Graphika Privacy Policy
Effective Date: December 6th, 2022
Graphika Technologies, Inc. (phone: [646-653-9769], email: info@graphika.com, hereinafter as “Graphika”, “we”, “us”, or “our”) is the controller of your Personal Information in the meaning of Art. 4 no. 7 of the EU General Data Protection Regulation (“GDPR”).
Graphika recognizes the importance of privacy and has developed this Privacy Policy to be transparent with You about how we collect, use, disclose, and safeguard Your Personal Information. We define “Personal Information” to mean personally identifiable information about an individual, such as a name, address, email address, phone number, or other identifier that permits identification of a specific individual, or as otherwise defined by applicable privacy and data security laws.
In this Privacy Policy, we describe how we collect, use, and disclose the Personal Information that we obtain about visitors (“Visitors”) to our website www.graphika.com (the “Site”) and online application (the “App”), and individuals who have accounts with us to use the Services available through our Site and App (“Users”). We refer collectively to Visitors and Users as “You” in this Privacy Policy.
Graphika is the social media intelligence company that empowers its customers (through our world-class analyst and SaaS platform) with timely insights about the stakeholder audiences and narratives that matter most to their organizations. We map complex digital networks, the actors within them, and the conversations and connections between them with our patented deep learning technology and network reduction tools, providing focus and visibility into how information and influence emerges and spreads (collectively, the “Services”). Your use of our Services, and any dispute over privacy, is subject to this Privacy Policy and any other agreements in place between Graphika and You, including our Website Terms of Use (collectively, the “Agreements”), including any applicable limitations on damages and the resolution of disputes.
Except to the extent that they interact with our Services as Users, the information that we collect about subjects of the network relationship maps developed through our Services (“Subjects”) is not subject to this Privacy Policy. We have no direct relationship with Subjects, and the information that we collect about them is subject to the privacy policies of the social networks with which they engage. Further, if You access our social media analytics platform, this is not subject to this Privacy Policy either, but to the platform’s privacy policy.
Information We Collect Directly from You
We may collect Personal Information directly from You. If You create an account with us, we collect Your name, email address, username, password, and/or Twitter or other social media handle. We will also collect any other Personal Information that You provide to us through your use of our Site or our Services, such as Your name, title and email address if You sign up for our marketing materials (newsletter) or updates or you fill out our contact form at our Site.
Information We Collect from Third Parties
We may collect publicly available Personal Information of our Users from third parties. For example, if You are a User and provide us with Your Twitter handle, we may collect certain Personal Information about You from Twitter. Please note that Graphika is not responsible for the privacy practices of third parties from which it receives information about You. Please see our Third-Party Sites section below for more information.
We also collect information about Subjects from third parties, including Twitter and Instagram. However, as noted above, our collection of such information about Subjects is not subject to this Privacy Policy.
Information We Collect Automatically
We automatically collect information about You through Your use of our Site or App: IP address, browser type, domain name, the website that led You to our Site/App, the website to which You go after leaving our Site/App, the dates and times You access our Site/App, device ID, and activities within our Site/App (e.g., links You click, searches You run, etc.). Further, we may collect your Personal information with the help of cookies and other tracking mechanisms – in this respect please see our Cookies and Other Tracking Mechanisms section below for more information.
How We Use Information
We use Your Personal Information for the following purposes:
- Operating Our Site and App. To provide, maintain, secure and improve our Site/App. In such case the collection and processing of your Personal Information is based on Art. 6 para. 1 (f) GDPR (necessary for the purpose of the legitimate interests of the data controller). Our legitimate interest is to provide the Site/App at an appropriate technical level and to continuously maintain and improve them.
- Providing Our Services. To provide and maintain our Services, and for other customer service and support purposes. In such case the collection and processing of your Personal Information is based on Art. 6 para. 1 (b) GDPR (necessary for the performance of a contract with you).
- Improving Our Services. To improve our Services; to develop new features or services; to perform technical operations, such as updating software. In such case the collection and processing of your Personal Information is based on Art. 6 para. 1 (f) GDPR (necessary for the purpose of the legitimate interests of the data controller). Our legitimate interest is to continuously improve our Services.
