Privacy Policy

We will NEVER sell Your Personal Data to Third Parties.
Nlytics will only share or disclose Personal Data as described in this Privacy Policy.

This Privacy Policy applies to Personal Data processed by Nlytics LLC (“Nlytics”, “We”, “Us” and “Our”) when You visit www.nlytics.co in addition to any sub-pages that are integrated within it (the “Site”); and/or make use of Nlytics’s Platform.

This Privacy Policy explains what Personal Data We collect through Our Site and Platform, how and why We collect it, how We use and disclose the Personal Data We collect and information on how to exercise privacy rights over this Personal Data.

We have also included a section on the processing of Personal Data sent to Nlytics from visitors to an Nlytics Enabled Site.

We may revise this Privacy Policy from time to time but We will never do so in a manner that compromises Our commitment to respect the privacy of individuals. The most current version of this Privacy Policy governs Our practices for collecting, processing and disclosing Personal Data. We will provide notice via email to Our Customers and on this page of any material modifications to this Privacy Policy. Continued use of Our Site and/or Platform following the effective date of any modifications will constitute acceptance of the modified Agreement (this includes Our Terms of Service, Data Processing Agreement, Acceptable Use Policy and this Privacy Policy).

All capitalized terms in this Privacy Policy shall have the same meaning as defined in the Terms of Service and in the Applicable Law.

Information about Nlytics
Nlytics is a company headquartered in the United States that provides Software as a Service (SaaS). Nlytics is a digital experience insights platform that provides visual behaviour insights, A/B Testings, Codeless Events, all in one place.

Personal Data Collected by Nlytics
The Personal Data We collect depends on whether the individual is:

A visitor to the Nlytics Site

A Customer or user (the “User”) of the Nlytics Platform

A Tester who signed up on the Nlytics Platform

Personal Data collected from a visitor of the Nlytics Site
This section applies to Personal Data Nlytics collects from visitors to the Nlytics Site (Nlytics.com) or any of Our sub-sites or sub-domains (e.g. help.Nlytics.com, etc.).

Any Personal Data provided by a visitor to Our Site will be used only as described in this Privacy Policy and Nlytics’s Acceptable Use Policy.

Usage Data
When someone visits the Nlytics Site, We may temporarily store the name of their internet service provider, IP address, the website they visited Us from, the parts of Our Site they visit, the date and duration of the visit, and information from the device (e.g. device type, operating system, screen resolution, language, country you are located in, and web browser type) used during their visit or other similar information that helps Us understand your behaviour on our Site. We process this usage data to facilitate access to Our Site (e.g. to adjust Our Site to the devices that are used). We may use this data to analyze, develop, improve, secure or optimize the use, function and performance of Our Sites, or to make sure We are reaching out to the right audience. Wherever possible, we will use usage data in an aggregated and/or anonymized form. Depending on the context, the legal basis for this data processing is Article 6(1)(a) and Article 6(1)(f) GDPR.

Cookies
Cookies are small data files transferred onto computers or devices. Nlytics uses cookies to process information including standard internet log information and details of the visitor’s behavioral patterns upon visiting Our Site. This is done to: operate Our Site; provide visitors to Our Site with a better experience by providing Us with insights on how visitors use Our Site; and for marketing purposes, as detailed below. At which point Cookies become obsolete, Nlytics will continue to operate as intended for all of our customers without the use of Cookies.

Contacting Us
Visitors to Our Site have the opportunity to contact Us to ask Us questions, for example via a contact form, where We ask for contact information (e.g. name, email address etc.). We use this data solely in connection with answering the queries We receive.

If a visitor to Our Site receives emails from Us, We may use certain analytics tools, to capture data such as when the email is opened or when any links or banners in the email have been clicked. This data helps Us understand the effectiveness of Our communications and marketing campaigns.

Personal Data collected from Nlytics’s Customers, Users and Testers
This section applies to Personal Data Nlytics collects from its Customers, Users and Testers when making use of Nlytics’s Platform.

