Last Updated: April 2024
If you are located in the European Economic Area, U.K., or Switzerland, you may have rights under the General Data Protection Regulation (the “GDPR”). Under the GDPR, Unacast is required to provide individuals with certain information about the processing of their “Personal Data” and rights available to them with respect to such Personal Data.
This Privacy Notice applies to personal data Unacast collects as part of our Data Services, and through our Website. For a general description of the services provided by Unacast, the type of data we collect, how we share such data, and secure it, please refer to our general Privacy Policy (the “Privacy Policy”). Any capitalized terms used herein and not defined shall have the meaning set forth in such Privacy Policy.
The GDPR defines “Personal Data” as any data that identifies or can identify a particular unique user or device, including, name, address, mobile device identifiers, precise location data*, IP, cookie identifiers, and biometric data, among others.
* For clarity, “precise location data” does not mean “real-time” data. Instead, it is information that describes the precise geographic location of a device derived through any technology that is capable of determining with reasonable specificity the actual physical location of a device.
The GDPR grants you a number of rights with respect to your Personal Data that controllers, such as Unacast, may hold about you. Each of your rights is outlined in more detail below:
For more details on the rights you have in respect of your personal data, please refer to the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en)
In order to exercise any of the rights described above, please contact us at gravyanalytics@datarep.com.
We may need to request specific information from you to help us confirm your identity and assist us in responding to your request. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We will only use the information you provide to us when exercising your rights above to verify your identity or authority to make the request.
We will deliver our written response by mail or electronically, at your option. We will not charge you a fee for access to your personal information (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, excessive, or manifestly unfounded, or we may refuse to comply with your request in these circumstances.
Should you have a complaint, please contact us as soon as possible. If you feel that your complaint has not been adequately resolved, please note that the GDPR gives you the right to contact your local data protection supervisory authority.
In respect of each of the purposes for which we use your Personal Data, the GDPR requires us to ensure that we have a legally justified reason, or “legal basis” for that use. Most commonly, our legal basis for processing your Personal Data will be:
Unacast may share your Personal Data with third parties who are located in jurisdictions outside the EEA, U.K., or Switzerland. These jurisdictions have privacy laws that the European Commission considers are less protective of Personal Data than the privacy laws in your own country.
When we transfer Personal Data outside of the EEA, U.K., or Switzerland, or to countries the EU has deemed as having inadequate protections, we take steps to make sure that appropriate safeguards are in place to protect your Personal Data, including, but not limited to, making such transfers in accordance with the European Commission approved Standard Contractual Clauses. In these Standard Contractual Clauses, we make commitments with respect to the privacy and security of such Personal Data. For more information on the Standard Contractual Clauses, please visit the following link: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en. Additionally, we take care to ensure that we and our representatives act in a manner that is consistent with our Privacy Policy and this Privacy Notice.
Unacast and its subsidiary and covered entity including Venntel, Inc., and Unacast, Inc., complies with the EU-US Data Privacy Framework Principles (“DPF”), U.K. and Swiss-US Privacy Shield Framework, UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF as set forth by the U.S. Department of Commerce and the European Commission, UK Government, and Swiss Federal Administration regarding the collection, use, and retention of Personal Data transferred from the EEA, U.K., or Switzerland to the United States. We have certified to the Department of Commerce that we adhere to the Data Privacy Framework Principles Privacy Shield Principles. If there is any conflict between the terms in our Privacy Policy, this Privacy Notice, and the Data Privacy Framework PrinciplesPrivacy Shield Principles, the Data Privacy Framework PrinciplesPrivacy Shield Principles shall take precedence. To learn more about the Data Privacy Framework program Privacy Shield program, the Data Privacy Framework Principles, and to view our certification, please visit https://www.dataprivacyframework.gov.
As described in the Data Privacy Framework Principles, Unacast is accountable for Personal Data that it receives and subsequently transfers to third parties to the extent such third parties who process Personal Data on our behalf do so in a manner that does not comply with the Data Privacy Framework Principles, unless we prove that we are not responsible for the event giving rise to the damage. We are not, however, liable for the data handling practices of our third-party partners and customers unless they are acting on our behalf.
In compliance with the Data Privacy Framework Principles, Unacast commits to resolve complaints about our collection or use of your Personal Data. EEA, U.K. or Swiss individuals with inquiries or complaints regarding this Privacy Notice should first contact us at:
Unacast
44679 Endicott Drive, Suite 300
Ashburn, VA 20147
privacy@unacast.com
Unacast has further committed to refer unresolved Data Privacy Framework complaints to The International Centre for Dispute Resolution-American Arbitration Association (ICDR-AAA), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.icdr.org/dpf for more information or to file a complaint. The services of AAA are provided at no cost to you.
As further explained in the Data Privacy Framework Principles, binding arbitration before a Data Privacy Framework Panel will also be made available to you in order to address residual complaints not resolved by any other means. Unacast is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Please contact us with any questions or comments about this EEA, U.K. & Switzerland Privacy Notice or our practices at:
Unacast
44679 Endicott Drive, Suite 300
Office 349
Ashburn, VA 20147
privacy@unacast.com
DataRep has locations in each of the 27 EU countries, the UK, and Norway & Iceland in the European Economic Area (EEA). If you want to raise a question to Unacast related to the GDPR or the exercise of your rights in respect of your personal data, you may do so by:
PLEASE NOTE: when mailing inquiries, it is ESSENTIAL that you mark your letters for “DataRep”, and not “Unacast.” or your inquiry may not reach DataRep. Please refer clearly to Unacast. in your correspondence. Please do not contact DataRep for any general inquiries regarding Unacast’s services.
You may opt out of the sale of Personal Information about you by filling out the form here: Do Not Sell My Information
You may also submit opt-out requests by emailing us at privacy@unacast.com.