- Research and Analytics. To analyze how You interact with our Site or App; to monitor and analyze usage and activity trends; and for other research, analytical, and statistical purposes. In such case the collection and processing of your Personal Information is based on Art. 6 para. 1 (f) GDPR (necessary for the purpose of the legitimate interests of the data controller). Our legitimate interest is to continuously improve our Services.
- Communications. To communicate with You, in particular to send You updates or respond to Your inquiries in case you fill out our contact form at the Site. In such case the processing of your personal data is based on Art. 6 para. 1 (f) GDPR (necessary for the purpose of the legitimate interests of the data controller or a third party). Our legitimate interest is to (a) respond to inquiries of our Users and to communicate with them, (b) inform our Users in an efficient way about our Services.
- Marketing. To provide You with news and newsletters, special offers, promotions, and other information we think may interest You, and for other informational, marketing, or promotional purposes, subject to your prior consent. In such case the processing of your personal data is based on Art. 6 para. 1 (a) (your consent). Please note that You have the right to object at any time against the processing of Your Personal Information for direct marketing purposes – in this case Your Personal Information will no longer be processed for such purpose. Our communications with You may include communications via email. Please see our section regarding Your Choices for more information about how to change Your communications preferences.
- Protecting Rights and Interests. To protect the safety, rights, property, or security of Graphika, the Site, the App, Services, our systems, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues, to detect and avoid hacker attacks; to prevent or stop activity which Graphika, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; and to enforce this Privacy Policy or any Agreements. In such case the processing of Your Personal Information is based on Art. 6 para. 1 (f) GDPR (necessary for the purpose of the legitimate interests of the data controller or a third party). The legitimate interest is to protect our Site/App against data security incidents, to protect the lawful rights and interests of Graphika, third parties (such as affiliates) or the general public.
- Legal Compliance. To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request from law enforcement or a governmental authority. In such case the processing of Your personal data is based on Art. 6 (1) lit. c) GDPR (necessary for compliance with a legal obligation).
- Recruitment. If you visit the career page of our Site and submit an application via our Site, we process your Personal Information provided by you in the course of your application to manage the application procedure. In such case the processing of your Personal Information is based on Art. 6 (1) b) GDPR (processing is necessary in order to take steps at the request of the data subject prior to entering into a contract). If we conclude a contract with you, the submitted data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no contract is concluded, the application data and documents will be automatically erased six months after notification of the refusal decision at the latest, provided that no other legitimate interests of the controller are opposed to the erasure. In each case we comply with the principles of data processing as set out in the GDPR, in particular with the principles of purpose limitation and data minimization.
How We Disclose Information
We disclose Your Personal Information as consented by You before disclosure, or as follows:
- Users. To other Users for purposes of providing our Services. For example, Your organization may have an administrator account, and the administrator may be able to see information about the various accounts under it. You may also be able to elect to share information with other Users to, for example, enable collaboration. In such case the collection and processing of your Personal Information is based on Art. 6 para. 1 (b) GDPR (necessary for the performance of a contract with you).
- Affiliates and Distributors. To current or future affiliates or subsidiaries or distributors for the purpose of providing our Services, for research, marketing, and other purposes consistent with this Privacy Policy. We will take all steps reasonably necessary to ensure that Users’ Personal Data is treated securely in respect of such disclosure and as described in this Privacy Policy. In such case the disclosure of the Personal Information is based on your consent in accordance with Art. 6 (1) GDPR (necessary for the purpose of the legitimate interests of the data controller). Our legitimate interest is to enable efficient provision of our Services.
- Service Providers. To our vendors, service providers, agents, or others who perform functions on our behalf as data processors. We use third parties to send emails on our behalf, for hosting internet services, for log processing and analysis, analyzing the use of our Site/App and for security monitoring. We may share your Personal Information with these third parties only for the purposes of performing these functions and providing such services and subject to the required data processing contracts. We ensure that in connection with the engagement of our service providers we comply with the provisions of Art. 28 GDPR. We engage only service providers who provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing ensures the protection of Your rights. We primarily engage service providers located within the European Economic Area. Should we engage service providers in third countries (i.e. located outside of the European Economic Area), we make sure that Art. 44-49 GDPR are complied with. We currently engage service providers in the U.S. (such as Google and Intercom).
