Daniel J. Edelman Holdings, Inc. and its affiliated companies worldwide (together these are "DJEH Group" and each is a "DJEH Affiliated Company" and referred to herein as the “Company”, “we”, “us” or “our”) are strongly committed to protecting your privacy.
- How this policy works with our other privacy notices and policies
- Information We Collect and How We Collect It
- How We Use Your Personal Information
- Disclosure to Third Parties
- How We Secure Your Personal Information
- How We Retain Information We Collect
- Children’s Privacy
- Links to Other Websites
- Notice to California Residents: California Privacy Rights
- Cloud Services
- Processing Subject to EU and UK Data Protection Rules
- Internal and Independent Recourse Mechanisms
- Notification of Changes
- Accessing and updating your information; Limiting or Opting-out
- How to Contact Us
How this policy works with our other privacy notices and policies
Information We Collect and How We Collect It
In terms of the type of information we collect, there are two basic types: Personal Information and non-Personal Information.
- Personal Information is information that relates (directly or indirectly) to you. Specifically, we may collect and process, among other things, the following information about you:
- Personal identifiers, such as your name, address, email address, telephone number.
- Web use information, such as IP address, website, other unique identifiers associated with you, your computer or other mobile device, your internet or other electronic network activity.
- Other information voluntarily provided to us by you when contacting us through the Website or responding to calls to action on the Website, e.g., user submissions, subscription requests, requests for further information about our services.
- Information associated with or derived from other information about you that we process, such as, inferences.
- Non-Personal Information is information that does not relate to you, such as aggregated, de-identified, or anonymous data. This type of information gives us insights regarding, for example, how visitors use the Website and which sections are of interest. This information is used for our commercial purposes, including to ensure the effectiveness of our Website, email communications and that marketing efforts continue to appeal to existing and potential clients and collaborators. Additionally, we may collect aggregate or anonymized demographic information while providing services to our clients, such as demographic information about an audience’s particular interests.
Information You Provide
Information We Obtain Through Our Services
Information From Third Parties and Publicly Available Sources
We may collect Personal Information about you and/or influencers from third parties (e.g. their employer) or from publicly available sources (e.g. Facebook, Instagram, Twitter, and LinkedIn) including via publicly available application programming interfaces provided by social media platforms). Collection from public sources may also be subject to our Influencer Privacy Notice.
Cookies and Other Tracking Technologies
How We Use Your Personal Information
We may process your Personal Information where we have your consent to do so, such as communicating with you about an event you attended or campaign you were involved in. You have a right to withdraw your consent at any time but doing so may prevent us from providing a service to you or responding to a request that you have made.
To Perform a Contract with You
We may use your Personal Information to perform a contract with you or take steps at your request prior to entering into such a contract. This processing may include providing you with information, products, and services.
Legitimate interests may also include use of your Personal Information for product development, algorithmic model improvement, and statistical analysis to improve our services and Website experience. For model development and statistical analysis, we make every reasonable effort to use anonymized or de-identified information where possible and have implemented best practices to limit the use of your Personal Information for analytic purposes.
Where we process your Personal Information on the grounds that it is necessary for any person's legitimate interest, we will confirm that these interests are not overridden by your interests or fundamental rights and freedoms.
For Fraud, Misuse Prevention, or Otherwise Required by Law
We may disclose your Personal Information including information about you or your use of the Website where permitted by law, including where necessary to protect the vital interests of an individual or to satisfy any applicable law, regulation, legal process or lawful governmental request.
Disclosure to Third Parties
We may provide your Personal Information to service providers where necessary as part of the management of the DJEH Group. We require all such third parties to respect the security of your Personal Information and to treat it in accordance with the law. We do not allow our third-party service providers to use your Personal Information for their own purposes and only permit them to process your Personal Information for specified purposes and in accordance with our instructions
In addition to service providers, we may also disclose your Personal Information to the following categories of data recipients where necessary for any of the lawful purposes set out in this Policy:
- Our clients
- Marketing and advertising partners
- Third parties to a business transaction, such as a merger, sale, liquidation, acquisition, reorganization, or other transfer of any our assets, whether as a going concern or part of a bankruptcy, liquidation, or similar proceeding
- With the company or organization you represent upon their request
- With you or other third parties at your express direction
- Law enforcement, regulators, and other parties where permitted by law
How We Secure Your Personal Information
We understand that the security of your Personal Information is extremely important. Accordingly, we use appropriate administrative, physical, and technical safeguards to keep your Personal Information protected from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account cost, technology, the risks involved in the processing and the nature of the Personal Information. It is important to keep in mind, however, that no security measures are absolutely effective. Although we will apply appropriate measures to protect your Personal Information, we cannot guarantee the security of your Personal Information, and any transmission to us is at your own risk.
If you should become aware of any known or suspected incidents of unauthorized access to, use of, or disclosure of any Personal Information, you should report them immediately to the following email address: email@example.com. We investigate all reported claims of data incidents.
How We Retain Information We Collect
We store Personal Information for as long as necessary to provide services to you and our clients, to comply with legal obligations, or to administer our services, in each case in accordance with our data retention practices and policy. Because of the nature of developing and refining statistical models, this may involve retaining your information for a period after our underlying contract expires, but where possible, we keep this information in an aggregated, de-identified format. We review our data retention policies periodically and comply with all legal requirements. Your Personal Information is stored on servers and retained by or on behalf of the DJEH Group.
