Welcome to Grapedata, the online and mobile service(s) of Grapedata, Ltd. (“Grapedata,” “we” or “us”). The objective of this Privacy Policy is to allow all and any visitors, users or third-parties that may have any personal data processed by Grapedata to understand how such data is treated and the duties and rules that we follow.

Grapedata is committed to respecting your privacy and protecting the personal information of all visitors, users and others who access our platform (“you”, or “Users”). This privacy policy (the “Policy”) applies to our website, surveys we send out, and online service platform (collectively the “Services”). This Policy applies to how Grapedata and companies we own or control, treat information you provide us, or we collect, including how we use such information, how we protect the security of such information, and how we will deal with any requests from you in respect of your personal data in our possession.

By accepting the terms of this Policy, you confirm that you have read and understood it and you agree to our collection, storage, use and disclosure of your personal information as described in this Policy.

Personal information is information which identifies you or could be used to identify you, such as your name, title, professional information and contact details, such as email or phone number, that is supplied to us in conjunction with your use or potential use of our Services, as well as information we generate regarding your use of the Services.
‍

1. Information We Collect

Grapedata collects the following information when you register:

• First and Last Name;
• Cellphone number.

This information is obligatory to successfully complete your registration. Once you have registered, you will be asked to complete your profile, to be able to access our surveys. This is necessary for us to know which surveys to show you based on your professional background and interests.

During this profiling survey, we will ask you to share the following personal data:

• City/Country of residence;
• Name of your employer;
• Industry you work for;
• Job title/role;
• E-mail address;
• Geolocation.

The sharing of this data will be optional, and you can pick and choose what you share.

Personal information we collect, store, and process may be obtained from:

• Information you provide: This includes personal information you enter on our systems related to the Services, or provide to us in some other manner, which may include your name, e-mail address, title, employer name, professional experience, username and password, date and place of birth, gender, and physical location. It may also include any communications between you and Grapedata, as well as any information you provide if you use any interactive features of the Services. It may include images you choose to upload when registering for our Services. This is in addition to insight you through engagement with our services (i.e., surveys we ask you to complete). Grapedata may also ask for a photograph of any valid Identity verification (e.g. Identity Card, Driver’s License, etc.) when and if necessary to conduct further validation of your identity;
• Information we receive from social networking sites: This includes personal information that is entered, generated, or transmitted when you interact with our Services through various social media, and may include your profile information, profile picture, gender, user name, user ID associated with your social media account, age range, language, country, friends list, location, and another other information you permit the social network to share with third parties. The data we may receive is dependent upon your privacy settings with the social network. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Services:
• Information you provide us about others: This includes personal information from contact lists you explicitly make available to us (e.g. via your mobile device) in order to invite your friends and contacts to connect with our Service. Be advised that Grapedata does not store any third-party information given to us through our forms and will only add personal information from referred users to their database if and only they have subscribed to our platform;
• Mobile data: Because our Services can be accessed via a mobile application, this includes certain technical data and related information, including but not limited to technical information about your device, system and application software, and peripherals, to facilitate the provision of software updates, support and other related services. This information may include, but is not limited to your preferred language, phone number or other unique device identifier assigned to your mobile device, the IP address, manufacturer, and model of your mobile device, your mobile operating system, and the mobile internet browser(s) you are using, physical location and usage data, and other information used to allow us to personalize the Services for you.

Use of cookies and other technology to collect information.

We automatically collect certain types of usage information when you visit our website or use our Services. When you visit our website or use our Services, we may send one or more cookies — a small text file containing a string of alphanumeric characters — to your computer that uniquely identifies your browser and lets us help you log in faster and enhance your navigation through the site. A cookie may also convey information to us about how you use the Services (e.g., the pages you view, the links you click, how frequently you access the Services, and other actions you take when using the Services) and allow us to track your usage of the Services over time. We may collect log file information from your browser or mobile device each time you access the Services.

Log file information may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, information about your mobile device, referring / exit pages and URLs, number of clicks and how you interact with links on the Services, domain names, landing pages, pages viewed, and other such information. We may employ clear gifs (also known as web beacons), which are used to anonymously track your online usage patterns. In addition, we may also use clear gifs in HTML-based emails we send to you to track which of our emails you open, and which links you click on.

We use this information to ensure more accurate reporting and improvement of our Services.