- Business Transfers. To another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, bankruptcy proceeding, or as part of any other similar business transfer. In such case the transfer of the Personal Information is based on Art. 6 (1) lit. f) GDPR (necessary for the purpose of the legitimate interests of the data controller or a third party). The legitimate interest is to enable corporate transactions.
- Protecting Rights and Interest. To authorities, courts, legal advisors or other third parties we may disclose Personal Information if this is necessary in order to protect the safety, rights, property, or security of Graphika, the Services, the Site, the App, our systems, any third party; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity which Graphika, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; and to enforce this Privacy Policy or any Agreements. In such case the disclosure of your Personal Information is based on Art. 6 para. 1 (f) GDPR (necessary for the purpose of the legitimate interests of the data controller or a third party). The legitimate interest is to protect the lawful rights and interests of Graphika or third parties (such as affiliates).
- Legal Compliance. To authorities or courts in order to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; in response to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request from law enforcement or a government official. In such case the disclosure of your personal data is based on Art. 6 (1) lit. c) GDPR (necessary for compliance with a legal obligation).
- Aggregate and De-Identified Information. To business partners, marketing or advertising agencies we may disclose aggregate, anonymous, or de-identified information for marketing, advertising, research, compliance, or other purposes. Such disclosure does not affect Personal Information.
Cookies and Other Tracking Mechanisms
We and our service providers use cookies and other tracking mechanisms to track information about how You use our Site/App. We or our service providers may combine this information with other information, including Personal Information.
Visitors and Users of our Site/App receive notification of the types of cookies and other tracking technologies used when accessing our Site/App for the first time. They are asked whether they consent to our use of the cookies/tracking technologies.
- Cookies. Cookies are alphanumeric identifiers that we transfer to a computer’s hard drive through a web browser for record-keeping purposes. Some cookies allow us to make it easier for You to navigate our Site, while others are used to enable a faster log-in process or to allow us to track Your activities while using our Site/App. Most web browsers automatically accept cookies, but if You prefer, You can edit Your browser options to block them in the future. The Help portion of the toolbar on most browsers provides information about how to prevent a computer from accepting new cookies, how to have the browser notify upon receiving a new cookie, or how to disable cookies altogether. If You disable cookies, You may be able to browse certain areas of the Site/App, but some features may not function (e.g., You may not be able to stay logged into Your account).
- Clear GIFs, pixel tags, and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on a computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track Your activities, help us manage content, and compile statistics about usage of our Services. We and our service providers also use clear GIFs in HTML emails to You, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Third-Party Services
We may use third-party analytics companies, such as Google Analytics, to evaluate the use of our Site, App and Services. We or our service providers use these tools to help us understand use of, and to improve, our Site, App and the Services, performance, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (“LSOs”), to perform their services.
- Google Analytics. This website uses Google Analytics, a web analytics service provided by Google, Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). The use includes the “Universal Analytics” operating mode. This facilitates the assignment of data, sessions and interactions across several devices to a pseudonymous user ID and thus the analysis of a user's activities across devices.
- Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how users use the Site/App. The information generated by the cookie about your use of the website/App (including your IP address) is usually transmitted to and stored by Google on servers in the United States, a country that does not offer an equivalent level of protection of privacy to that applicable in the European Union. However, IP anonymisation is activated on the Site/App, i.e. the Google Analytics code is supplemented by “anonymizeIp” to ensure an anonymized collection of IP addresses (so called IP-masking), thus Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand, so that a direct connection to the individual user is eliminated. Google will truncate/anonymize the last octet of the IP address within Member States of the European Union or in other states parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. Google obliged itself to process all personal data received from the EU in accordance with the EU-US Privacy Shield Framework (Art. 45 (3) GDPR).
