Learn how you can Unlock Limitless Customer Lifetime Value with CleverTap’s All-in-One Customer Engagement Platform.
The Federal Trade Commission (FTC) has jurisdiction over CleverTap’s compliance with the EU-U.S. Data Privacy Program Framework.
All CleverTap employees who handle Personal Data from Europe and/or Switzerland are required to comply with the Principles stated in this Policy.
This Policy applies to the processing of Personally Data that CleverTap receives or collects in the United States or transfers to the United States concerning Individuals who reside in the European Union, the United Kingdom and Gibraltar, or Switzerland.
This Policy does not cover data from which individual persons cannot be identified or situations in which pseudonyms are used. (The use of pseudonyms involves the replacement of names or other identifiers with substitutes so that identification of individual persons is not possible.)
The types of information that we may collect (directly from you or from third-party sources) and our privacy practices depend on the nature of the relationship you have with CLEVERTAP and the requirements of applicable law. This section describes how we collect and use that information. This includes an overview of the type of information that we collect directly and automatically, the types of information that we receive from other sources, and why we collect that information.
Personal Data.“Personal Data” is information relating to a specific identified or identifiable person. Generally, CleverTap collects two types of Personal Data, Personal Data from Website users, Customer Representatives, and Personal Data from Customer End Users.
Other Tracking Devices. When you access the CleverTap Service, or open or click an email, pixel tags and web beacons generate a Non-Personally Identifiable notice of that action. Pixel tags allow us to measure and improve our understanding of visitor traffic and behavior on the CleverTap Service, as well as give us a way to measure our promotions and performance. We may also utilize pixel tags and web beacons provided by our marketing partners for the same purposes.
For sensitive information (e.g., that specifying medical/health conditions, racial/ethnic origin, political or religious beliefs, or sex life of the individual), organizations must obtain affirmative, express consent (opt-in) from individuals if such information is to be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by the individuals through the exercise of opt-in choice.
In order to operate our websites and provide services, we may provide personal, aggregate and other associated data to third parties including our services providers and vendors that provide or perform services for us, including services such as payment processing, database management, and professional services. CleverTap discloses Personal Data only to third parties who reasonably need to know such data for the scope of the initial transaction and not for other purposes.
Such third parties must agree to use the personal data only for the purpose for which they have been engaged by CleverTap and confirm that their privacy practices are consistent with this Policy.
On occasion, we may also share Personal Data concerning a visitor with our affiliates (such as a subsidiary or affiliate of our company) and Clients in furtherance of our operations and as needed to implement visitor request.
We remain responsible for the Personal Data that we share with third parties for processing on our behalf, and we remain liable under the Principles if such third parties process such Personal Data in a manner inconsistent with the principles if we are responsible for the event giving rise to the damage.
Please be aware that CleverTap may be required to disclose Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
The EU and UK’s General Data Protection Regulation (GDPR) specifies that EU and UK residents have the following rights regarding the collection, storage, and processing of their personal information:
In compliance with both the EU and UK’s GDPR, CleverTap commits to resolving applicable inquiries and requests related to these rights. Residents of the EU and UK can send us an email to email@example.com.
In compliance with the EU-US Data Privacy Framework Principles, CleverTap commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, UK, Gibraltarian, and Swiss individuals with DPF inquiries or complaints should first contact CleverTap at firstname.lastname@example.org.
CleverTap has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2
This Policy may be amended from time to time, consistent with the Principles and applicable data protection and privacy laws. If we make any material changes we will notify visitors by means of a notice on our website prior to the change becoming effective. We encourage visitors to periodically review this page for the latest information on our privacy practices.
For the purposes of this Policy, the following terms have the following meaning;
Personal Data as defined under the European Union Regulation 2016/679 (the GDPR) means any information relating to an identified or identifiable natural person (‘data subject’)
Data Subject means an identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
Sensitive Data (or special categories of personal data) means specifically personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, concerning health, genetic and biometric data, sex life, or sexual orientation. The same extra safeguards under the GDPR will apply to criminal convictions and offences data.