We may also collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for our website and the Services. These tools collect information sent by your browser or mobile device, including the pages you visit, your use of third-party applications, and other information that assists us in analyzing and improving the Services. We may request and receive reports from third party analytics providers, which we may combine and process with the personal information we collect from you directly.

Grapedata will always request your permission to track your data in regards to our marketing and analytics framework. Grapedata does not share location data nor individual identifying data (such as your unique identifying ID on the platform) with any third-parties.
‍

2. Why we collect this data

All the data we collect is used to provide you with our services and so that you are able to access our surveys.

We ask that you provide us with this data so that we can:

1. Tailor which surveys you have access to based on your location, your industry, profession and role;
2. Understand if you would fit our Travelers’ task (which allow users to visit shops/location in order to complete surveys) as well as to confirm the accuracy of your submissions;
3. For management and administrative purposes;
4. To send you Services related emails or messages (e.g., account verification, order confirmations, change or updates to features of the Services, technical and security notices, including features that are tailored to your requirements or that allow us to treat you in a more personal way);
5. To carry out analysis and market research;
6. To carry out marketing including online advertising and to keep you informed of our products and Services;
7. To select your profile for temporary/non-temporary groups of users, which can be targeted for specific tasks or groups of tasks;
8. To verify your identity, when and if necessary, due to any services provided by Grapedata;
9. To undertake targeted online advertising.

Essentially, we collect personal information in order to provide you with a personalized, useful and efficient experience. Additional information may be gathered for the purpose of completing our Tasks.

Information on the user is collected whenever our services are used (whether these services are provided by us or by third parties acting on our behalf), including when our website, mobile applications are used or when you interact with us via email.

Please be advised that we do not accept information received from any individual under the age of 16.

We use or may use the data collected through cookies, log file, device identifiers, geolocation data and clear gifs information to:

(a) remember information so that you will not have to re-enter it during your visit or the next time you visit the site;

(b) provide customized, personalized content and information, including advertising;

(c) provide and monitor the effectiveness of our Services;

(d) monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our website and our Services.

Grapedata’s legal basis for using your information

All information we keep of you must have a legal basis, as set forth by the GDPR and the DPA 2018. The legal basis of our processing of your personal data will be one of the following:

• Contractual obligations: we cannot fully comply with some of our contractual obligations with you and with our clients unless we process personal data from the users;
• Legal obligations: Grapedata has legal responsibilities it must comply with and for that we must process some personal data (an example being money laundering legislation);
• Legitimate interests: if necessary, Grapedata must be able to process certain personal information in order to provide it to third parties that have a legitimate and lawful need to have it or in order to pursue Grapedata’s business interests (e.g. marketing);
• Consent: the initial usage of our app and services is dependent on your consent, and you have stated you consent to us holding your data by registering as a user, allowing us to process your information to the extent it is necessary.

2. Sharing Personal Information with Third Parties

By default, we do not share personal data with third/parties, in regard to data gathered through the website. The data acquired and processed through the fulfilling of tasks is always anonymized and no personal data is unlawfully transmitted or shared with any third parties.

We may share some of your personal information with third parties only in the instances described below. For further information on your choices regarding your information, see “Your Choices Regarding Your Information” below. Be advised that, unless absolutely necessary, the information we share with third parties is anonymized.

We may share your personal information with:

• Third-party vendors, consultants and other service providers that perform services on our behalf or who require access to your personal information in order to carry out their work for us, which may include third parties providing data storage, processing, advertising, content or service fulfilment, or providing analytics services; and
• Third parties as required to (a) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (b) enforce our Terms of Use Agreement, including the investigation of potential violations thereof, (c) investigate and defend ourselves against any third-party claims or allegations, (d) protect against harm to the rights, property or safety of Grapedata, its users or the public as required or permitted by law and detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.

We may also share information with others in an aggregated and anonymous form that does not reasonably identify you directly as an individual.

