Platform & Services Privacy Policy

Last updated: August 1st, 2023

1. INTRODUCTION

This  Privacy Policy describes the privacy practices relating to the automated data discovery platform and other data services (“Platform & Services”) that Explorium Ltd (“Explorium”, “us,” or “we”) develops, operates, and offers to its customers (“Customers”). It describes the privacy practices for the information Explorium processes for a Customer which relates to the actual and prospective end users of our Customer’s business offering (“Customers End Users”). It also describes the privacy practices for the information Explorium processes about the Customer’s representatives who use our Platform & Services. 

Customers have separate agreements with Explorium governing our provision of services and Customers’ use of the  Platform & Services (“Agreements”). Those Agreements may contain additional obligations with respect to our handling of information, and nothing in this  Platform & Services Privacy Policy derogates from such additional obligations.

This  Privacy Policy does not apply, however, to Explorium’s privacy practices regarding information collected through Explorium’s publicly accessible website, https://www.explorium.ai/, or Explorium’s marketing activities, which are described under our Website Privacy Policy. To view the Website Privacy Policy, please click here.

2. YOUR DATA AND HOW WE RECEIVE OR COLLECT IT

We process three kinds of data in connection with the Platform & Services: Customer End User Data, Enrichment Data, and Platform & Services Usage Data. Each is described below.

Customer End User Data is the End User Data that a Customer decides, in their full discretion, to provide through  Platform & Services. This is End User Data that the Customer collected through its own activities and which the Customer requests that we process for them. We never collect information directly from a Customer End User and we never sell any Customer End User Data. We process this Customer End User Data for the Customer and under the Customer’s instructions. 

Enrichment Data is data that a Customer asks us to obtain for them, from external sources, such as data providers, public websites, or open government listings.  

Platform & Services Usage Data is information that we collect about the representatives of the Customer when they use the Platform & Services. These are the employees and representatives whom the Customers designate to use the  Platform & Services and to be in touch with us about it. We process their email, phone number, address, or other contact details. We also process Technical Information or Behavioral Information about them, as described below (collectively, “Platform & Services Usage Data”). 

 Platform & Services Usage Data includes:

  1. Technical information related to the use of a mobile device or computer to access the Platform & Services, including browser type, operating system, device type and model, system language, memory, OS version, Wi-Fi status, screen resolution, and IP address (“Technical Information”).
  2. Information related to how the Platform & Services are used, including where a Customer representative clicked, scrolled, focused (i.e., zoom), and navigated through the Platform & Services or information related to clicks on links contained in an email sent to the Customer representative about the Platform & Services (“Behavioral Information”).

We obtain Customer End User Data, Enrichment Data, and  Platform & Services Usage Data through the following methods:

  1. When the Customer provides Customer End User Data to the Platform & Services. Customers are solely responsible for obtaining any permissions necessary from Customer End Users before disclosing personal data to us. When a Customer discloses Customer End User Data to us, we serve as its processor and service provider .
  2. Platform & Services Usage Data is obtained through our use of third-party analytics providers on the Platform & Services. They collect information when representatives of Customers use the  Platform & Services. 
  3. We obtain Enrichment Data for the Customer from publicly available sources, such as public web pages, public social media profiles, review sites and information made available from federal, state, or local government records for public access.
  4. To the extent permitted by law and when we are requested by the Customer, we receive additional Enrichment Data such as corporate information, geographic locations, contact details, and other information through the various business support tools and services that we use (“Partners”). 

3. HOW WE USE YOUR DATA FOR BUSINESS AND COMMERCIAL PURPOSES

We process Customer End User Data and Enrichment Data to enable Customers’ optimal use of the  Platform & Services, to fulfill or meet the Customer’s request or to provide Explorium’s services, or to respond to an inquiry, to comply with our legal obligations, or to exercise and enforce our legal rights. 

