- Data Collection
- Data Uses
- Data Location
- Data Retention
- Data Disclosure
- Cookies and Tracking Technologies#DataCollection
- Data Security
- Data Subject Rights
- Additional Information and Contact Details
- Data Collection
Sometimes we collect personal data automatically when an individual interacts with our Services and sometimes, we collect personal data directly from an individual. We may also collect personal data about an individual from other sources and third parties (such as our business customers, partners and Service Providers), even before our first direct interaction with you.
We may collect or generate the following types of personal data about individuals in relation to the Services:
- Contact data: contact and business details such as name, e-mail, phone number, position, workplace and related business insights; as well as any needs, preferences, attributes and insights relevant to our relationship;
- Account data: e-mail address, nickname, user ID, hashed password or other information used for authentication and access control, and any additional information you choose to share via the Services.
- Interactions and communications data: correspondence with us (e.g., for user experience, support and training purposes) via the Services or our social media pages (such as Twitter, Facebook), as well as chats, surveys, feedback, calls and video recordings, transcriptions, and analyses thereof.
- Usage and analytics data: connectivity, technical and behavioral usage data, IP addresses, device data (such as type, OS, device ID, browser version, locale and language settings used), activity, communication and performance logs, session recordings, issues and bugs, and the cookies and pixels installed or utilized on your device as you access or otherwise use the Services.
- Prospect Data: data relating to visitors of our website (https://digma.ai/), participants at our events, and any other prospective customer, user or partner who visits or otherwise interacts with our website, online ads and content, emails, sales and marketing channels, and integrations or communications under our control.
For the purposes of the California Consumer Privacy Act (“CCPA“), specifically, in the last twelve (12) months, we have collected the following categories of Personal Information: Identifiers; Professional or Employment-Related Information; Internet or other Electronic Network Activity Information, and Geolocation Information. We do not use or disclose sensitive personal information as defined in the CCPA.
- Data Uses
Digma processes the personal data described in Section 1 as necessary for the provision of our Services (“Performance of Contract”); to comply with our legal and contractual obligations (“Legal Obligation”); and to support our legitimate interests in maintaining, improving and advertising our Services, e.g. in understanding how our Services are used and how our campaigns are performing, and gaining insights which help us dedicate our resources and efforts more efficiently; in marketing, advertising and selling our Services; providing customer service and technical support; and protecting and securing our business customers, Users, Prospects, ourselves and our Services (“Legitimate Interest”).
Specifically, we use your personal data for the following business and commercial purposes:
Users and Prospects
|Purpose||Legal basis for processing|
|To facilitate, operate, enhance, and provide our Services||Performance of Contract Legitimate Interest|
|To authenticate the identity of our Users, and to allow them to access our Services||Performance of Contract Legitimate Interest|
|To provide our Users and Prospects assistance and support||Performance of ContractLegitimate Interest|
|To further develop, customize, and improve the Services, based on common or personal preferences, experiences, and difficulties||Legitimate Interest|
|To perform, facilitate and optimize our marketing campaigns, ad management and sales operations, as well as promotional messages and to manage and deliver advertisements for our products and services more effectively||Legitimate InterestConsent|
|To contact our Users and Prospects with general or personalized service-related messages that may be of specific interest to them||Performance of ContractLegitimate InterestConsent|
|To support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity||Legal Obligation Legitimate Interest|
|To create aggregated data, inferred non-personal data or anonymized or pseudonymized data (de-identified data), which we or our business customers or partners may use to provide and improve our respective services or for any other purpose||Legitimate Interest|
|To comply with our contractual and legal obligations and requirements, and maintain our compliance with applicable laws, regulations and standards||Performance of ContractLegal Obligation|
|For any other purpose that you consent to||Consent|
We do not sell your personal information for the intents and purposes of the CCPA.