You will always be consulted, and your consent will be requested, as often as necessary and mandatory by all applicable legislation. We remind our users that any questions in regard to their rights may be directed to support@grape-data.com or privacy@grape-data.com.
‍

3. Your Choices Regarding Your Information

• Marketing Communications: If you have opted in to receiving marketing communications, and you no longer wish to receive promotional emails, you can click the “unsubscribe” button on promotional email communications. This will not unsubscribe you from non-promotional messages regarding your account, such as account verification, change or updates to features of the Services, or technical and security notices, which are required to provide our Services to you;
• Online Advertising and Tracking: We permit third parties, such as advertising network and analytics providers, to collect information about your use of our website over time, in order that they may display advertisements that may be relevant to your interests or provide us with enhanced demographic and analytic information about our users. Typically, the information we share with these types of third-party providers is obtained through the use of cookies or similar tracking technologies. Where possible we will provide you with options to “opt out” of the collection of such personal information.  Additionally, you will be asked for your permission to share your tracking metadata when you sign up or log back onto the app.

However, it may be the case that the only way to completely “opt out” of the collection of such personal information through cookies or other tracking technology is to actively manage the settings on your browser or mobile device. Please refer to your browsers or mobile device’s technical information for instructions on how to delete and disable cookies, and other tracking/recording tools;

• Your profile: Based on the information you provide us through your profile and whenever you participate in a task, Grapedata will, when necessary, use this in order to add you to target groups for specific tasks and/or other services we provide. This information is processed in-house and in no way is shared with third parties. Where possible or relevant, we will provide with options to “opt out” of these temporary groups of users. You may opt out of any additional processing at any time.
  ‍

4. Retaining Your Personal Information

We will retain your information for as long as your account is active or as needed to provide you the Services. Following termination or deactivation of your account, Grapedata may retain information for a commercially reasonable time, generally not less than 5 years, for backup, archival, and/or audit purposes.

Please contact us at support@grape-data.com if you wish to terminate your account or would like us to delete your personal information.

Be advised that any information not strictly necessary for the usual processing of Grapedata services will be permanently deleted upon 10 days after being provided and you always reserve the right to request deletion of said information during the process of those 10 days.
‍

6. Grapedata Scouts and Interviewers

Grapedata offers the possibility for users to become Grapedata Scouts and/or Interviews for one or multiple tasks on our platform. Each of these tasks will be accompanied by a set of instructions as well as information on how to conduct it in a way that is up to Grapedata standards in all ways, including the protection of any and all personal data these users may process as controllers on behalf of Grapedata.

Be advised that upon applying to become a Grapedata Scout and/or Interviewer you may be asked to provide a photograph of an identification document (e.g. Identity Card, Driver’s License, etc), which we will store only during the identity verification process which, upon it being completed, we will permanently delete this information. The purpose of this is to guarantee that the users who complete these tasks are up to standard with our guidelines.

These users will also be requested to agree to comply with our Privacy Policy guidelines and conduct themselves with the same rigor and care for any and all personal data they may, during the course of the process, be asked to process. Consent to these terms is regarded as consent to any and all requests that may be asked by Grapedata in order to ensure the complete security and compliance to these rules and the law.
‍

7. Your Rights

It’s your personal information and you have certain rights relating to it, such as:

• Right of access: you have the right to know if and what personal data concerning you Grapedata may have and processes, and also request access to the personal data as well as the purpose of the processing, the categories of the data concerned, which third parties, if any, have we transmitted the data to and on what legal basis. Be advised that Grapedata may and will ask for proof of identity upon receiving a right of access request in order to fully comply with the relevant legislation. The identity verification process may include, but is not limited to, request of a photograph identification documents (e.g. Identity card, Driver’s License, etc), which we be deleted upon verification of identity as per legal stipulation;
• Right of rectification: If your personal data is incorrect or incomplete, you may ask for it to be rectified or completed;
• Right of erasure: you have the right to request the erasure of your personal data, under certain circumstances. This right may be restricted if the processing of the data is necessary for compliance with legal and/or contractual obligations to which Grapedata is subject;
• Right to restrict processing: you may ask Grapedata to limit access to personal data or suspend processing activities. This may happen, for example, in cases where you dispute the accuracy of your personal data, for a period of time which enables Grapedata to check its accuracy, or in cases where you have objected to the processing, until it is verified whether the legitimate interests of Grapedata or of a third party prevail over yours;
• Right to data portability: you have the right to request and receive your personal data, that you had provided Grapedata, in a structured, commonly used and machine-readable format and have the right to transmit such data to another controller without hindrance;
• Right to object: you have the right to object, at any time to processing of personal data you have provided, including profiling based on those provisions. Where personal data is being processed for direct marketing purposes, you have the right to object at any time to processing of personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

If you’re not happy with how we are processing your personal information, please let us know by sending an email to privacy@grape-data.com. We will review and investigate your complaint, and will respond to you within 30 days.

