Privacy Policy

Aptiviti, Inc. (the legal entity that owns Enterprise Technology Research or ETR, and which is referred to herein as the “Company”, “we”, “us”, and “our”) respects your privacy and is committed to protecting your personal data. This “Privacy Policy” covers our data collection and processing activities, including: (i) what personal data we collect when you interact with us through our online channels (including our website and our data platform), and what we do with that personal data; (ii) how we collect and process information through the use of cookies and related tracking technologies on our online channels; and (iii) your data protection rights, including (where applicable) a right to object to processing and a right to withdraw your consent to processing, and how to exercise those rights.

More information about your rights and how to exercise them is provided in Sections 9.0 through 9.4, and the contact details of the Company are provided in Section 10.0.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your data. This Privacy Policy supplements any such other notices and is not intended to override them.

1.0. Company as data controller

The Company is responsible for the processing of your personal data as described in this Privacy Policy and acts as the controller of such personal data.

This Privacy Policy does not apply to the extent we process personal data in the role of a processor or service provider on behalf of one of our clients, in each case solely at such client’s request. In these specific circumstances, such client will act as the controller and shall have in place separate privacy and data security practices that will apply.

1.1. Updates to this Privacy Policy

This Privacy Policy may be updated at our discretion. We encourage you to check for changes to this Privacy Policy, the current version of which will be available on our website. If required by applicable law or regulations, we will advise you of changes to this Privacy Policy.

1.2. Third-party links

Our online channels may include links to, or functionality from, third-party websites, plug- ins, and applications. Clicking on those links or enabling that functionality may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy policy of each website that you visit or otherwise interact with.

2.0. What personal data do we collect and how?

"Personal data" means any personally identifiable information belonging to an identifiable natural person, and for the avoidance of doubt includes (i) "personal data" as defined in the General Data Protection Regulation, and (ii) "personally identifiable information" as defined in the California Consumer Privacy Act.

2.1. Categories of personal data collected

We may collect, create, use, store, and otherwise process different categories of personal data depending on how you use and interact with our products, services and online channels. We have grouped these categories as follows: (i) identifier data, including name, job title, and company name; (ii) contact data, including physical address(es), email address(es), and telephone number(s); (iii) profile data, including professional background, languages spoken, location and country of residence, relevant qualifications, and career history; (iv) due diligence data, including data made publicly available via social media and networking platforms; (v) financial data (if we need to pay you), including bank account details; (vi) transaction data, including interactions you may have had with us (e.g., parties entering and exiting our conference bridge, duration of calls, etc.) and any expert/client feedback; (vii) marketing and communications data, including your preferences in receiving marketing from us; (viii) technical data, including internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our online channels; and (ix) usage data, including information about how you use our online channels, products, and services. We may collect such categories of personal data either directly from you or from third parties and publicly available sources. From time to time, we may ask you to confirm the accuracy of the personal data we process about you.

2.2. When am I required to provide personal data?

You do not have to provide personal data to access our website. However, we may have a legal obligation to collect and process your personal data, or we may require your personal data, in order to provide you with specific products and services, including accessing our online channels. If you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you, and/or the quality of the products and services we provide to you might be affected.

3.0. Why we process your personal data and the lawful bases on which we rely

We collect and process your personal data for the following purposes: (i) in connection with performing a contract we are about to enter into or have entered into with you; (ii) when it is necessary for our legitimate interests and we have assessed that your interests, fundamental rights, and freedoms do not override those interests; (iii) when you have expressly consented to us processing your personal data; and (iv) to comply with a legal or regulatory obligation.

We rely on several lawful bases to collect and process your personal data. Where we rely on legitimate interests, we have carried out a balancing test to ensure: (i) the processing is lawful, proportionate, and conducted in accordance with this Privacy Policy; (ii) we have a legitimate business need to perform the processing; and (iii) there is no material likelihood of any adverse impact on your interests, fundamental rights, or freedoms because of the processing.

4.0. Cookies and related technologies

Cookies are small text files that are stored on your computer or mobile device. We use cookies on our online channels, including our website, to collect information that helps us to remember your preferences and to improve your user experience. We may also use other forms of technology, such as web beacons and embedded scripts, which serve a similar purpose to cookies and which allow us to monitor and improve our online channels and services. When we talk about cookies in this Privacy Policy, the term includes these other forms of technology.

4.1. Why do we use cookies?

Our online channels use the following types of cookies: (i) necessary cookies, which are essential to enable you to move around our online channels and to use their basic features; (ii) functional cookies, which perform certain non-essential functions when you engage with our content; and (iii) analytics and measurement cookies, which analyze online channel usage to measure and improve performance and browsing experience.

4.2. How can you manage cookies?

To control or disable cookies within most web browsers, please consult the “Help” or equivalent section of your web browser. Also, the contact details of the Company are provided in Section 10.0, and we will be happy to address any questions that you have regarding managing your cookies in connection with your usage of our online channels, products, and/or services.

5.0. Who do we share your personal data with?

We may share your personal data with our employees and the following third parties, in each case solely for the purposes described in Section 3.0 or otherwise with your consent: (i) service providers, which are third parties we engage to perform a function on our behalf; (ii) clients in connection with a particular project; (iii) experts in connection with a particular project; (iv) governmental authorities, regulators, or other third parties if we reasonably believe that we are required to do so under any applicable law or regulation; and (v) third parties in connection with a corporate sale, merger, reorganization, dissolution, or similar event.

We limit access to your personal data to those employees and third parties who have a business need to know.

6.0. Location

Your personal data may be transferred to and stored by the Company in the United States of America. It may also be transferred to third parties described in Section 5.0. who are based inside and/or outside of the United States of America.

7.0. Data security

We have enacted appropriate organizational, technical, and physical security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. Unfortunately, the transmission of information via the internet is not completely secure. Although we will protect your personal data in accordance with this Privacy Policy, we cannot guarantee the security of personal data that you transmit to us, and any such transmission is at your own risk. You are also responsible for protecting your log-in credentials to our online channels.

8.0. How long will you use my personal data for?

We will only retain your personal data for as long as we believe necessary to fulfill the legitimate purposes we collected it for in accordance with this Privacy Policy.

9.0. Your legal rights relating to your personal data

Subject to applicable laws and regulations, you may have rights in relation to your personal data, which may include the rights to: (i) request access to your personal data; (ii) request a correction to your personal data; (iii) request erasure of your personal data; (iv) object to and/or withdraw consent to the processing of your personal data; (v) request a restriction on the processing of your personal data; (vi) opt out of marketing communications; and (vii) request the transfer of your personal data to you or a third party.

9.1. How to exercise your rights

To exercise your rights, please contact us using the information in Section 10.0.

9.2. Fees

You will not have to pay a fee to access your personal data or to exercise your other rights. However, we may charge a reasonable fee if a request from you is unfounded, repetitive, or otherwise made in bad faith.

9.3. What we may need from you

Your personal data may be processed by us so we can respond to a request from you. We also may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise your other rights. To facilitate our response to your request, we may also contact you for further related information.

9.4. Response time

We will attempt to respond to all legitimate requests within one (1) month, though it may occasionally take us longer depending on the specifics and/or complexity of the request.

10.0 How can you get in touch with us?

If you have any questions regarding this Privacy Policy, or would like to exercise any of your rights hereunder or under any applicable laws or regulations, please send an email to legal@etr.ai. In lieu of sending an email, you may also write to us at ETR, 145 W. 28th St., 9th Floor, New York, NY 10001.