centralized administrative functions.
  • Vendors engaged in marketing, conducting surveys, event planning and management, data enhancement services, payment processing, data analysis, email delivery, hosting services, and customer service.
  • Professional consultants, such as legal advisors, financial institutions, auditors, and insurance providers.
  • Regulatory and government authorities, when we are obliged to disclose information for reporting purposes or to comply with legal requirements and judicial processes.
  • In accordance with legal mandates, in response to lawful requests by public authorities, including those pertaining to national security or law enforcement requirements.
  • Collaborative partners, specifically for the purpose of enabling them to assist in providing our Services to you. 
  • In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Our customers, only when the data was collected from other sources, as defined in Section 1: Information Collected From Other Sources, and made available via our services for the purpose of identifying risk.

Unless described in this Policy, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will secure your personal information and retain it for the period we instruct. You can view an updated list of our subprocessors here: (https://sayari.com/subprocessors/).

4. International Transfers

Transferring and processing your information may involve moving your data beyond the boundaries of the European Economic Area (EEA). Under the regulations of the General Data Protection Regulation, which safeguards your personal information, we implement appropriate measures when transferring your data outside the EEA. These measures include:

  • Transferring your personal information to nations recognized by the European Commission as having adequate data protection standards; or
  • Engaging with our affiliates or service providers located outside the EEA, utilizing European Commission-approved Standard Contractual Clauses or other mechanisms approved by the European Commission that ensure a level of data protection comparable to that in Europe.

Should these measures not be applicable, we may seek your explicit agreement for specific data transfers. You retain the right to retract this consent at any point.

5. How Long Do We Keep Your Information?

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). In determining the appropriate duration for retaining data, we consider factors such as the volume, type, and sensitivity of the data, the potential risk of harm from unauthorized access or disclosure, the purposes for which we process the data, whether these purposes can be fulfilled through other means, and applicable legal obligations.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. How Do We Secure Your Information?

Sayari maintains a mature security and privacy program and is audited by external parties. Sayari is SOC 2 Type 2 and UK Cyber Essentials Plus compliant which demonstrates our commitment to security. Our comprehensive approach to security includes a wide array of technical and organizational measures designed to protect against unauthorized access, disclosure, alteration, or destruction of personal information. 

We have established policies and procedures to address any potential breaches of Personal Information. In the event of a breach, we will inform both you and the relevant regulatory authorities, as required by law.

7. What Are Your Privacy Rights?

Under the data protection legislation applicable to you, you may possess specific rights regarding your personal information. Depending on the laws that apply, these rights might include:

  • The right to request access to your personal information.
  • The right to have any inaccuracies in your personal information corrected.
  • The right to erase or delete your personal information.
  • The right to request a restriction on our processing of your personal information.
  • The right to transfer your personal information to another controller, where feasible.
  • The right to object to the processing of your personal information.

To exercise any of these rights, please submit a request here: (https://prighter.com/q/17122117530).

To confirm your identity and your entitlement to access your personal information (or to exercise any other rights), we may need specific information from you. This is a security measure to ensure that personal information is not disclosed to anyone who has no right to receive it. We may also reach out for additional information regarding your request to expedite our response.

We aim to respond to all valid requests within one month. However, for particularly complex requests or numerous concurrent requests, this period may extend beyond a month. In such cases, we will keep you informed.

If you have any concerns about how we handle your data, you have the right to lodge a complaint with the data protection supervisory authority in your country of residence. We would appreciate the opportunity to address your concerns before you approach the supervisory authority, so please contact us first (see section 8 for more details).

You may opt out of receiving marketing messages from us or third parties at any time. You can do this by clicking the unsubscribe link in any marketing message we send, or by submitting a request here: (https://prighter.com/q/17122117530). Please note that opting out of marketing communications does not apply to personal information provided due to other transactions, like purchases.

California residents, as “consumers” under the California Consumer Privacy Act (“CCPA”) and the California Privacy Rights Act (“CPRA”), have specific privacy rights, barring certain statutory exceptions. These rights include accessing or deleting personal information that a business has collected, the right to correction, knowledge of, and the ability to opt-out of automated decision-making, and opting out of sharing personal information for targeted advertising. The categories of data we collect are detailed in Section 1.

Under the CCPA, you also have the right to opt out of the “sale” of your personal information. The CCPA broadly defines “sale,” which may include common data sharing practices, though transfers to service providers are not considered “sales.” California residents wishing to exercise their rights under the CCPA or CPRA to access and/or delete their personal information can submit a request here: (https://prighter.com/q/17122117530).

8. Data Privacy Framework

In relation to the personal information we process and transfer from the European Union, Switzerland, or the UK to the United States, as outlined in this Policy, we are a committed participant in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as applicable. The Federal Trade Commission oversees our compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

In instances where this notice might conflict with the Principles of the Data Privacy Frameworks, the Principles shall take precedence. For further details on the Data Privacy Framework program and our certification, please visit https://www.dataprivacyframework.gov/s/.

For individuals in the EU, UK, and Switzerland, there is an option to seek binding arbitration in certain scenarios for complaints concerning our adherence to the Data Privacy Framework Principles, which are not resolved by other Data Privacy Framework mechanisms. Additional details can be found here: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

When we engage third parties to process personal information on our behalf under the Data Privacy Framework, these third parties must also comply with the obligations of the Framework. We accept liability for any non-compliance by these third parties, unless we can demonstrate that we are not responsible for the event leading to any incurred damages.

9. How Can You Contact Us?

To exercise your privacy rights, please submit a request here: (https://prighter.com/q/17122117530).

The address and contact details of our office where Sayari is located can be found here: (https://sayari.com/contact-us/). You can contact a member of our privacy team at [email protected].

10. Dispute Resolution

If a privacy complaint or dispute relating to Personal Data received by Sayari Labs Inc in reliance on the Data Privacy Framework (or any of its predecessors) cannot be resolved through our internal processes, we have agreed to participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure. Subject to the terms of the VeraSafe Data Privacy Framework Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Data Privacy Framework Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/

Binding Arbitration

If your dispute or complaint related to your Personal Data that we received in reliance on the Data Privacy Framework cannot be resolved by us, nor through the dispute resolution mechanism mentioned above, you may have the right to require that we enter into binding arbitration with you under the Data Privacy Framework “Recourse, Enforcement and Liability” Principle and Annex I of the Data Privacy Framework.

11. Third Party Links

Our Services provide links to external third-party websites, plug-ins, and applications for your convenience. When you click on these links or activate these connections, third parties might collect or share your data. We do not have authority over these external sites and their privacy policies. Therefore, once you navigate away from our website, we advise you to review the privacy notices of each site you visit, as our Policy and procedures do not extend to those external websites.

Additionally, we may offer access to forums, message boards, and news groups on our Services. It’s important to be aware that any information you share in these forums becomes publicly accessible. We do not oversee the subsequent use of this information and urge you to be mindful of the data you choose to disclose. Please note that our sites, along with these message boards, chat rooms, and forums, are not designed for or targeted at individuals under the age of 18.

12. Changes To This Policy

We may periodically update this Policy to accommodate evolving legal, regulatory, or operational needs. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We recommend that you regularly visit this page to stay informed about our current privacy practices.

Published: March 8, 2024