If you are not satisfied with our response to your complaint, you have the right to complain to the Information Commissioner’s Officer by writing to:

Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

‍Please take into consideration that not all these rights may apply to you or your circumstances. Please refer to ICO (Information Commissioner’s Office) for further information in regard to the U.K. legal interpretation of the rights as put forward by the GDPR as well as the Data Privacy Act 2018.

Furthermore, please take into account that without certain data, Grapedata may not be able to fulfill its legal and contractual obligations and, as such, will no longer be able to provide you with the service and/or the app. Grapedata is not responsible in any way for whatever consequences may arise from your decision to exercise any of these rights and how it may affect its commercial relationship with you.

You also have the right to lodge a complaint, which you may do through ICO channels, that you may find here.
‍

8. Refer a friend information

Grapedata may offer the possibility of referring friends, as well as the possibility of the user interviewing them and filling in the task through our app for them.

In order to guarantee the compliance with GDPR and DPA 2018 legislation, Grapedata does not keep the referred friend’s personal and private information including, but not limited to, IP address, Name, Email Address, or any other personal data submitted unless we have expressed consent from said friend. We also do not send any messages to a referred friend including, but not limited to, marketing emails.

Grapedata request that users contact referred friends and request they register with us, verifying at a later date if the referred friend registered and completed the task in order to consider it a successful referral for the user.
‍

9. Security and Storage of Information

Grapedata cares about the security of your information and has put in place physical, administrative, and technological safeguards to preserve the integrity and security of all information we collect and that we share with our service providers. Any transaction we make will be done so through secure services, such as PayPal and any information we ask for will be kept in secure servers.

However, no security system is impenetrable, and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take immediate steps to investigate the situation and to notify those individuals whose information may have been compromised and take other steps, in accordance with applicable laws and regulations.  

You can help us maintain the security of your personal information by not sharing your personal information, including your username and/or password with any other person, by remaining vigilant to any suspicious requests for your personal information, and by keeping your software up to date.

Your information collected through the Services will principally be stored and processed in the U.K. or other European Union country.  We may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as the U.K. and the European Union, and you consent to the transfer of information to any such countries.  Where we transfer your information to a country outside the U.K. or the European Union, we will do our best to ensure that it is subject to the same protections afforded by the laws of the U.K. or the European Union.

All sensitive personal data and all unnecessary data Grapedata may request or receive from you will only be collected with your expressed consent. Any and all information not strictly necessary for the adequate conducting of Grapedata business will be deleted permanently as soon as possible, within the timeframe necessary to conclude the process it may be requested for. Grapedata has in place all possible safeguards for your information and has taken all possible steps to assure that your data is secure while we process it.
‍

10. Links to Third-party Websites

The Services may contain links to and from third party websites of our business partners, advertisers, and social media sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.
‍

11. Updates to This Privacy Policy

We reserve the right to modify this Policy from time to time. If we make any changes to this Privacy Policy, we will change the “Last Revision” date below and will post the updated Privacy Policy on this page.  We will also send you an email informing you that the Policy has changed and inviting you to visit this page to view the updated policy.

Use of your personal information prior to this date was subject to our previous Privacy Policy.
‍

12. Events beyond control

Grapedata is not considered liable or in any way responsible for any failure to perform, for any delay in performance of any and all obligations, requests, and so forth under this Policy which are caused by events beyond Grapedata’s control, including, but not limited to, any strike, lockout or other industrial dispute, acts of the elements, compliance with requirements of any governmental port or international authority, plant breakdown or failure of equipment, inability to obtain equipment, fuel, power, materials or transportation, or by any circumstances whatsoever beyond its reasonable control.
‍

13. Contacting Us

If you have any questions about this Policy, please contact us at privacy@grape-data.com or support@grape-data.com.
‍

14. Last Revision Date

This Privacy Policy was last revised on, and effective as of, August 27th 2021 to ensure compliance with the General Data Protection Regulation (GDPR).

We will keep you updated on any changes to our Privacy Policy and any other related relevant changes.

‍

‍