When someone signs up for an account with Nlytics, contacts Our customer support for assistance, or subscribes to Our content or special offers, We may ask for additional Personal Data such as their name, email address and additional details about them or the organization they represent.

We will solely process this Personal Data to provide Our Platform in accordance with Article 6(1)(b) GDPR. If you are a User of Our Platform on behalf of a Nlytics Customer that has concluded this Agreement with Nlytics, the legal basis for Nlytics to process your Personal Data is Article 6(1)(f) GDPR. Please refer to Our Terms of Service for further details on signing up and using Our Platfor.

We temporarily store IP addresses of Customers, Users and Testers of Our Platform for associated performance metrics (i.e. data related to how well Our Platform performs) and to monitor and track application errors. We will never access these IP addresses without any operational or security need. We automatically delete these IP addresses within thirty (30) calendar days.The legal basis for this data processing is Article 6(1)(f) GDPR. We may use technical data (such as keypresses, timestamps, etc.) collected through the Platform to analyze, develop, improve or optimize the use, function and performance of Our Site, or to make sure we are reaching out to the right audience. Wherever possible, we will use usage data in an aggregated or anonymized form.

A Customer may delete their Nlytics account at any time. Users and Testers may delete their respective accounts through their account settings. After account deletion, We may retain Personal Data (in part or in whole) associated with the Customer, User or Tester to meet any regulatory and reporting requirements for the timeframes stipulated by law and to be able to address customer service issues. Any other Personal Data We were processing relating to Our Customer, Tester and/or Users of that Nlytics account will be deleted permanently within thirty (30) calendar days. This does not apply to any Personal Data collected as part of Customer research within the Engage Product. To maintian the quality of the research data, any research-related Personal Data may need to be kept for a reasonably required time.

We may use Personal Data and other Data about Our Customers, Users and/or Testers (including but not limited to demographic information, location information, information about the computer or device from which they access Our Platform) to create, wherever possible, anonymized and aggregated information and analytics. The legal basis for this data processing is Article 6(1)(f) GDPR.

The information We collect from Our Customers, Users and/or Testers is disclosed only in accordance with the Agreement and the Applicable Law.

Personal Data collected.
THIS SECTION APPLIES ONLY TO THE REGISTERED TESTERS OF OUR PRODUCT

When a Tester signs up to the Nlytics Product, we will ask them to share some Personal Data with Us to create a Tester profile. The Tester profile information will be revealed to Nlytics and Our Customers, who may invite you to usability study interviews (“Interviews”). The Engage Product has been built to connect Testers with the best-matched Customers for their Interviews. Better matches means happier Customers and more payouts for Testers. We analyse the data Testers provide Us with, along with the information about the Tester’s use of Our Platform, to suggest a good Interview match.

We collect and process Tester Personal Data to allow Testers to participate in Customer research, as well as for database management, managing contacts and sending messages, analytics, managing Our hosting and backend infrastructure, paying Testers for their service, Tester registration and authentication and displaying content from external platforms.

The data categories we will ask Testers to provide in order to build the Tester profile may include but are not limited to, name, age, country of residence, educational background, profession, marital status, phone number and other registration information. This information allows us to effectively match Testers with the right Customers. Testers may also optionally upload an avatar or enter their gender, but can remove this at any time. If a Tester deletes their account, their profile data will be removed too. Depending on the context, the legal basis for this data processing is Article 6(1)(b) GDPR and Article 6(1)(f) GDPR.

We will also collect information that relates to how Testers use Our Platform. The categories of Personal Data relating to this include but are not limited to timezone, broad location (town or district), web browser, operating system and the device used, referral sources, email engagement data, data on how you use the Engage Product (including last login date and frequency) and account signup date. This information allows Us to personalize the Engage Product to Testers’ needs and to improve Our Engage Product. We do not collect precise, real-time information about the location of a Tester’s device. We delete (or anonymize) such Tester Personal Data as soon as you cancel your account. The legal basis for this data processing is Article 6(1)(f) GDPR.