We collect and use  Platform & Services Usage Data for the following purposes:

  1. To authenticate logins to the  Platform & Services by the Customer’s representatives;
  2. To communicate with the Customer’s representatives, including to inform them of any updates to the Platform & Services or services, such as new features and functionalities;
  3. To process any payments in connection with the  Platform & Services and our services;
  4. To understand how Customers use the Platform & Services so that we may efficiently audit, maintain, and improve the  Platform & Services for Customers and develop new features;
  5. To comply with our legal obligations, or to exercise and enforce our legal rights; and
  6. To send to representatives of Customers marketing materials related to the Platform & Services that we believe may be of interest to them. We do this according to the rules that apply to marketing messages: where required, we make sure we have your prior consent to send you these marketing messages. In any event, you will have the ability to opt out of receiving such materials at any time. In any event, you may opt out of receiving such materials at any time.

In addition, we may use information derived from the aggregation of Customer End User Data and  Platform & Services Usage Data in combination with other data (“Aggregated Data”) for research and analytics purposes, or to improve or market the  Platform & Services to preform our services to our Customers. Aggregated Data is de-identified, and Explorium does not reveal the identity of any Customer or Customer End User.

4. HOW WE SHARE YOUR DATA

 Explorium shares  Platform & Services Usage Data, Enrichment Data and Customer End Data (described in Section 2 above) with the following third parties as needed to fulfill purposes set forth in Section 3 above:

  1. With our subsidiaries as necessary to help us support and maintain the  Platform & Services and services provided to Customers.
  2. With our data hosting provider (i.e., we store our information on Amazon Web Services).
  3. With our payment processors or other business-operation service providers, so long as transfers to service providers are done consistent with agreements between Explorium and Customers, and such service providers are authorized to use your information only to the extent it is necessary for service providers to provide their services to us. 
  4. With our Partners who enable us to enrich our databases, only upon a Customer’s instruction that we enrich their data, and provided that any such transfer is done consistent with our agreements with Partners and Agreements with Customers and is undertaken solely for the use of the Customer who requested such data enrichment.
  5. With authorities, legal counsels, and advisors, to respond to or prevent fraud, or when legally required, or to protect the safety of Explorium, its Customers, or the public; and
  6. To the surviving or acquiring entity of Explorium, as part of any merger, acquisition, or sale of all or part of the assets of Explorium. In such a case, only Customer End User Data will be transferred following the completion of any such transaction and/or during the assessment process while a transaction is pending.

5. INFORMATION SECURITY

Explorium is SOC2, ISO 27001 and ISO 27701 certified and takes great care in implementing and maintaining the security of the  Platform & Services, Explorium’s services,  Platform & Services Usage Data, Enrichment Data, and Customer End User Data (for the purpose of this section, “Data”). 

Explorium hosts the Data through our authorized third-party service providers, including Amazon Web Services, which asserts that it provides advanced security features. Explorium employs industry standard policies and procedures to ensure the safety of its  Platform & Services and Data, and to prevent the unauthorized use of any of them. Notwithstanding the foregoing, as with any Software as a Service, we cannot guarantee that unauthorized access to the Data will never occur. Consequently, we cannot ensure or warrant the security of any Data that you transfer to us, and any information that you transfer to us is done at your own risk.

6. DATA RETENTION

Explorium retains Customer End User Data for as long as Customers require to use the  Platform & Services or as required or permitted by law.  

Explorium retains  Platform & Services Usage Data and Enrichment Data for no more time than is necessary to serve the legitimate business need for which it was collected.

7. ADDITIONAL INFORMATION FOR INDIVIDUALS IN THE EUROPEAN ECONOMIC AREA OR THE UNITED KINGDOM

Explorium is deemed a “processor” for Customer End User Data it receives from the Customer, who is deemed “controller,”  under the GDPR. 

The following legitimate interests are the lawful bases on which Explorium relies to process  Platform & Services Usage Data: (i) to provide its Customers using the  Platform & Services with more accurate analysis and better predictive models; (ii) to improve, personalize and market our  Platform & Services; and (iii) to promote the safety and security of our  Platform & Services.