- Data Location
We and our authorized Service Providers (per Section 5 below) maintain, store and process personal data including in the United States, Israel and the European Union and other locations, as reasonably necessary for the proper performance and delivery of our Services, or as may be required by law.
To the extent we transfer personal data from the European Economic Area (EEA), UK, or Switzerland to countries which that are not considered to offer an adequate level of data protection, we rely on appropriate data transfer mechanisms as established under applicable law, such as the standard contractual clauses (SCCs) adopted by the EU and the UK. You can request a copy of these SCCs by contacting us as indicated in Section 10 below.
- Data Retention
We retain your personal data for as long as it is reasonably necessary to provide you with our Services and to maintain and expand our relationship; to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (e.g. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy and at our reasonable discretion.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of such data, the potential risk of harm from unauthorized use or disclosure of such data, the purposes for which we process it, and the applicable legal requirements.
If you have any questions about our data retention policy, please contact us by e-mail at firstname.lastname@example.org.
- Data Disclosure
We may disclose your data for a business purpose with certain third parties, including law enforcement agencies, our Service Providers and our affiliates, in accordance with this Policy and as described below:
Service Providers: we engage selected third-party entities or individuals as “Service Providers” to perform services complementary to our own. Such Service Providers may include hosting and server co-location services, communications and content delivery networks (CDNs), data analytics services, marketing and advertising services, data and cyber security services, fraud detection, investigation and prevention services, e-mail, video conferencing and communication services, session or activity recording services, social and advertising networks, support and customer relation management systems, third-party customer support providers, and our legal, compliance and financial advisors and auditors. These Service Providers may have access to your personal data, depending on each of their specific roles and purposes in facilitating, supporting and enhancing our Services, and may only use it for such purposes.
Business Customers and Partners: Our customers and partners may have access to any personal data we process on their behalf, should you use the Services under their organizational account.
Legal Compliance: in exceptional circumstances, we may disclose or allow government and law enforcement officials access to your personal data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations, with or without notice to you. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity our Users, Prospects and our Services.
Protecting Rights and Safety: we may disclose personal data with others if we believe in good faith that this will help protect the rights, property or personal safety of Digma, our business customers, Users, Prospects, or any members of the general public.
Change of control or ownership. If Digma undergoes any change in control, including by means of merger, acquisition or purchase of any of its assets, your personal data may be shared with the parties involved in such an event. If we believe that such an event might materially affect your personal data then stored with us, we will notify you of this and the choices you may have via e-mail or prominent notice on our Services.
Additional sharing: For the avoidance of doubt, we may disclose personal data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal, non-identifiable and anonymous.
For the purposes of the CCPA, in the past twelve (12) months, we may have disclosed Identifiers; Professional or Employment-Related Information; and Internet or other Electronic Network Activity Information to government and law enforcement officials, Service Providers, subsidiaries and affiliates, and in the context of a change of control.
- Cookies and Tracking Technologies
Cookies are small text files that are stored through the browser on your computer or mobile device (for example, Google Chrome or Safari) when you visit a website. Some cookies are removed when you close your browser session – these are the “session cookies”. Some last for longer periods and are called “persistent cookies”. We use both types of cookies to facilitate the use of the Services’ features and tools. While we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, you can manage your cookies preferences, including whether or not to accept them and how to remove them, through your browser settings. Please bear in mind that disabling cookies may complicate or even prevent you from using the Site. For more information regarding cookies, you may find the following websites useful: www.allaboutcookies.org, www.youronlinechoices.co.uk.
We use Persistent Cookies to remember your log-in details and make it easier for you to log-in the next time you access our platform. We may use Session Cookies for additional purposes, to facilitate the use of the features and tools available in our Services. We may also use HTML5 local storage or Flash cookies for the above-mentioned purposes. These technologies differ from browser cookies in the amount and type of data they store, and how they store it.
