Privacy Policy (Datalou) (00270095-3).DOCX

DATALOU PRIVACY POLICY
Last updated: 1/16/19

Who We Are
Datalou, LLC ("Datalou", “we”, “our”, “us”) takes your privacy seriously. As electronic commerce increases and the volume of data transmission over telecommunications networks steadily rises, maintaining the trust of our customers, clients, suppliers, and users necessitates vigilant, responsible privacy protections.

     About This Privacy Policy

This privacy policy (the “Privacy Policy”) applies to the personal data that you provide to us or that we collect about you through our website (www.datalou.com) and all related sites, software and services provide by us (together, the “Services”). We realize that privacy is an important issue for our clients, suppliers and other users of this site. Please read the following to learn more about how we collect, use and safeguard the information you provide through this site. This Privacy Policy may be revised from time to time, so please revisit this page often to remain fully informed of our policies.

Key Terms

·         Personal data means information about individuals (including you) and information from which such individuals could be identified.

·         You means any individual whose personal data we process.

·         Special category data means data relating to racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, health data, biometric data or sexual orientation.

What Information Does Datalou Collect from You?

Through our website, Datalou collects the following information:

(i)   information you provide to us

(ii)  information collected automatically; and

(iii) information we obtain from third parties

We do not collect, request, receive or otherwise process any special category data about you.

 

Information You Provide to Us

We ask for and collect the following information when you use the Services:

·         Identity and profile information: At the time you become a registered customer of Datalou or signup as a supplier on the site, we request that you provide us with certain personal information, including: name, address, phone number, email address, Federal Employer ID Number, and financial and insurance information. When you browse the non-password protected portions of our site, you do so anonymously.

·         Communications: Our site permits you to contact us via email. Whenever you send an email via our site, you will be providing us with your name, title, email address, phone number and any information you choose to include in the text of your message. For example, you may choose to provide your mailing address or other information necessary or helpful for us to address your query or other concern.

Information We Collect Automatically

We collect certain information automatically when you use the Services. This information includes:

·         Location data: we may collect data about your IP address and geographical location. We use this data to provide you with location-based services. We support Do Not Track, which is a preference you can set in your web browser to inform websites that you do not wish to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser.

·         Cookies: we use cookies and other similar technologies to track certain behavior on our behalf. Cookies are small strings of text that are sent by our website to your browser and then stored by your browser on your computer’s hard drive. We may use cookies to help diagnose problems with our services and to administer or website.

·         Automated profiling: in some circumstances, we may use automated profiling to provide targeting advertising based on our usage of Services or your geographical location.   

Information We Receive from Other Sources

·         Service providers and business partners: we may also receive information about you from our service providers and business partners, including companies that assist with analytics, data processing and management (e.g. to measure ad quality and responses to ads, and to display ads that are more likely to be relevant to you), account management, customer and technical support, hosting and other services which we use to personalize your Datalou experience. When we receive information from other sources, we rely on them having the appropriate provisions in place telling you how they collect data and who they may share it with.

·         Suppliers should note that our "Customer Branded Sites," through which they may register and/or provide information, are provided jointly with the applicable customers. The use of information collected by Datalou though these Customer Branded Sites is subject to this Privacy Policy.

How is Your Personal Information Used?

In accordance with data protection laws, we will only process personal data where we have a lawful basis for doing so. In respect to your personal data, these bases are: (a) where it is necessary for the performance of a contract we have with you; (b) where we are required to do so in accordance with legal or regulatory obligations; (c) where you have given your consent; and (d) where it is in our (or a third party’s) legitimate interests to process your personal data, provided that those interests do not prejudice your own rights, freedoms, and interest. The following are a list of purposes for which we process personal data.

·         To carry out our obligations arising from any contracts entered into between you and us (for example, our terms and conditions);

·         To provide you with the information, services, and newsletters that you request from us;

·         To respond to your enquiries or to process your requests in relation to your information;

·         To provide, improve and personalize our Services;

·         To inform you about important changes or developments to our Services;

·         To ensure that our Services are presented in the most effective manner for you and for your device;

·         To detect and protect us against error, fraud and other criminal activity, and enforce our Terms and Conditions;

·         For internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes;

·         To allow you to participate in interactive features of our Services, if and when you choose to do so;

·         To provide target advertising;

·         To provide customers with information about suppliers.

 Sharing Your Personal Data

The following describes the ways in which we may share your personal data in the normal course of business and in order to provide our Services:

·         With your consent: we will disclose your personal data when and if you have agreed that we may do so. We will make this clear to you at the point at which we collect your personal data, including the purpose(s) for which we will use the personal data.

·         Service providers: we use third-party service providers to facilitate or outsource some aspects of our business, products and Services and some of these service providers will process your personal data.

·         If required by law: we may be required to disclose your personal data by law, in response to a valid court or other authority order, or to respond to request relating to criminal investigations.

·         Change of control: if a business transfer or change of business ownership takes place or is envisaged, we may transfer your personal data to the new owner (or a prospective new owner). If this happens, you will be informed of this transfer.

·         Protecting our rights: We may disclose your personal data if we feel this is necessary in order to protect or defense our legitimate rights and interests and/or to ensure the safety and security of the Services.