We understand the need to protect the privacy of children. The Website is not intended for use by individuals under 16 years of age. We do not knowingly collect Personal Information from children under the age of 16 through our Website.
Our Website may contain links to other websites that we do not control. We are not responsible for any websites that we do not own or operate. You should carefully review the privacy policies and practices of other websites that you link to from the Website, as we cannot control or be responsible for their privacy practices.
Notice to California Residents: California Privacy Rights
California law provides residents of California a number of rights as they relate to personal information collected under circumstances specified by applicable law. These are the “right to know,” the “right to delete,” and the “right to opt out.” We do not “sell” “personal information” as these terms are defined and set forth under California privacy law.
Right to Know. You may request that we provide you specific pieces of personal information that we have about you; categories of personal information we have collected about you; categories of sources from which the personal information is collected; categories of personal information that we sold or disclosed for a business purpose about you; categories of third parties to whom the personal information was sold or disclosed for a business purpose; and the business or commercial purpose for collecting or selling personal information.
Right to Delete. California law gives residents a limited right to request deletion of their personal information. However, this right is limited by a number of exceptions, including processing personal information in the context of our role as a service provider to our clients. Fundamentally, if we have a permissible need to retain personal information, we are not under an obligation to delete such information, even when requested. Generally, we retain personal information so we may complete the transaction for which the personal information was collected, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between us and you; detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity; enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us; comply with a legal obligation; or otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information. As such, we generally do not accept requests to delete personal information in its entirety. However, we will respond to requests to remove personal information from some of our systems as a part of a request to close or otherwise disable a membership account.
Right to Opt Out. We may share personal information with clients or partners for marketing purposes. If the processing is outside of our role as a service provider, you may choose to opt out of the sharing of your personal information with third parties for marketing purposes by submitting a request as set forth below.
Designating an Authorized Agent. California law permits California residents to designate an agent to manage their rights under California law. If you would like to designate an agent to manage your privacy preferences, you may do so using the mechanisms noted below under “Exercising California Privacy Rights”.
Non-discrimination. California law does not permit us to discriminate against you because you exercised any your rights under this title, including, but not limited to, by: denying you access to goods or services; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; providing a different level or quality of goods or services; suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Exercising California Privacy Rights. If you are a California resident and would like to exercise any of your rights please submit your request in writing to firstname.lastname@example.org or by using our CCPA Request Form. Please note that with respect to any request we reserve the right to seek additional personal information in order to verify your identity and your or your agent’s rights to the data subject to your request.
Processing Subject to EU and UK Data Protection Rules
Applicable data protection rules (particularly those of the EU and UK) restrict the transfer of Personal Information to jurisdictions that do not have levels of protection that are deemed adequate. Where necessary we rely on Standard Contractual Clauses approved by the EU Commission and the UK Government (“SCCs”) to permit the transfer of Personal Information among members of the DJEH Group, and with our clients. We require all service providers who may process personal data across borders to execute SCCs where necessary. We maintain policies and procedures designed to assess the risks associated with the processing of Personal Information and protect Personal Information in a manner calculated to address those risks in jurisdictions such as the United States where the data privacy laws are deemed to be inadequate so that the protection in the United States is equivalent to the protections afforded data subjects in their country of origin.
Daniel J. Edelman Holdings, Inc. has self-certified with the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries in connection with the EU-US Data Privacy Framework Principles ("Privacy Framework Principles") as part of the Privacy Framework Program. While this certification, in and of itself, is not considered by the EU and UK authorities to provide an adequate level of protection, Daniel J. Edelman Holdings Inc nonetheless considers that compliance with the Privacy Framework Principles provides a level of protection with regard to the processing of personal data and transparency with regard to our data processing standards. To learn more about the Privacy Framework Program, and to view Daniel J. Edelman Holdings, Inc.’s certification, please visit http://www.privacyshield.gov.
Internal and Independent Recourse Mechanisms
Notification of Changes
Accessing and updating your information; Limiting or Opting-out
Where the EU, UK or other relevant data protection rules provide, you have the right (subject to any limitations set out in the applicable laws) to:
- Access your Personal Information
- Request correction of your Personal Information, though we may need to verify the accuracy of any new data you provide.
- Request erasure of your Personal Information in certain situations.
- Object to processing of your Personal Information where we are relying on a legitimate interest in certain situation.
- Object to processing your Personal Information for direct marketing purposes.
- Request restriction of processing of your Personal Information in certain situations.
- Request the transfer of your certain of your Personal Information to you or a third party.
- Withdraw any consent you gave to processing your Personal Information.
If you would like to exercise any of these rights, you may contact us at email@example.com. Similarly, Website users who wish to subscribe or unsubscribe to our marketing and informational communications or limit our use of any Personal Information in any way may do so by using the subscribe/unsubscribe options contained in our emails or by sending an email to firstname.lastname@example.org. We will comply with all legal requirements as it relates to a valid legal request. To verify your identity, we may also ask for additional information to authenticate your request. In some circumstances we will not be able to limit use of your Personal Information without unsubscribing you from communications or deleting your information.
How to Contact Us