Our legal basis for sharing Platform & Services Usage Data with the target entity of the change in control, legal counsels, and advisors, is our legitimate interests in the continuity of our business in case of a reorganization of our business.

Our legal basis for processing Platform & Services Usage Data to send you marketing materials related to the Platform & Services, is your explicit consent where consent is legally required to send you these marketing messages. If consent is not legally required, for instance, where marketing messages to representatives of businesses are permitted without consent, our legal basis for processing Platform & Services Usage Data to send you marketing materials related to the Platform & Services, is legitimate interest in developing our business with customers and prospective customers.

International data transfers. To facilitate processing your information within the companies in our corporate group and with our service providers, we transfer information to countries such as the United States, and Israel. When we transfer personal data to countries not recognized with an adequacy decision, we use data transfer agreements which contain standard data protection contract clauses with adequate safeguards determined by the EU Commission and UK Information Commissioner’s Office.

You may have additional data subject rights: 

  1. Right to withdraw consent to the processing Platform & Services Usage Data to send you marketing materials related to the Platform & Services.
  2. Right to Object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims. 
  3. Right to Restrict us from processing your personal information (except for storing it): (a) if you contest the accuracy of the personal information (in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information); (b) if the processing is unlawful and you prefer to restrict the processing of the personal information rather than requiring the deletion of such data by us; (c) if we no longer need the personal information for the purposes outlined in this privacy policy, but you require the personal information to establish, exercise or defend legal claims; or (d) if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).
  4. Right to be Forgotten. Under certain circumstances, such as when you object to our processing of your personal information based on our legitimate interest and there are no overriding legitimate grounds for the processing, you have the right to ask us to erase your personal information. However, notwithstanding such a request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this privacy policy.

Where Explorium is deemed a controller, Customer representatives may exercise their rights by contacting Explorium at [email protected]. We will respond to your requests within a reasonable timeframe. Please note that these rights may be limited in certain circumstances, as provided by applicable law.

Where Explorium is deemed a processor, Customer End Users should contact our Customer to request any data subject rights. Explorium will cooperate with its Customers to support and comply with any such data subject rights requests. 

Explorium has appointed an EU Representative, Symmetry Solutions Ltd., based in Ireland, who you may address if you are located in the European Union to ask any questions about our processing of your personal data, including any requests to exercise your rights provided by the General Data Protection Regulation (EU) 2016/679. You can contact our EU Representative by email at: [email protected] , or by post: FAO Explorium EU Rep, Symmetry Solutions Ltd, The Tara Building, 11-15 Tara Street, Dublin 2, D02RY83, Ireland

Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. 

8. ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS

We do not collect, use, or disclose sensitive personal information.

If you are an individual from California, please note that in the preceding twelve (12) months, we processed information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with a particular consumer or household, as per the following categories of information for Customers End Users Data, Enrichment Data and Platform & Services Usage Data: 

  1. Identifiers and other Customer record information such as name, signature, physical characteristics or description, address, unique personal identifier, online identifier, IP address, email address, telephone number, education, or financial information.
  2. Commercial information, including records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  3. Internet or other similar network activity and technical information related to use of mobile device or computer, such as Technical Information (as defined above).
  4. Professional or employment-related information, such as employment history, skills certifications, or job titles.
  5. Inferences drawn from other personal information, such as preferences, characteristics, behavior, and aptitudes related to a Customer End User’s use of Customer’s applications and services, or Customer’s use of the  Platform & Services, including Behavioral Information (as defined above).

The business purposes for which Explorium processes this personal information are:

  1. Performing services on behalf of the business (the Customer)
  2. Providing customer service, processing, or fulfilling orders and transactions.
  3. Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, prosecuting those responsible for that activity.
  4. Undertaking internal research for technological development and demonstration.
  5. Undertaking activities to verify or maintain the quality of the service and to improve, upgrade or enhance the service.
  6. Debugging to identify and repair errors.

In the preceding twelve (12) months, Explorium has disclosed this information as explained in Section ‎4 above.