- On behalf of Graphika, Google will use this information for the purpose of evaluating your use of the Site/App, compiling reports on website or App activity and providing other services relating to Site/App activity and usage. Google will not associate your IP address with any other data held by Google.
- Sessions and campaigns are terminated after a certain period of time. By default, sessions are closed after 30 minutes without activity and campaigns after six months. The time limit for campaigns may not exceed two years. To learn more about Google’s privacy practices, please visit https://www.google.com/analytics/terms/gb.html or https://policies.google.com/?hl=en.
- The legal basis for the processing of your personal data with help of Google Analytics is Art. 6 (1) lit. a GDPR (your consent). You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of the Site/App. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.
- Google Analytics uses “cookies”, which are text files placed on your computer, to help analyze how users use the Site/App. The information generated by the cookie about your use of the website/App (including your IP address) is usually transmitted to and stored by Google on servers in the United States, a country that does not offer an equivalent level of protection of privacy to that applicable in the European Union. However, IP anonymisation is activated on the Site/App, i.e. the Google Analytics code is supplemented by “anonymizeIp” to ensure an anonymized collection of IP addresses (so called IP-masking), thus Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand, so that a direct connection to the individual user is eliminated. Google will truncate/anonymize the last octet of the IP address within Member States of the European Union or in other states parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. Google obliged itself to process all personal data received from the EU in accordance with the EU-US Privacy Shield Framework (Art. 45 (3) GDPR).
- YouTube API. Graphika uses YouTube API services, a subsidiary of Google. By using Graphika’s products or services, you agree to and are bound by the YouTube Terms of Service, which you can access at https://www.youtube.com/t/terms. You can find Google’s complete Privacy Policy at http://www.google.com/policies/privacy.
- Intercom. The Site/App uses third-party analytics services to help understand your usage of our Site, App and Services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our Site or use our App.
- As a data processor acting on our behalf, Intercom analyzes your use of our Site and/or App and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy.
- We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy.
- Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. The legal basis for the processing of your Personal Information with help of Intercom is Art. 6 (1) lit. a GDPR (your consent). If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.
- As a data processor acting on our behalf, Intercom analyzes your use of our Site and/or App and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom's use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy.
- Do Not Track Disclosure. Our Site may not respond to Do Not Track signals. You can learn more about Do Not Track signals at http://www.allaboutdnt.com/. You may, however, disable certain tracking as discussed in the Cookies and Other Tracking Mechanisms section above (e.g., by disabling cookies).
- Interest-Based Advertising. We use third parties such as network advertisers to display advertisements on our Site/App, to assist us in displaying advertisements on third-party services, and to evaluate the success of our advertising campaigns.
- You may opt out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information regarding this practice by NAI members and DAA members, and Your choices regarding having this information used by these companies, including how to opt out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: www.networkadvertising.org/optout_nonppii.asp (NAI) and www.aboutads.info/choices (DAA).
- Opting out of one or more NAI member or DAA member networks only means that those members no longer will deliver targeted content or ads to You. It does not mean You will no longer receive any targeted content or ads on our Site/App. You may continue to receive advertisements, for example, based on the particular website that You are viewing (i.e., contextual advertising) or from entities that are not members of the NAI or DAA. Also, if Your browsers are configured to reject cookies when You visit an opt-out page, or You subsequently erase Your cookies, use a different computer or change web browsers, Your NAI or DAA opt out may no longer be effective.
- You may opt out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information regarding this practice by NAI members and DAA members, and Your choices regarding having this information used by these companies, including how to opt out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: www.networkadvertising.org/optout_nonppii.asp (NAI) and www.aboutads.info/choices (DAA).
Third Party Sites
Our Site/App may contain links to third-party websites and applications provided by third parties. Any access to and use of such linked websites, applications, or third-party services is not governed by this Privacy Policy but instead is governed by the privacy statements of those third parties. We are not responsible for the privacy practices of such third parties, and we encourage You to read their privacy statements.
