Privacy Policy

Introduction

This Privacy Policy outlines how DataPress, Ltd. ("DataPress", "we", "us", or "our") collects, uses, discloses, and manages your personal information, as well as how you can exercise your privacy rights. This Privacy Policy applies to personal information we collect when you visit our website at datapress.com ("Site"), use our Data Portal services ("Services"), or otherwise interact with us (e.g., by attending an event or communicating with us). If you do not agree with this policy, please do not access or use our Site, Services, or engage with any other aspect of our business.

This Privacy Policy does not apply to data submitted to the Data Portals ("Customer Data"). A separate agreement ("Customer Agreement") governs the provision, access, and use of the Services, including the processing of Customer Data. With respect to any personal information included in Customer Data, the organization (e.g., your employer or another entity or person) that entered into the Customer Agreement ("Customer") controls its instance of the Services and any associated Customer Data. If you have any questions about a Customer's instance of the Services and any associated Customer Data, please contact the Customer.

We encourage you to read this Privacy Policy in its entirety to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Policy, you can click on the relevant link below to jump to that section.

What does DataPress do?

DataPress provides a cloud-hosted web service that offers "Data Portals" for our customers. These Data Portals are branded websites where customers can create accounts, add colleagues to teams, and upload datasets and statistics to be shared with each other. Our service is designed to facilitate secure data sharing and collaboration among teams, as well as enable the creation of public datasets.

For more information about DataPress, please email us at [email protected].

What personal information does DataPress collect?

The personal information we may collect about you can be categorized as follows:

> Information that you provide

We gather information about you when you input it into our Site or the Services, or otherwise provide it directly to us.

> Account and profile creation

We collect information about you when you sign up for an account, create or modify your profile, and set preferences for the Services. For instance, you may provide your contact information, including your first and last name, email address, and password when you register for the Services. We track your preferences when you select settings within the Services, such as marketing and notification settings.

> Sign in via other platforms

You have the option to log in via your account with other platforms (e.g., Google, Github, or Azure Devops) instead of creating a user account. We will not collect the password you use for the relevant platform, but we may collect details from your account with the platform, such as your username and email address.

> Requests and inquiries

You may choose to provide us with information when you contact us about our Services or otherwise interact with us. For example, you may submit information regarding an issue you encounter with our Services and send us screenshots to help resolve the issue. You may provide your contact information to register for our events, subscribe to receive marketing communications from us, or make an inquiry through our Site. You may also share content with us when you participate in a survey, contest, promotion, or event, including via social media and other content platforms.

> Transactions

If you enter into a contract for our Services, we will collect transaction information, such as the Service plan you select, information related to renewals, credits, and cancellations, and your billing address. We will process payments using purchase orders and invoices, and as a result, we may collect and store the necessary invoicing and billing information, such as your organization's name, contact person, address, and relevant financial details. However, we do not handle or store sensitive payment information such as credit card numbers or bank account details.

If you register for a paid Service, we will collect transaction information, such as the Service plan you purchase, information related to refunds, credits, and cancellations, and your billing address and payment information. Please note that any payment information you provide is sent directly to a third-party payment processor. We do not have access to and do not store your payment information.

> Information that we collect from your device and usage

We collect certain information about your device and how you and your device interact with our Site, Services, or with us via email. In some countries, including countries in the European Economic Area and the United Kingdom (together, "Europe"), this information may be considered personal data under applicable data protection laws.

Specifically, the information we collect may include your IP address, device type, unique device identification numbers, browser type, operating system, general location information (e.g., inferred from an IP address), and referring URL. We also collect information about how you and your device have interacted with our Site, Services, or with us via email, including the pages you accessed, features you used, Services you purchased, links you clicked, and when you accessed and for how long.

> Information that we obtain from third-party sources

Occasionally, we receive personal information about you from third-party sources (including social media and other content platforms, public databases, and our business and channel partners and service providers).

The types of information we collect from third parties include name, email addresses, job titles, and social media profiles. We may combine this information with information we collect through other means described above. This helps us to maintain and improve the accuracy of our records, identify new customers, deliver personalized communications, and suggest services that may be of interest to you.

How does DataPress use my personal information?