On an entirely voluntary basis, Testers may choose to connect their social media account with their Tester profile. This will grant Us read-only access to their social media account and we will store their social media account ID, along with a secure ‘access key’ that these social media companies provide to Us. If Tester grants Us access, we may also process their email address that is associated with the social media account, name, profile picture, gender and age range, which we may use to enhance Tester profile data on the Engage Product. We use social media account data as a ‘quality signal’ to confirm that the Engage Product account belongs to a real person and therefore, sharing of social account data may affect the number of Interview invitations a Tester receives. We will never post content to a Tester’s social profile without their permission and we will never request or access their private messages on these accounts. Testers can choose to disconnect their social media accounts at any time, which will prevent Us from being able to access them. Social media account data will also be deleted if you choose to delete your Nlytics account. The legal basis for this data processing is Article 6(1)(a) GDPR.

In order to be able to remunerate Our Testers we will process payment related information that Testers share with Us such as PayPal email address, residential address, etc.. We may also need to keep a history of payments made to Testers. This is needed to comply with accounting and legal rules. This data may be kept up to seven (7) years. The legal basis for this data processing is Article 6(1)(b) GDPR.

Nlytics’s use of Personal Data
Access and Disclosure to Third Parties
We use a select number of trusted external service providers for certain technical data analysis, processing and/or storage offerings (e.g., IT and related services). These Third Party service providers are carefully selected and meet high data protection and security standards. We only share data with them that is required for the services offered and We contractually bind them to keep any information We share with them as confidential and to process Personal Data only according to Our instructions. The legal basis for such processing would be Article 6(1)(f) GDPR.

In addition to services providers, other categories of Third Parties may include:

Vendors/public institutions. To the extent that this is necessary in order to make use of certain services requiring special expertise (such as legal, accounting or auditing services) We may share Personal Data with vendors of such services or public institutions that offer them (e.g. courts). The legal basis of this data processing is Article 6(1)(f) GDPR.

Disclosure in the Event of Merger, Sale, or Other Asset Transfers. If We are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then Data may be sold or transferred as part of such a transaction, as permitted by law and/or contract. The legal basis for such processing would be Article 6(1)(f) GDPR.

Other than the cases mentioned above, We will only transfer Personal Data to Third Parties without express consent in accordance with Article 6(1)(a) GDPR or if We are obliged to do so by statutory law or by instruction from a public authority or court as outlined in Our Terms of Service.

Communication Purposes
We may occasionally send notification emails about updates to Our product, legal documents, customer support or for marketing purposes. To the extent required by Applicable Law, We will only send such messages if We have obtained consent in accordance with Article 6(1)(a) GDPR. In all other cases, the legal basis of this data processing is Article 6(1)(f) GDPR.

Except for cases where We are required to do so by law (e.g. notification of a data breach, providing you with important information about your account, updating our legal documents, etc.), recipients of Our communication shall have the opportunity to unsubscribe from receiving these messages free of charge. We process requests to be placed on do-not-contact lists as required by Applicable Law.

Marketing Purposes
We use Personal Data given to Us by Nlytics’s Customers, Users, Testers and/or visitors to Our Site to target advertisements to:

Nlytics’s Customers, Users, Testers and/or visitors to Our Site to keep them informed about Nlytics and any product changes we make; and

Potential new Customers or Testers that appear to have shared interests or similar demographics.

The legal basis of this data processing is Article 6(1)(f) GDPR.

We do this by sharing Personal Data with Third Party marketing platforms that have high privacy and confidentiality standards and which have gone through a legal and security review by Nlytics. This ensures that these Third Parties cannot do anything with the Personal Data We provide them other than use it for the express purpose of providing Us with the marketing services We contract them for.

This Personal Data is only shared with these Third Parties through secure and encrypted means. If you wish to opt out of this processing activity, please contact Us at dpo@Nlytics.com with the subject line “Opt-Out of Marketing”.

Compliance and Protection
We may use Personal Data to (legal basis for the respective processing in parentheses):

protect Our, Our Customers’/Users’, Testers’, visitors’ to Our Site or Third Parties’ rights, privacy, safety or property including by making and defending legal claims (Article 6(1)(b), (c) or (f) GDPR);

audit Our internal processes for compliance with legal and contractual requirements and internal policies (Article 6(1)(f) GDPR);

enforce Our Terms of Service (Article 6(1)(b) or (f) GDPR);

protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft (Article 6(1)(f) GDPR); and

comply with the Applicable Law, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities (Article 6(1)(c) or (f) GDPR).

Benchmarking
Nlytics reserves the right to use and retain Data in a de-identified and/or aggregated form to improve Our Site and/or Platform and for statistical and benchmarking purposes, including enabling comparisons within the same industry to enhance the insights collected through Our Site and Platform. Benchmarks look at all collected metrics and compare them to others of the same nature. These de-identified and/or aggregated benchmarks may be published and shared publicly within Our Platform or in the form of other content We publish which may show a summary of results for a certain category or question type.

No Data which can individually identify Our Customers, or their end-users, Our Users or Our Testers will ever be shown in this statistical or benchmark data.

The legal basis for aggregating/anonymizing this Personal Data is Article 6(1)(f) GDPR.

Intra-group sharing of User and visitor Data
Nlytics is part of the Content Square SAS group (“Contentsquare”) which is headquartered in Paris, France. In the course of our normal operations, Nlytics may share Data (e.g. name and contact details, etc.) of Users of Nlytics accounts, Testers, and visitors of Our Site (Nlytics.com) with Contentsquare.

The purpose of sharing this Data is to pursue synergies in sales and marketing, which is in both Nlytics’s and Contentsquare’s legitimate commercial interests. The legal basis of this Data processing is Article 6(1)(f) GDPR. Nlytics and Contentsquare are jointly responsible for these processing activities (so-called joint controllership). If you would like more information in this regard or would like to exercise your rights as described in this Privacy Policy, please contact Us at dpo@Nlytics.com.

Other Purposes with Your Consent
In some cases, We may ask you for consent to collect, use or share Personal Data for other purposes. For example, We may ask you for consent to send marketing emails where required by law or to post testimonials or endorsements. In such cases, there will always be the ability to deny or revoke consent if desired. The legal basis for the data processing is under Article 6(1)(a) GDPR.

Duration of Processing
Unless a different timeframe has been specifically stated in this Privacy Policy or in Our Pricing Page, Personal Data will be retained for as long as is necessary for the purpose(s) for which We originally collected it or to provide Our Platform, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, and enforce Our Agreement. We may also retain information as required by Applicable Law.

International Transfers of Personal Data
In most cases, Personal Data We collect is stored in the EU. However, in some limited cases, customer information may be accessed from, or other Personal Data (e.g., email, etc.) may be transferred outside of the EU. These countries may have different data protection laws. Nlytics endeavors to ensure appropriate safeguards are in place requiring that Personal Data will remain protected. Nlytics has concluded Standard Contractual Clauses with entities who We share Personal Data with outside of the EU. Further details about this can be found in Our article on Data Storage.

Children’s Information
Nlytics’s Platform is not directed to children under 13 (or other age as required by local law), and We do not knowingly collect Personal Data from children. If you learn that your child has provided Us with Personal Data without your consent, you may contact Us at dpo@Nlytics.com. If We learn that We have collected a child’s Personal Data in violation of Applicable Law, We will promptly take steps to investigate this, delete such information and, if applicable, terminate the child’s account. We will also make sure to have preventive measures in place for this not to happen again in the future.

Rights over Personal Data
If you are a visitor to Our Site or a Customer, User and/or Tester of Our Platform and We have collected Personal Data about you, you have a right to access and to be informed about what Personal Data is processed by Nlytics, a right to rectification/correction, erasure/anonymization and restriction of processing (subject to certain exceptions and other requirements prescribed by law). You also have the right to receive from Nlytics a structured, common and machine-readable format of Personal Data you provided Us.

When you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge and accept that this may have a negative influence on the quality of Our Site and/or Platform. Please be aware that when you withdraw consent, We may delete the Personal Data previously processed on the basis of your consent and will not be allowed to keep it further which will mean that it cannot be accessed, downloaded or otherwise secured by you.

In addition, you have the right to lodge a complaint with your respective data protection authority.

To protect your privacy, We take steps to verify your identity before fulfilling your request. We can only identify you via your email address and we can only adhere to your request and provide information if We have Personal Data about you through you having made contact with Us directly and/or you are using Our Site and/or Platform.

To protect your privacy, We will take steps to verify your identity before fulfilling any consumer request under the Applicable Law. When you make a request, We will ask you to provide sufficient information that allows Us to reasonably verify you are the person We collected Personal Data about or an authorized representative, which may include your email address.

If You are located in California…
This section only applies to Our processing of Personal Data as a “business” under the California Consumer Privacy Act (CCPA).

The CCPA provides California residents with the right to know what Categories of Personal Data Nlytics has collected about them and whether Nlytics disclosed that Personal Data for a business purpose (e.g. to a service provider) in the preceding twelve (12) months.

If you are a California resident and would like to exercise any of your rights under the CCPA, please contact Us at dpo@Nlytics.com. We will process your request in accordance with the Applicable Laws.

Sales of Personal Information Under the CCPA. For purposes of the CCPA, Nlytics does not “sell” Personal Data, nor do We have actual knowledge of any “sale” of Personal Data of minors under 16 years of age.

Non-Discrimination. California residents will have the right to exercise the rights conferred to them by the CCPA.

Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request under the CCPA. If applicable, you may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact Us at dpo@Nlytics.com.

If You are located in Brazil…
This section only applies to Our processing of Personal Data under the Brazilian Lei Geral de Proteção de Dados (LGPD).

In addition to the rights described above, you also have the right to:

access your Personal Data processed by Nlytics;

unless restricted by law, request information about the public and private entities with which We have shared your Personal Data;

oppose to the processing carried out; and/or

receive information about the possibility of not providing your consent and the consequences of such denial.

If you are a Brazilian resident or were in Brazil when your Personal Data was collected and would like to exercise any of your rights under the LGPD, please contact Us at dpo@Nlytics.com. We will process your request in accordance with the Applicable Laws.

Personal Data collected from a visitor of a Nlytics Enabled Site
This section applies to Personal Data sent to Nlytics from Our Customers about visitors to their site using Our Platform (i.e. a Nlytics Enabled Site).

When an end-user visits a Nlytics Enabled Site, the Nlytics Enabled Site’s privacy policy will apply to the Personal Data collected and not this Privacy Policy.

This section should always be read in conjunction with the specific privacy policy of the Nlytics Enabled Site which will contain further details regarding the processing of your Personal Data by the Nlytics Enabled Site.

When making use of Our Platform, Our Customers are bound by Our Privacy Policy, Our Terms of Service, and Our Acceptable Use Policy. You can get more information about Nlytics by visiting Our Site.

If you are a visitor to a Nlytics Enabled Site, Nlytics may temporarily process your IP address so that We can ensure Our service is running smoothly and improve the quality of Our Platform. Any IP addresses We process are used exclusively for associated performance metrics (i.e. data related to how well Our Platform performs on the Nlytics Enable Site) and to monitor and track application errors. For this purpose, We may temporarily store your IP address with Nlytics’s Sub-Processors which are subject to strict obligations of confidentiality and will process it only according to Our instructions. We will never access these IP addresses without any operational or security need. We automatically delete any IP addresses We process or store within thirty (30) calendar days. The legal basis for this data processing is Article 6(1)(f) GDPR.

Some Nlytics Customers may have the ability to integrate Data they have collected through Our Platform with other end-user data they have in their possession (e.g. their customer information).

Depending on the web browser you use, it might be possible for you to disallow Nlytics from collecting Data when visiting a Nlytics Enabled Site. To discover if your web browser offers this functionality visit Our Do Not Track page.

Please note that We cannot respond to any requests from end-users of Nlytics Enabled Sites related to their Personal Data, including requests to provide, rectify or delete any end-user Personal Data. Any requests from end users of Nlytics Enabled Sites related to Customer Personal Data should be sent to the relevant Nlytics Customer.