Security
We have implemented a number of measures to help protect the Personal Information we collect in line with Art. 32 GDPR. These measures include limiting access to Personal Information to employees with a need to access it and encrypting Personal Information provided through our Site using Secure Socket Layer (SSL) technology. Please note, however, that while we endeavor to keep our security measures up-to-date, no data security measures can guarantee complete security.
In addition, there are steps that You can take to help protect Personal Information, including choosing a robust password for your device and/or account that nobody else knows or can easily guess and keeping Your log-in and password private. If an unauthorized third party compromises our security measures, Graphika is not responsible for any direct or indirect damages caused by such unauthorized party’s access, acquisition, or distribution of Your personal information.
If You believe that Your Personal Information has been compromised, we encourage You to notify us immediately. You can also learn more about steps you can take to protect your Personal Information at https://www.consumer.ftc.gov/articles/0272-how-keep-your-personal-information-secure.
Data Retention
Please note that we retain Personal Information about You - in accordance with our record retention policies - as long as necessary for the achievement of the purposes of the processing as mentioned above (e.g. to enforce any Agreements or to ensure the security of our Site and App).
Your Personal Information will be erased or anonymized as soon as such data are not anymore necessary for the purpose of their collection. In particular this means that we erase Visitors’ automatically collected data within 7 days if no suspicious event (e.g. security incident) occurs, and we erase User data without delay if your User account is deleted; unless (i) legal retention obligations do not permit the erasure (e.g. under German law we are obliged to retain letters and emails for six years; documents relevant for tax purposes for ten years) – in such case your personal data will be stored for the statutory retention period; (ii) another legal basis applies and permits the retention or processing in line with art. 6 (1) GDPR, in particular if Graphika has a legitimate interest in storing the data (e.g. for the purpose of using such data in a potential lawsuit).
In any case, your Personal Information will be erased or anonymized without delay if the processing is based on your consent and you withdraw your consent to the processing of your personal data.
Your Rights and Choices
- Right to information. Upon request, we will inform you in writing as to whether and, if so, what Personal Information we have stored about you. You may view your Personal Information at any time free of charge and request their rectification, erasure or the restriction of processing.
- You also have the right to receive the Personal Information we retain about you in a structured, commonly used and machine-readable format. Upon your request, we will transfer your Personal Information to another data controller. In order to exercise any of the rights mentioned in this section or should you have any questions regarding the processing of your Personal Information, please contact us at privacy@graphika.com.
- You may also contact us at privacy@graphika.com and we will be happy to provide any information you may require or deal with any suggestions or complaints you may have. You also have the right to lodge a complaint with the competent data protection authority.
- You also have the right to receive the Personal Information we retain about you in a structured, commonly used and machine-readable format. Upon your request, we will transfer your Personal Information to another data controller. In order to exercise any of the rights mentioned in this section or should you have any questions regarding the processing of your Personal Information, please contact us at privacy@graphika.com.
- Opting out of Processing. Where processing is based on your consent, you have a right to withdraw consent at any time, without affecting the lawfulness of the processing before withdrawal.
- Opting out of Email Communications. Subject to your opt-in, we may send periodic promotional or informational emails to You. You may opt out of such communications by following the opt-out instructions contained in the email or contacting us at privacy@graphika.com. Please note that it may take up to 10 business days for us to process opt-out requests. If You opt out of receiving marketing emails from us, we may still send You non-promotional emails (e.g., about Your account with us).
- Children. Our Site/App are not targeted to children under thirteen years of age, and we do not knowingly collect personal information from children under thirteen. If we discover that a child under thirteen has provided us with personal information, we will promptly delete such personal information from our systems. Contact Us. If You have questions about the privacy aspects of our Site/App or for further information about our data privacy policies and practices, please contact us at privacy@graphika.com.
Changes to this Privacy Policy
This Privacy Policy is current as of the Effective Date set forth above. We may change this Privacy Policy from time to time. We will post any changes, including any material changes, to this Privacy Policy on our Site. In the case of changes not reasonable to you, the change shall only enter into force if you did not object to it within 30 days of receiving notice thereof.