As of 01-01-2020

Privacy Policy

Crossing Minds, Inc. (“Crossing Minds”) provides statistical and machine learning technology to allow our customers to analyze their consumer data and provide personalized recommendations. Our Privacy Policy (“Privacy Policy”) is designed to help you understand how we collect, use and share your personal information and to assist you in exercising the privacy rights available to you.

Scope

This Privacy Policy applies to personal information processed by us in our business, including on our websites, and other online or offline offerings (collectively, the “Services”).

This Policy applies to all of our operating divisions, subsidiaries, affiliates, and branches, including its U.S. affiliates certified under the Privacy Shield and any additional subsidiary, affiliate, or branch that we may subsequently form.

I. PERSONAL INFORMATION WE COLLECT

The categories of personal information we collect depend on whether you are a client, a customer of our client (“client customer”), a website user, applicant or visitor, and the requirements of applicable law.

Information You Provide to Us.

Client Data.

When we engage a new client, we collect name and business contact information.

Your Communications with Us.

We collect personal information from you such as email address, phone number, or mailing address when you request information about our Services, request customer or technical support, apply for a job or otherwise communicate with us.

Information Collected Automatically or From Others

Client Customer Data.

We collect client customer data, including but not limited to, names, demographic information, location information (e.g., city or zip code) and campaign interactions. We request that our clients hash, aggregate or otherwise de-identify client customer data before providing it to us.

Automatic Data Collection.

We may collect certain information automatically from users who visit our website. This information may include your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information, Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, and other information about how you use the Services. Information we collect may be associated with accounts and other devices.

We may automatically collect data regarding your use of our Services, such as the types of content you interact with and the frequency and duration of your activities. We may combine your information with information that other people provide when they use our Services, including information about you when they tag you.

Cookies, Pixel Tags/Web Beacons, Analytics Information, and Interest-Based Advertising technologies.

On our website, we, as well as third parties that provide content or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information. Technologies are essentially small data files place on your computer, tablet, mobile phone, or other devices that allow us and our partners to record certain pieces of information whenever you visit or interact with our website.

  1. Cookies. Cookies are small text files placed in visitors’ computer browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.
  2. Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in the website that collects information about users’ engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement.
Analytics.

We may also use Google Analytics and other service providers to collect information regarding visitor behavior and visitor demographics on our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/ . You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout. .

Information from Other Sources.

We may obtain information about you from other sources, including through third party services and organizations to supplement information provided by you. Information we collect through these services may include your name, your user identification number, your user name, location, gender, birth date, and email. This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with information about our business, products, and Services.

II. HOW WE USE YOUR INFORMATION.

We use your information for a variety of business purposes, including to:

Fulfil our contract with you and provide you with our Services, such as:

  1. Managing your information;
  2. Providing access to certain areas, functionalities, and features of our Services;
  3. Providing product and service recommendations;
  4. Communicating with you about activities on our Services and policy changes;
  5. Undertaking activities to verify or maintain the quality or safety of a service or device;
  6. Processing your financial information and other payment methods for Services purchased;
  7. Providing, analytics and marketing services; and
  8. Processing applications and transactions.

Analyze and improve our Services pursuant to our legitimate interest, such as:

  1. Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
  2. Undertaking research for technological development and demonstration;
  3. Researching and developing products, services, marketing or security procedures to improve their performance, resilience, reliability or efficiency;
  4. Improving, upgrading or enhancing our Services or device or those of our Providers;
  5. Developing new products and Services;
  6. Ensuring internal quality control;
  7. Verifying your identity and preventing fraud;
  8. Debugging to identify and repair errors that impair existing intended functionality;
  9. Enforcing our terms and policies; and
  10. Complying with our legal obligations, protecting your vital interest, or as may be required for the public good.

Provide you with additional content and Services, such as:

  1. Furnishing you with customized materials about offers, products, and Services that may be of interest, including new content or Services;
  2. Auditing relating to interactions, transactions and other compliance activities; and
  3. Other purposes you consent to, are notified of, or are disclosed when you provide personal information.

Automated profiling.

We may use technologies considered automated decision making or profiling. We will not make automated decisions about you that would significantly affect you, unless such a decision is necessary as part of a contract we have with you, we have your consent, or we are permitted by law to use such technology. You may escalate any concerns you have by contacting us below.