Explorium does not sell Customers End Users Data or Platform & Services Usage Data and has not done so in the preceding twelve (12) months. For more information on whether Explorium has sold personal information which is Enrichment Data in the preceding twelve (12) months, please visit our “Do Not Sell My Information” page. 

We have not shared Customer End User Data, Enrichment Data, or Platform & Services Usage Data for online behavioral targeted ads in the preceding 12 months.

We also do not have actual knowledge that we sell the personal information of consumers under 16 years of age. We also do not have actual knowledge that we share the personal information of consumers under 16 years of age for online behavioral targeted ads.

In addition, in the preceding twelve (12) months, Explorium has disclosed for a business purpose the following types of information: identifiers, personal information contained in Customer records, commercial information, professional or employment-related information, Technical Information, geolocation data, and Behavioral Information.

California Civil Code Section 1798.83 permits California resident-consumers to request certain information once per year regarding the disclosure of their personal information to third parties for purposes of their direct marketing to California resident-consumers. To make such a request, please send us an e-mail at [email protected] with “Shine the Light Request” in the subject line. Please note that we evaluate a “Shine the Light” request to determine whether it is proper under the scope of this law before we respond.

California residents have the following additional rights:

  1. You have the right to know and right to access information about the categories and specific pieces of personal information we have collected about you, as well as the categories of sources from which your personal information is collected, the purpose for collecting such information, and the categories of third parties with whom we share your personal information. You also have the right to know if we have sold or disclosed your personal information. You may also request a copy of the personal information we have collected and/or disclosed, and upon request, we will provide this information to you in electronic form.
  2. You have the right to opt out of the sale of your personal information to third parties. We use Enrichment Data solely to fulfil our obligations pursuant to Agreements with our Customers, and upon a Customer’s direct instruction to enrich its Customer End User Data with this additional Enrichment Data made available through our  Platform & Services. This use is defined as a “sale” under California law. If you would like to opt-out of the sale of your information as Enrichment Data (i.e., not permit your information to be used in connection with our data enrichment practices), please visit https://www.explorium.ai/do-not-sell-my-personal-information/ .
  3. You have the right to request the deletion of your personal information, subject to certain legal exceptions.
  4. You have a right to correct inaccurate information. If we receive a verifiable request from you to correct your information and we determine the accuracy of the corrected information you provide, we will correct inaccurate personal information that we maintain about you, subject to certain legal exceptions. In determining the accuracy of the personal information that is the subject of your request to correct, we will consider the totality of the circumstances relating to the contested personal information. We also may require that you provide documentation if we believe it is necessary to rebut our own documentation that the personal information is accurate.
  5. You have the right to not be discriminated against for exercising any of these rights.

If you would like to exercise one or more of the above rights, please contact us using the contact information provided in Section 12. You may also designate an authorized agent, registered with the California Secretary of State, to make such a request on your behalf. The authorized agent must have written permission to submit requests on your behalf. Whenever feasible, we will match the provided identifying information to the personal information already maintained by us for verification purposes. If we cannot verify the identity of the requester using the information in our possession, however, we may request additional information to verify your identity.

9. CHILDREN

Our  Platform & Services are not intended for children, and our  Platform & Services are not designed to attract children. We do not knowingly collect, and we do not sell, personal information from children. If we learn that we have collected personal information from a person under the age of majority in his or her jurisdiction, we will delete all such personal information as soon as possible.

10. CHANGES TO THE PRIVACY POLICY

Explorium reserves the right to change this Privacy Policy at any time. We will provide notice of substantial changes of this policy on the Explorium website’s homepage at www.explorium.ai. Such substantial changes will take effect seven (7) days after notice is provided on our website or by email (if applicable). All other changes to this Privacy Policy are effective as of the stated “Last Revised” date, and your continued use of the  Platform & Services after the Last Revised date will constitute your acceptance of, and agreement to be bound by, those changes.

11. HOW TO CONTACT US

If you have any questions or comments concerning this Privacy Policy, please contact us via email at [email protected] or via physical mail at Explorium Ltd., 3 Daniel Frisch St., Tel-Aviv, Israel.