Modifications

We strive to maintain the accuracy of any personally identifiable or business information that may be collected from you and will use our commercially reasonable efforts to respond promptly to update our database when you tell us the information in our database is not accurate. It is your responsibility to ensure that such information is accurate, complete and up-to-date. You may obtain from us, by email, the information in our records and/or files. If you wish to make any changes to any personally identifiable or business information you have provided to us, you may do so at any time by contacting us at privacypolicy@datalou.com.

Marketing and Opt-Out

Datalou may offer a marketing newsletter, which we will only send to you if you expressly consent to receive it. You may opt out of receiving marketing communications from us and our affiliates at any time by following the opt-out link provided in any email received from us or by emailing us at privacypolicy@datalou.com.

Behavioral Marketing

We may use remarketing services to advertise to you on third party websites after you have visited or used our Services. We, and our third-party vendors, may use cookies to inform, optimize and serve ads based on your past visits to our Services.

Consequences of Not Providing Information

You may choose not to provide us with your personally identifiable information or business information. However, choosing not to provide certain requested information may prevent you from accessing and taking advantage of certain services offered by Datalou.

Protecting Your Personal Data

Datalou employs physical, electronic and managerial safeguards to protect the personal data we receive from you. This includes our requirement for user names and Member IDs to access sensitive data and our use of industry-standard SSL encryption to protect data transmissions. You should not share your password with anyone. In addition, if you suspect unauthorized access to your information, it is your responsibility to contact Datalou immediately. Datalou personnel will never ask you to divulge your password in written or electronic communications. We will only ask you for your password when you contact us and only in cases where you request customer service to correct a service problem which requires your password.

We maintain technical, administrative, and physical safeguards that are designed to prevent unauthorized access, use, or disclosure of personal data we collect and store. We regularly monitor our systems for possible vulnerabilities and attacks. Please be aware that Internet data transmission is not always secure, and we cannot warrant that information you transmit utilizing this site is secure. Because security is important to both Datalou and you, we will always make reasonable efforts to ensure the security of our systems.

When we use third party organizations to process your personal data on our behalf, we require that they: (a) have appropriate security arrangements in place; (b) must comply with our contractual requirements and instructions; and (c) must ensure compliance with GDPR and any other relevant data protection legislation, all as required under GDPR.

International Data Transfers

Datalou operates globally and may share your information internationally for the purposes described in this Privacy Policy. Datalou is based in the United States. Information collected within the European Economic Area (“EEA”), will therefore be transferred to countries outside of the EEA for purposes described in this Privacy Policy. We use appropriate safeguards to ensure the lawful transfer of your personal data outside the EEA.

Retaining Your Personal Data

It is our policy to retain your personal data for no more than the length of time required for the specific purposes for which it is processed by us and which are set out in this Privacy Policy. However, we may sometimes need to keep your personal data for a longer period of time, for example, where required by our legal obligations, or in order to ensure we have effective IT back-up systems. In such cases, we will ensure that your personal data will continue to be treated in accordance with this Privacy Policy, we will restrict access to any archived personal data, and ensure that all personal data is held securely and kept confidential.

In any event, we will always delete any personal data when you request us to do so (unless we are prevented by law).

Your Rights

You have various rights in relation to your personal data, including:

·         The right of access to a copy of the personal data we hold about you;

·         The right to require us to correct any inaccuracies in your personal data;

·         The right to object to decisions about you being taken by automated means;

·         Where we have sought your consent, the right to withdraw your consent at any time; and

·         The right to ask us not to process your personal data for direct marketing purposes (although, we do no currently undertake any direct marketing).

You may also have the following rights in relation to your personal data in certain circumstances:

·         The right to restrict or object to our use of your personal data;

·         The right to require us to provide a copy of your personal data to others; and

·         The right to require us to erase your personal data.

Please be aware that these rights are not always absolute and there may be situations in which you cannot exercise them, or they are not relevant. If you wish to exercise any of your rights, please contact us at privacypolicy@datalou.com.

Children

Datalou is not intended for use by children. Individuals under the age of 13 are not permitted to use the Services and must not attempt to register an account or submit any personal data to us. We do not knowingly collect any personal data from any person who is under the age of 13 or allow them to register an account. If it comes to our attention that we have collected personal data from a person under the age of 13, we will delete this information as soon as possible. If you are a parent or guardian and you learn that your child, under the age of 13, has provided us with personal data, please notify us immediately at privacypolicy@datalou.com.

Changes to this Privacy Policy

This Privacy Policy may change from time to time and, if it does, the up-to-date version will always be available on our Services. If we make changes to this Privacy Policy, we will post the revised Privacy Policy on the Services and update the “Last Updated” date at the top of this page. Please be sure to periodically check this page to ensure that you are aware of any changes to this Privacy Policy. Any material changes to this Privacy Policy will be communicated to users by a notification to their email and/or by posting notice of the change on the Services.

Questions?

Datalou’s goal is to make our privacy practices easy to understand. If you have questions, concerns or if you would like  more detailed information, please email us at privacypolicy@datalou.com.

If you have questions about the information provided in this Privacy Policy, or you have a concern or complaint about the way in which we process your personal data, please contact privacypolicy@datalou.com.

Mailing address for other inquiries:
Datalou, LLC
Attn: Chief Privacy Officer
2530 Meridian Parkway
Durham, NC 27713