De-identified and Aggregated Information.

We may use personal information and other data about you to create de-identified and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access our Services, or other analyses we create.

Process Information on Behalf of Our Clients (as processors).

Our clients use our Services to process certain data of their own, which may contain personal information. The data that we process through our Services is processed by us on behalf of our clients, and our privacy practices will be governed by the contracts that we have in place with our clients, not this Privacy Policy.

If you have any questions or concerns about how such data is handled or would like to exercise your rights, you should contact the person or entity (i.e., the data controller) who has contracted with us to use the Service to process this data. Our clients control the personal information in these cases and determine the security settings within the account, its access controls and credentials. We will, however, provide assistance to our clients to address any concerns you may have, in accordance with the terms of our contract with them. For a list of our sub-processors, contact us as described below.

How We Use Automatic Collection Technologies.

We, as well as third parties that provide content or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies to automatically collect information through the Services. Our uses of these Technologies fall into the following general categories:

  1. Operationally Necessary . This includes Technologies that allow you access to our Services, applications, and tools that are required to identify irregular site behavior, prevent fraudulent activity and improve security or that allow you to make use of our functionality;
  2. Performance Related . We may use Technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;
  3. Functionality Related. We may use Technologies that allow us to offer you enhanced functionality when accessing or using our Services. This may include identifying you when you sign into our Services or keeping track of your specified preferences, interests, or past items viewed;
  4. Advertising or Targeting Related . We may use first party or third-party Technologies to deliver content, including ads relevant to your interests, on our Services or on third party sites.

Notice Regarding Third Party Websites and Software Development Kits.

The Services may contain links to other websites, and other websites may reference or link to our website or other Services. These other websites are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.

We may use third party APIs and software development kits (“SDKs”) as part of the functionality of our Services. APIs and SDKs may allow third parties including analytics and advertising partners to collect your personal information for various purposes including to provide analytics services and content that is more relevant to you. For more information about our use of APIs and SDKs, please contact us as set forth below.

III. DISCLOSING YOUR INFORMATION TO THIRD PARTIES.

Except as provided below, we do not share personal information. For a list of the categories of personal information we have disclosed for a business purpose in the past 12 months, please refer to the categories of personal information page. We have not sold personal information in the preceding 12 months.

Service Providers.

We may share any personal information we collect about you with our third-party service providers. The categories of service providers (processors) to whom we entrust personal information include: IT and related services; information and services; payment processors; customer service providers; and vendors to support the provision of the Services.

Business Partners.

We may provide personal information to business partners with whom we jointly offer products or services. In such cases, our business partner’s name will appear along with ours.

Affiliates.

We may share personal information with our affiliated companies.

Disclosures to Protect Us or Others.

We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

Disclosure in the Event of Merger, Sale, or Other Asset Transfers.

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

Privacy Shield.

With respect to onward transfers to agents under Privacy Shield, Privacy Shield requires that we remain liable should our agents process personal information in a manner inconsistent with the Privacy Shield Principles.

International Transfers.

We comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively “Privacy Shield”), as set forth by the U.S. Department of Commerce and enforced by the U.S. Federal Trade Commission (“FTC”), regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom and Switzerland to the United States. We have certified to the Department of Commerce that it adheres to the Privacy Shield Principles and Supplemental Principles. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

Additionally, we may protect information through other legally valid methods, including international data transfer agreements.

You agree that all information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. We have taken appropriate safeguards to require that your personal information will remain protected and require our third-party service providers and partners to have appropriate safeguards as well. Further details can be provided upon request.

IV. YOUR CHOICES.

General.

You have certain choices about your personal information. Where you have consented to the processing of your personal information, you may withdraw that consent at any time and prevent further processing by contacting us as described below. Even if you opt out, we may still collect and use non-personal information regarding your activities on our Services and for other legal purposes as described above.

Email and Telephone Communications.

If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or Services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to our Terms or this Privacy Policy).

We process requests to be placed on do-not-mail, do-not-phone and do-not-contact lists as required by applicable law.

Do Not Track.

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Cookies and Interest-Based Advertising.