We utilize your information for business-related and commercial objectives, including to:

1. Provide, maintain, and enhance the Site and Services, including system administration, system security, and introducing new features or capabilities;
2. Manage your account and send you relevant information, including confirmations, updates, technical notices, security alerts, and support and administrative messages;
3. Address your comments, questions, and requests, and deliver customer care and support services;
4. Communicate with you about the Services, products, offers, surveys, events, content, and other news and information that may be of interest to you;
5. Observe and analyze trends, usage, and activities in connection with the Site, Services, and our communications with you;
6. Identify, investigate, and prevent fraudulent transactions and other illegal activities, safeguard the rights and property of DataPress and others, and comply with legal requirements;
7. Customize and improve the Site and Services and provide advertisements, content, and features tailored to your profile and interests, as well as remember information about your preferences for the Site and Services;
8. Fulfill any other purpose for which the information was gathered.

We may aggregate or de-identify information collected through the Services. We may use aggregated or de-identified data for any purpose, including without limitation for research and marketing purposes.

Legal basis for processing personal information

As a UK-based company operating within the European Union, we collect and process information about you only when we have a legal basis for doing so under European laws. This means that we gather and process your information only when:

1. It is necessary for providing the Site or Service, such as registering you as a new user, operating the Site or Service, offering technical support, and ensuring the safety and security of the Site or Service.
2. It aligns with our legitimate interests, for instance, marketing and promoting the Service and safeguarding our legal rights and interests, as long as they do not conflict with your own interests, rights, and freedoms.
3. It is required to comply with a legal obligation or in connection with a legal claim, such as responding to court orders or subpoenas.
4. You grant consent for a specific purpose, such as receiving marketing communications (when consent is mandated under applicable marketing laws).

The legal bases for processing personal information depend on the type of information and the purpose of our processing. In some situations, we may rely on more than one legal basis for processing personal information.

We are committed to ensuring that your personal information is processed lawfully, fairly, and transparently. If you have any questions or concerns about our legal bases for processing personal information, please contact us at [email protected].

Who does DataPress disclose my personal information to?

We may disclose your personal information to the following categories of recipients:

• Affiliate companies who help operate and improve our Site or Service (including to support the delivery of, provide functionality on, or help to enhance the security of our Site or Service), offer other DataPress affiliated services to you, or who otherwise process personal information for the purposes described in this policy. The protections of this policy apply to the information we disclose in these circumstances.
• Third-party service providers who provide hosting, storage, support, payment processing, billing, communication, analysis, and other services to us, which may require them to access or use information about you. If a service provider needs to access or use information about you to perform services on our behalf, they do so under appropriate security and confidentiality procedures designed to protect your information.
• Any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
• An actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger, or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this policy.
• Any other person with your consent to the disclosure.

We do not sell your personal information to third parties, and we do not share your personal information with third parties for their own marketing purposes without your explicit consent.

Please note that our Site or Service may contain links to third-party websites, services, and applications that are not operated or controlled by us. This privacy policy does not apply to those third-party services, and we are not responsible for the practices of those third-party websites or services. We recommend that you review the privacy policies of those third-party services before using them.

Cookies and similar tracking technologies

We use cookies and similar tracking technology (collectively, “Cookies”) to facilitate and improve your use of the Site and Services. These Cookies are essential for providing you with access to the Site or Service and for keeping you logged in during your session. We do not use Cookies to track your activity on the Site or Services, and we do not use Cookies to serve tailored marketing to you.

However, we allow our customers to employ certain third-party services (e.g., Google Analytics) on their client websites (i.e., when they are using the Services). These services may use Cookies or other tracking technologies to collect information about your interactions with those websites. We do not control these third-party services and are not responsible for their privacy practices.

You may choose to disable Cookies on your browser, but please note that doing so may limit your ability to use or access certain parts of the Site and Service. We do not respond to browser-initiated Do Not Track signals.

If you have any questions or concerns about our use of Cookies and similar tracking technology, please contact us at [email protected].

How does DataPress keep my personal information secure?

At DataPress, we take the security of your personal information seriously. We employ reasonable technical and organizational measures to safeguard your information against unauthorized access, disclosure, alteration, or destruction. Our security measures are designed to meet the level of risk associated with the processing of your personal information.

However, please note that no security system can guarantee complete protection against all potential threats, and the internet is inherently vulnerable to security breaches. Therefore, we cannot ensure or warrant the absolute security of any personal information transmitted over the internet or stored on our systems. In particular, email communications may not be secure, so we advise you to be cautious when sharing sensitive information via email.

If you have any concerns about the security of your personal information or believe that it has been compromised, please contact us immediately at [email protected].

International data transfers

As a UK-based company with a global customer base, we may transfer your personal information outside the European Union or the European Economic Area to our affiliate companies located in countries such as the United States and Canada. Where we transfer your personal information to countries and territories outside of Europe, which have been formally recognised as providing an adequate level of protection for personal information, we rely on the relevant “adequacy decisions” from the European Commission and “adequacy regulations” from the Secretary of State in the United Kingdom.