We also use web analytics tools, including Google Analytics. These tools help us understand User and Prospect behavior on our Services, including by tracking page content, and click/touch, movements, scrolls and keystroke activities. Further information about the privacy practices of our analytics service provider is available at: www.google.com/policies/privacy/partners/. Further information about your option to opt-out of these analytics services is available at: https://tools.google.com/dlpage/gaoptout.
Please note that if you get a new computer, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you may also clear the opt-out cookies installed once you opt-out, so an additional opt-out will be necessary to prevent additional tracking.
We may engage in service and promotional communications through any of the means available to us (e.g., e-mails, text messages and notifications).
Service Communications: we may contact you with important information regarding our Services. For example, we may send you notifications (through any of the means available to us) of changes or updates to our Services (such as login attempts or password reset instructions, alerts and notifications concerning anomalies detected by our Services, surveys, etc.). You can control your communications and notifications in accordance with the instructions included in the communications sent to you. Please note that you will not be able to opt-out of receiving certain service communications which are integral to your use.
Notifications and Promotional Communications: we may also notify you about new features, additional offerings, events, webinars, special opportunities or any other information we think you may find valuable. We may provide such notices through any of the contact means available to us (e.g., e-mail), through the Services, or through our marketing campaigns on any other sites or platforms. Furthermore, if you contact us with an inquiry, we may respond with promotional e-mails related to your inquiry. For example, if you contact us with an inquiry about a feature you would like to see on one of our Services, we will use your contact information to later inform you once our Services have been updated to include features similar to those you inquired about or other features you may be interested in. To control your notifications settings, please follow the instructions included in the promotional communications sent to you. If you do not wish to receive such communication, you may also notify us by sending an e-mail to email@example.com or opt-out of these e-mail updates by following the “unsubscribe”, “stop”, “opt-out” or “change e-mail preferences” link located at the bottom of the e-mail.
- Data Security
In order to protect your personal data held with us, we use industry-standard physical, procedural and technical security measures to secure your personal data, in to minimize the risks of theft, damage, loss of information, or unauthorized access or use of personal data.
However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any personal data stored with us or with any third parties as described in Section 5 above.
- Data Subject Rights
If you wish to exercise your privacy rights under any applicable law, including the EU or UK General Data Protection Regulation (GDPR), the CCPA or other relevant laws, please contact us by email at firstname.lastname@example.org. Such rights may include (to the extent available to you under the laws which apply to you), the right to know / request access to (specific pieces of personal information collected; categories of personal information collected; categories of sources from whom the personal information was collected; purpose of collecting personal information; categories of third parties with whom we have shared personal information), to request rectification or erasure of, your personal data held with Digma; to restrict the processing of such data and to object to its processing (including, for California Residents, the right to direct us not to sell or share your personal information to third parties now or in the future, as indicated below); to port such data; or the right to equal services and prices (each to the extent available to you under the laws that apply to you).
If you would like to opt out of the “sale” or “sharing” (as such terms are defined under the CCPA) of your personal information for cross-context behavioral advertising, please contact us at email@example.com.
Please note that we may require additional information, including certain personal data, in order to authenticate and process your request. Such additional information may be then retained by us for legal purposes (e.g., as proof of the identity of the person submitting the request), in accordance with Section 4 above. We may redact from the data which we make available to you, any personal data related to other individuals.
Additionally, you have a right to lodge a complaint with a competent authority, such as the supervisory authority in the EU Member State of your habitual residence, place of work, or of the alleged GDPR infringement, the UK’s Information Commissioner’s Office, or your State’s Attorney General (as applicable).
10. Additional Information and Contact Details
Children: Our Services are not directed to children under the age of 16. We do not knowingly collect personal data from children and do not wish to do so. If we learn that a child under this age is using the Services, we will attempt to prohibit and block such use and will make our best efforts to promptly delete any personal data stored with us with regard to such child. If you believe that we might have any such data, please contact us by e-mail at firstname.lastname@example.org.
Last updated: November, 2023.