You may stop or restrict the placement of Technologies on your device or remove them by adjusting your preferences as your browser or device permits. The online advertising industry also provides websites from which you may opt out of receiving targeted ads from data partners and other advertising partners that participate in self-regulatory programs. You can access these and learn more about targeted advertising and consumer choice and privacy, at www.networkadvertising.org/managing/opt_out.asp , http://www.youronlinechoices.eu/ , https://youradchoices.ca/choices/ , and www.aboutads.info/choices/. To separately make choices for mobile apps on a mobile device, you can download DAA’s AppChoices application from your device’s app store. Alternatively, for some devices you may use your device’s platform controls in your settings to exercise choice. Please note you must separately opt out in each browser and on each device. Advertisements on third party websites that contain the AdChoices link may have been directed to you based on information collected by advertising partners over time and across websites. These advertisements provide a mechanism to opt out of the advertising partners’ use of this information for interest-based advertising purposes.

Your Privacy Rights.

In accordance with applicable law, you may have the right to:

  1. Access to/Portability of Personal Data about you consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic Personal Data transferred to another party.
  2. Request Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information or we may refer you to the controller of your personal information who is able to make the correction.
  3. Request Deletion of your personal information, subject to certain exceptions prescribed by law.
  4. Request restriction of or object to processing of your personal information, including the right to opt in or opt out of the sale of your Personal Data to third parties, if applicable, where such requests are permitted by law.

If you would like to exercise any of these rights, please contact us at privacy@crossingminds.com. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.

V. DATA RETENTION.

We store the personal information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.

VI. SECURITY OF YOUR INFORMATION.

We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure.

By using the Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an e-mail to you.

VII. CHILDREN’S INFORMATION.

The Services are not directed to children under 17 (or other age as required by local law), and we do not knowingly collect personal information from children. If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below. If we learn that we have collected any personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account.

VIII. OTHER PROVISIONS.

PRIVACY SHIELD REDRESS AND ACCOUNTABILITY.

If you are an EU, UK or Swiss citizen and feel that we are not abiding by the terms of this Privacy Policy, or is not in compliance with the Privacy Shield Principles, please contact us.

In addition, we have agreed to refer unresolved complaints related to personal information to Insight Association Privacy Shield Dispute Resolution Program and, with respect to employee and human resources data, has committed to cooperate with the panel established by local data protection authorities and comply with the advice given by the panel for EU and UK citizens and with the Swiss Federal Data Protection and Information Commissioner’s authority and advice for such data of Swiss citizens. For more information and to submit a complaint regarding Individual data to Insight Association, a dispute resolution provider which has locations in the United States and EU and UK, visit Insight Association Privacy Shield Program.

In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Crossing Minds Inc at:
Emile Contal, CTO
emile@crossingminds.com
22 Rausch Street, Unit B, 94103 San Francisco CA

Crossing Minds Inc has further committed to refer unresolved Privacy Shield complaints to Fenwick & West LLP, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit Fenwick & West website for more information or to file a complaint. The services of Fenwick & West LLP are provided at no cost to you.

Such independent dispute resolution mechanisms are available to citizens free of charge. If any request remains unresolved, you may contact the national data protection authority for your UK or EU Member State.

You may also have a right, under certain conditions, to invoke binding arbitration under Privacy Shield. For additional information, see the Privacy Shield website introduction. The FTC has jurisdiction over our compliance with the Privacy Shield.

PRIVACY SHIELD COMPLIANCE.

Privacy Shield Compliance This Privacy Policy shall be implemented by us and our operating divisions, subsidiaries and affiliates. We have put in place mechanisms to verify ongoing compliance with Privacy Shield Principles and this Privacy Policy. Any employee that violates these privacy principles will be subject to disciplinary procedures.

SUPERVISORY AUTHORITY.

If you are located in the European Economic Area or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your personal information violates applicable law.

CHANGES TO OUR PRIVACY POLICY.

We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use the Services after the new Privacy Policy takes effect.

IX. CONTACT US.

If you have any questions about our privacy practices or this Privacy Policy, or if you wish to submit a request to exercise your rights as detailed in this Privacy Policy, please contact us at:

Crossing Minds, Inc.
22 Rausch Street, Suite B
San Francisco, CA 94103
privacy@crossingminds.com