When we transfer your personal information to these countries, we ensure that adequate safeguards are in place to protect your personal information in accordance with European data protection laws. We rely on the Data Processing Agreements of any affiliate companies with physical presence outside the EU to ensure that they provide adequate protections for personal information that is transferred outside the EU. These agreements typically include the EU Standard Contractual Clauses, which have been approved by the European Commission as a means of safeguarding personal information that is transferred to countries that are not considered to have an adequate level of data protection.

By using our Site or Service, you consent to the transfer of your personal information to countries outside the EU, where we ensure appropriate safeguards are in place to protect your personal information. If you have any questions or concerns about the international transfer of your personal information, please contact us at [email protected].

Data retention

We retain the personal information we collect from you only as long as we have a legitimate business need to do so or as required by applicable law. This includes providing you with the services you have requested, maintaining and improving the performance of our Site and Service, and keeping our systems secure.

We may also need to keep your personal information for legal reasons even after our relationship has ended, for example, to comply with regulatory or accounting requirements, to deal with and resolve requests and complaints, and to protect individual rights and property. The specific retention periods for personal information depend on the nature of the information and why it was collected and processed.

We regularly review our retention policies and apply the following criteria to determine the appropriate retention period:

• How long is the personal information needed to provide the Site and Service or operate our business?
• Is there a legal or regulatory obligation that requires us to retain the personal information?
• Has consent been provided for a longer retention period?
• Is the personal information of a sensitive nature?
• Are there automated controls, such as account settings, that enable you to access and delete your personal information at any time?

When we no longer have a legitimate business need or legal requirement to retain your personal information, we will either delete or anonymise it. If this is not possible, we will securely store your personal information and isolate it from any further processing until deletion is possible.

Your data protection rights

As a UK-based company, we recognize and respect your data protection rights under European laws. Depending on your location, you may have the following data protection rights:

• You have the right to access, correct, update, or request the deletion of your personal information. To exercise any of these rights, please submit a request to us at [email protected].
• You have the right to object to the processing of your personal information, to ask us to restrict the processing of your personal information, or to request the portability of your personal information. To exercise any of these rights, please submit a request to us at [email protected].
• You have the right to opt-out of receiving marketing communications from us at any time. You can do so by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you, or by updating your preferences in your account settings.
• If we have collected and processed your personal information with your consent, you have the right to withdraw your consent at any time. Please note that withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• You have the right to lodge a complaint with a supervisory authority about our collection and use of your personal information. For more information, please contact your local supervisory authority. (Contact details for supervisory authorities in Europe are available here.) Certain supervisory authorities may require that you exhaust our own internal complaints process before looking into your complaint.

We take your data protection rights seriously and will respond to all requests in accordance with applicable data protection laws. Please contact us using the details provided under the “How to contact us” heading below to exercise any of your data protection rights.

Children's privacy

Protecting the privacy of minors is important to us at DataPress. Our Site and Service are not intended for or directed to individuals under the age of 16. We do not knowingly collect personal information from anyone under the age of 16. If we become aware that we have inadvertently collected personal information from a child under 16 without parental consent, we will take steps to remove the information and terminate the child's account.

If you are 16 years old or older but have not yet reached the age of majority in your jurisdiction, you must obtain permission from your parent or legal guardian before using our Site or Service. We encourage parents and guardians to supervise their children's online activities to ensure a safe and enjoyable experience. If you have any questions or concerns about our privacy practices as they relate to minors, please contact us using the information provided below under the "How to contact us" heading.

Third-party websites

Our Site and Services may include links to third-party websites or platforms from companies other than DataPress, such as relevant online resources, social media platforms, our partners' websites, payment processors, and other third-party websites. Please note that this Privacy Policy applies only to our Site and Service, and we are not responsible for the privacy practices or content of these other websites. If you have any questions about how these other websites use your information, you should review their policies and contact them directly. DataPress is not responsible for the actions of third parties or the content of their websites.

Updates to this Privacy Policy

We may make changes to this Privacy Policy from time to time as required by changes in legal, regulatory, or business environments. When we make any significant changes to the Policy, we will notify you of these changes in a manner consistent with the importance of the changes that we make. We may seek your consent to any significant changes if it is required by applicable data protection laws.

You can find the date when this policy was last updated at the top of this page. We encourage you to review this Policy periodically to stay informed about our practices regarding your personal information.

How to contact us

If you have any questions or concerns about our use of your personal information, please contact us by sending an email to [email protected].

The data controller of your personal information is DataPress Ltd. Our address is: