UPDATED: April 2023
Incorta understands you care how information about you is collected and used, and Incorta is committed to protecting the privacy of individuals who interact with us. This Incorta Global Privacy Policy (“Global Privacy Policy”) describes Incorta, Inc. and its affiliated entities (collectively “Incorta”) privacy practices for our websites, services, and apps that link to this policy. This policy also details our privacy practices related to Incorta marketing, advertising, and company events. Incorta is a business analytics platform. We provide Incorta (“Application”) and related support, consulting, and other services to customers. This Global Privacy Policy refers to Incorta and associated services collectively as our “Services.” We will collectively refer to our emails, newsletters, and other marketing practices as our “Communications.”
For this Global Privacy Policy, “Personal Information” means any information relating to an identified or identifiable natural person. Except when the contract with a covered individual specifies other requirements or relevant legislation imposes extra obligations on Incorta, the Global Privacy Policy applies to the collection, storage, processing, transfer, and use of personal data concerning covered individuals. Any information that can be used to identify or contact a living person is considered personal data, as defined by current legislation. Sensitive personal data is that which, if used improperly, could put the person at serious danger of discrimination that is illegal or arbitrary. Particularly, special categories of data, or information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic information, biometric information, health information, or information about a person’s sex, can be considered sensitive personal data.
This privacy policy does not apply to services that link, post or reference a different privacy policy, certain components of Incorta.com website that hyperlink to a different privacy policy, or if our Services hyperlink to a third-party site or service that has its own privacy policy.
Goal: Incorta recognizes that the personal data it receives is held in a position of trust. We seek to fulfill that trust by adhering to the following general principles regarding personal data.
INCORTA Cloud (SaaS) is a unified data analytics platform that provides everyone with the means to acquire, enrich, analyze, and act on business data. We provide Services to our customers. As part of the services, customer data may be stored on our systems. As our customer, when you use our Services to process data you have collected, you control the data you collect, what information is uploaded to the Services, who has access to that data and how that data is used. Our Services’ collection, use, transfer, and retention of customer data are governed by our customer’s Global Privacy Policy, not this Global Privacy Policy. As a data processor, we will cooperate with you in your efforts to control your data.
Fair and Lawful Processing
Transparency and Purpose Limitation
Vital Interest
Consent
Data Access & Rights
Data Integrity
Data Security
Data Sharing and Onward Transfer
In accordance with applicable laws and generally accepted industry standards:
Accountability
Enforcement/ Oversight
Incorta is dedicated to addressing any issues with personal data. We respond promptly and politely to complaints or disputes involving personal data. The Information Security Department manages complaints, monitors compliance with applicable laws and international compliance programs as well as privacy policies and practices.
Depending on how you use or interact with our Services, we produce a variety of different forms of Personal Information. The following lists the different types and sources of Personal Information we might gather and produce.
Demographic and Contact Information
Under certain circumstances we may collect demographic and contact information that you provide to us. This information includes: your name, mailing address, email address and telephone number
Online or Other Account Information
We may collect username and email addresses along with corresponding passwords, security questions and other information needed to permit access to certain components of our Services which require registration and/ or credentials.
Webforms and Requests
Any information that you submit to us through online or interactive forms available within our Services will be collected. This includes instances in which you “contact us”, submit feedback, request information about products or services, sign up for newsletters or mailing lists, or reach out to us with questions or concerns. If you wish to exercise your rights related to your data or submit a deletion or a general DSAR (Data Subject Access Rights) request, click on this link.
Websites
Information collected includes: usernames and passwords to enter certain sections of our websites or Services, unique identifiers, preference information (such as marketing preferences) browser types, Internet service providers (ISP) and referring/ exit pages. Additionally, we may collect information about the files you viewed on our sites, operating system, date/time stamps and clickstream data and other information further described in Tracking Technologies.
Mobile Apps/ Social Media
Some of our services are accessible on mobile devices through mobile websites or mobile applications. In the event that you access and use our Services through a mobile device, we may also gather mobile-specific data, such as your device ID, device type, hardware type, media access control (“MAC”) address, the version of your mobile operating system, the platform you used to access or download the Services, location data, and usage data about your device and the Services you use. Because not all of our mobile services have links to this privacy statement, please read the relevant privacy notice before using any mobile services.We maintain pages on many social networking sites.
Our Services may link to our pages or accounts on third party social media networks (“social media”) but our Services do not use social media plug-ins. If you choose to interact with us on social media, we may collect the information you publish or submit. Note that this information is also governed by the privacy policies of the respective companies offering the social media service. We may collect information when you interact with our social networking pages, including:
Device Information/ Log Information
We may also associate the information we collect from your different devices, which helps us provide consistent Services across your devices. Device specific information we may collect includes: Internet Protocol (IP) address, hardware model, operation system, unique device identifiers and mobile network information.
We may also create usage statistics and monitor the traffic from your use or interaction with our Services. Information collected includes ssage details of our Services, and the address (or URL) from where you came from before visiting us, which pages or features you visit or utilize, which browser you use, specific search terms, and items you click on.
Location Information
Depending on how you use or interact with our Services, a variety of methods may be used to acquire your location information. Your IP address, location data linked with the usage of a device, the country or region you choose, or other location-based features and contents of our Services, for instance, can all be used to determine your location.
Business Interactions
The information we have about you, the business you work for or are affiliated with, comes from your requests, communications, and interactions with us. This may include your job title, contact information (phone, email, fax, and address) for your company or organization, details about goods or services you expressed interest in or bought from us, or that we bought from you or your business, and other details required to confirm your eligibility to transact business with us.
Financial Information
We may also gather information needed to conduct a credit card transaction, such as the credit card type, number, and expiration date, if you use a credit card to buy goods or services from us.
Health Information
If you use certain types of our Services, we may collect information about your health or medical condition, and your treatment (including the specific device or product that you are prescribed). Additional privacy laws may apply to this type of sensitive information, so other privacy policies may apply.
We may host events to share product information with customers and potential customers. When you sign up to participate in an event we may collect information such as name, email, phone number and company. This information may be added to our CRM and used to contact or follow up with you after the event to answer any inquiries or interest you may have for our services. Under this process, Incorta may contact the customer or potential customer additional information with appropriate data rights considered.
Our Services may allow us and other users to communicate with you through text messaging periodically. We may contact you regarding the Services we provide to you, such as providing system alerts. You may manage your contact information and notification preferences in your Services account settings.
Communications Subscription Information
From time to time, we may provide information to our customers and potential customers in electronic or print Communications. When you subscribe to our Communications, you may be added to our mailing list and will receive announcements and information about Incorta. Communications will be emailed or mailed to the address that you provide when you subscribe.
When you sign up to receive our Communications, we ask for your name and email address.
We will ask for your consent to use your name and email address to email you our Communications , which contains information about our products and other information we feel might be of interest to you. You can withdraw your consent, and we will stop sending you Communications.
Your name and email address are shared with a third-party mailing system based in the United States and, if applicable, in Europe. This company has contractually committed to providing appropriate safeguards for your data which means it will be protected in line with the legal requirements of the European Union. We do not use the information you provide to make any automated decisions that might affect you. We keep your data for as long as we produce and distribute our Communications. If you withdraw your consent, we will mark your details, so they are not used and delete them after three years.
Incorta websites and services may include buttons, tools, or content that link to other companies services (for example, a Facebook “Like” button). We may collect information about your use of these features. In addition, when you see or interact with these buttons, tools, or content or view an Incorta web page containing them, some information from your browser may automatically be sent to the other company. Please read that company’s Global Privacy Policy for more information regarding its use of that information.
We advertise online, including displaying Incorta ads on websites and apps across the Internet. When we advertise online to you, we may collect information about which ads are shown to you, which ads you click on, and the web page where the ad was displayed to you, Including public chat, message boards, and user postings
You might provide Personal Information through your public participation in chat sessions, message boards, user communities associated with our Services, blogs, email exchanges, or newsgroups on our websites. That information may be available to anyone who has access to the website, and this Global Privacy Policy does not apply to information that you generally make available through such websites.
Your inquiry is stored and processed as an email hosted by GCP (Google Cloud Platform) within the European Economic Area (EEA). It is also logged on a CRM system (Salesforce) on a cloud server based in the United States; We do not use the information you provide to make any automated decisions that might affect you. All European Data is hosted in European Servers and its applicable jurisdiction. We keep inquiry emails for five years, after which they are securely archived. CRM records are kept for three years after the last contact with you.
To give you access to some features offered by our Services, our Services may use tracking technology. When you engage with us, these tracking technologies, such as those listed below, may collect or create Personal Information about you, but only if you choose to allow them in your Cookie Settings or in the browser settings specific to you.
Additionally, third parties may be able to collect information about your online activities when you use our websites or Services using cookies or other technologies. We do not respond to web browsers ‘do not track signals or other similar transmissions that indicate a request to disable online tracking of users who visit our websites or who use our websites or Services.
If you browse to a different area of our Services where different monitoring technologies are employed, you might be required to make your selections again. You can change these preferences at any time. To understand more, please examine the Cookie Policy that is displayed when you use our Services. If you have any issues, feel free to get in touch with us.
Click here to learn more about our Cookies Notice/Policy related to www.Incorta.com.
Our Services may incorporate the following tracking technologies:
Depending on the Services you use and how you interact with us, we may use your Personal Information in the following ways, as laid out below. If you reside in a certain region, such as the European Union, we may not be able to use your information for some of the below reasons without first receiving your agreement.
We may use the information we collect about you to:
Aggregate data from our Services are used to benchmark and improve our Services.
Where required under applicable law, we will obtain your consent to use your Personal Information for marketing purposes.
We work with companies that help us run our business. These companies may provide services such as delivering customer support, processing, collecting payments, and sending Communications on our behalf. These companies may have access to your Personal Information as required to help us run our business.
Incorta may also share your Personal Information:
As a resource to our users, we may provide links to other unaffiliated websites or services within our Services. If you choose to visit such third-party websites or services, please note that any information you submit to them is not subject to this Privacy Policy.
We understand that the security of your Personal Information is essential. We implement reasonable administrative, technical, and physical security controls designed to protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration, or destruction. However, despite our efforts, no security controls are entirely adequate, and we cannot ensure or warrant the security of your Personal Information.
Incorta is committed to putting in place the necessary security measures to guard against unauthorized access to or disclosure of personal information. For data deemed to be sensitive personal data, Incorta offers additional degrees of protection In accordance with applicable laws and generally accepted industry standards:
Your Personal Information and data files are stored on our Systems and Systems of our sub-processors and companies we hire to provide services to us. Below are the security controls and mechanisms that are in place for data to be adequately secured and store data:
*This is not a comprehensive list of our security controls. You may contact infosec@incorta.com for detailed list of controls
Your Personal Information may be stored in the United States or transferred to other countries where the companies we hire to help us run our business are located, such as Egypt. Those countries may not have the same data protection laws as to where you initially provided the information. When we transfer your Personal Information, we will protect it as described in this Global Privacy Policy.
Incorta adheres to the latest EUDPB (European Data Protection Board) statements and amendments related to transfer impact assessments and the Schrems Modules. Personal data related to EU data subjects are hosted on systems located within the European Economic Area.
We take reasonable steps to ensure that the Personal Information we collect is accurate, complete, and current by using the most recent information provided to us. Our websites and Services may allow you to review and edit your Personal Information by accessing your profile or similar feature of the website or Service you are using. For our websites, you may have the ability to manage your cookies and similar technologies through your web browser settings. You should consult the settings and instructions provided by your web browser provider for more information.
You may also submit a request to us to review, edit, or delete your Personal Information by emailing your request to privacy@incorta.com, or if you prefer, you can contact us through physical mail at Incorta, Inc., 2755 Campus Drive #350 San Mateo, CA 94403 (Attn: Privacy Office), or by telephone at (650) 242-1210. Our business hours for telephone contact are 9:00 AM to 5:00 PM PST. Once we verify your identity, we will assist you with your request.
For a faster-automated DSAR (Data Subject Access Rights) Request, you can click here and fill out the form related to Universal data deletion requests unrelated to California and the European Economic Area.
We will retain your Personal Information for as long as necessary to provide you with the websites and Services you use, as needed to comply with our legal obligations or enforce our agreements. For example, we may retain certain records for legal or internal business reasons, such as fraud prevention. Some of your information may also remain on backup systems after using our websites and Services ends.
Opting- Out of Incorta Communications
You may opt out of receiving communications by modifying your website or Service profile or by unsubscribing to the marketing mailings or newsletters you no longer desire. To unsubscribe, please submit your information to privacy@incorta.com, or follow the “Unsubscribe” instructions contained within the mailing, newsletter, or other communication that we send to you. You may also send an email to privacy@incorta.com with “Unsubscribe” in the body and a description of the Communications you no longer desire to receive.
You can further opt-out in our opt-out center here.
The California Consumer Privacy Act (“CCPA”) provides some California residents (“you” or “your”) with the following rights, including the right to (I) request information about the personal information we have collected about you; (ii) request information about our sale or disclosure for business purposes of your personal information to third parties; (iii) opt-out of the sale of your personal information to third parties; and (iv) not be discriminated against for exercising any of these rights.
To exercise your rights under the CCPA, please submit a request via email at privacy@incorta.com or submit this online form here.
We will review any request via email or otherwise. We reserve the right to confirm your request, providing us with personal information already maintained by us. We will not use this additional information for anything other than handling your request. You may designate an authorized agent to request in certain circumstances. We will endeavor to fulfill your request within 45 days of receiving that request. We will inform you of the reason and extension period in writing through email or other methods we may determine if we require additional time.
As a California resident, California Civil Code Section 1798.83 permits you to request once-year information regarding disclosing your personal information to third parties for those third parties direct marketing purposes. To make this request, please submit a request via email to Privacy@incorta.com or fill out this form.
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
By law, you can ask us what information we hold about you, request access to it, and correct it if it is inaccurate. If we process your information for contractual reasons, you can copy the data. If you believe we are not using your information lawfully, you can stop using it. In some circumstances, you may have the right to erase your data.If you wish to exercise your rights related to your data or submit a deletion or a general DSAR (Data Subject Access Rights) request, click on this link or contact us at privacy@incorta.com
In certain circumstances, you have the following data protection rights:
Minors
Children under the age of 13 are not intended to use the online components of our Services, and we do not intentionally collect Personal Information from them online. Please get in touch with us if you believe we have obtained personal data from a kid under the age of 13 through an online service.
We must disclose under certain legal provisions whether we respect “Do Not Track” preferences for targeted advertising in your browser. Since there is currently no industry standard on how to respond to these signals as of the date this privacy policy went into effect, Incorta does not currently do so. Instead, we follow the guidelines outlined in this Global Privacy Policy. Contact us if you have any questions.
Occasionally, at our discretion, we may change or update this Global Privacy Policy to allow us to use or share your Personal Information in a materially different way. For new users, such changes will become effective upon posting, and the changes and updates will become effective 30 days after posting for existing users. We encourage you to periodically review this Global Privacy Policy for the latest information on our privacy practices.
If you have any questions about this Global Privacy Policy, please email us at Privacy@Incorta.com. Or contact us directly at this number, or submit a request through this form.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Contact Information: For questions about a written comment or complaint you submitted to the Public Inquiry Unit, please fill out and submit our online form. Please specify in the “Your Comments” section the specific Public Inquiry Unit record that you are seeking. Or you may mail your request to
Public Inquiry Unit
Office of the Attorney General
P.O. Box 944255
Sacramento, CA 94244-2550
If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint by emailing privacy@incorta.com or submitting this form here. However, you can also contact the Data Protection Commission via their website at dataprotection.ie or write to them at:
Privaon Oy, address Hevosenkenkä 3, 02600 Espoo,
info@privaon.com,
Business ID 2647800-2
Privaon represents Incorta as the DPO and GDPR authority for complaints, resolutions, and risk mitigation; please contact our DPO using the above information for complaints or questions.