Effective Date: February 7, 2016

WHO WE ARE AND WHAT THIS IS

Demyst Data Limited and its affiliated companies (together, “Demyst Data” or “we” and sometimes “us”) is the producer and owner of the Demyst Data software and libraries (collectively referred to here as the/our “Software” or the/our “Services”), a toolkit that allows organizations to unlock financial services through the use of better data, smarter decisions and best in class infrastructure.

We take the private nature of your (and your customers’) Personally Identifiable Information (defined below) very seriously, and are committed to protecting it. To do that, we’ve set up procedures to ensure that such information is handled responsibly and in accordance with applicable data protection and privacy laws. Your trust is paramount to us, and we act accordingly.

This Privacy Policy describes what information we collect when you use our Software, how we use that information, and what choices we offer you to access, update, and control it.

SCOPE OF PRIVACY POLICY

This Privacy Policy is incorporated into our Terms & Conditions and applies to the information obtained by us through your use of our Software. Capitalized terms used in this Privacy Policy not otherwise defined shall have the meanings ascribed to them in the Terms & Conditions.

WILL THIS PRIVACY POLICY CHANGE

As we evolve, we may need to update this Privacy Policy to align with changes in the Software and/or Service, our business and laws applicable to us and you; we will, however, always maintain our commitment to respect your privacy. We will post any revisions to this Privacy Policy, along with their effective date, in an easy to find area of our website, so we recommend that you periodically check back here to stay informed of any changes. We will ask your consent to such changes if required by applicable law; in other cases, please note that your continued use of the Software and/or Services after any change means that you agree with, and consent to be bound by, the updated Privacy Policy. If you disagree with this Privacy Policy and/or do not wish your information to be subject to any revised Privacy Policy, please email us at legal@demystdata.com and stop using the Software and Services.

WHAT TYPE OF INFORMATION IS COVERED BY THIS PRIVACY POLICY

“Personally Identifiable Information” is any information that we could use to identify an individual, including, for example, their name, address, geographic location of their computer or mobile device, telephone number, credit card number, email address and bank account information. It does not include Personally Identifiable Information that is encoded or anonymized (such as through encryption or hashing), or publicly available information that has not been combined with non-public information.

“Sensitive Personally Identifiable Information” is information that meets the “Personally Identifiable Information” criteria outlined above and also (i) reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or (ii) concerns health or sex life, information about Social Security benefits, or information on criminal or administrative proceedings other than in the context of pending legal proceedings. We will never ask you to share sensitive Personally Identifiable Information with us, but if it is shared with us, this Privacy Policy applies.

IF YOU’RE OUTSIDE OF THE UNITED STATES

If you are outside the United States, any Personally Identifiable Information you enter into the Software or otherwise share with us may be transferred out of your country and into the United States, and possibly to other countries (unless expressly otherwise agreed to in writing by you and us). By using the Services, you consent to such transfer and are representing that you and we have the right to transfer such information outside your country.

IF YOU’RE IN THE EUROPEAN ECONOMIC AREA (EEA)

Demyst Data complies with the EU Data Protection Directive (Directive 95/46/EC) on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Demyst Data makes our Model Clause Addendum available to all customers looking to or currently transferring personal data out of the EEA, so that they may transfer personal data outside of the EEA, including to the US, in compliance with EU law. Please contact legal@demystdata.com for more information.

A NOTE ABOUT CHILDREN

We do not collect any Personally Identifiable Information from children under the age of 13. If you know or believe that such information has been provided to us without the consent of the child’s parent or guardian, please contact us at legal@demystdata.com. If we become aware that we have collected Personally Identifiable Information about a child under the age of 13, we’ll delete it.

HOW WE COLLECT INFORMATION

We collect information in three different ways: Information we get from and in connection with your use of our Software and/or Services, information you provide to us directly, and information we receive about you from third parties.

Personally Identifiable Information You Provide To Us.

We collect Personally Identifiable Information from you when you register to use the Software and Services. If you provide us feedback or contact us regarding your use of the Software and/or Services, we will collect your name and email address, as well as other content included in the email, in order to address your outreach and send you a reply. In connection with your use of our Software and Services, you may also opt to share private customer information, including Personally Identifiable Information, with us, and we will retain this information on your behalf.

Personally Identifiable Information Collected By Third Parties.

We may also collect information about you and/or your customers from companies that provide services in connection with our Software and Services, including but not limited to third-party verification services, credit bureaus, mailing list providers, and publicly available sources. Such companies may supply us with Personally Identifiable Information such as an individual’s name and email, mailing address, or phone number. We may add this information to the information we already have collected from you via our Software in order to perform and improve our Services.

This Privacy Policy applies only to the use and disclosure of Personally Identifiable Information that we collect while you use the Demyst Data Software and/or Services. It does not apply to the practices of companies that we don’t own or control, or employees that we don’t manage. Information provided to us through the Software and Services may be shared with certain third party vendors, unless expressly otherwise agreed to by you and us, and any information you provide to us to be shared with those vendors will be governed by any privacy policies they may have (which may differ from ours). We will share such privacy policies, as applicable, upon request. We are not liable in the event of wrongful use of your information by third parties, as it is their responsibility to protect information about you provided to them.

Personally Identifiable Information Collected Via Technology.

When you visit our website, and use our Software, our goal is to make the experience simple and useful. To that end, we use industry standard identifiers, such as cookies, to track information about your use of the website. A cookie is a small piece of data that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. As you navigate through and interact with our website, we may automatically collect certain information about your equipment, browsing actions and patterns using common internet technologies. This may include details of your visits to our website, including information about your connectivity, such as your IP address and browser information, location data, logs and other communication data, and the resources that you access and use on the website. The information we collect automatically helps us to improve our website and to deliver better and more personalized content and services enabling us to estimate our audience size and usage patterns and recognize when you return to our website.

Most web browsers automatically accept cookies, but, if you prefer, you can change your browser settings to prevent that or to notify you each time a cookie is set. Please note however that by blocking or deleting cookies, you may not be able to take full advantage of our website or Software.

HOW WE USE INFORMATION WE COLLECT

Notice. Notice is about telling you how we use your Personally Identifiable Information when we collect it.

Notice will be provided in clear and conspicuous language when you are first asked to provide us with Personally Identifiable Information, or as soon as practicable thereafter, and we’ll notify you before we use the information for something other than the purpose for which it was originally collected. If anything in this Privacy Policy seems unclear, please contact us at legal@demystdata.com, so we can address your question and possibly clarify this document.

Here are some of the ways we may use Personally Identifiable Information you provide us:

  • To allow you to register for and use our Software and Services;
  • To communicate with you about our products, services and related issues;
  • To evaluate the quality of our products and services;
  • To enhance your experience on our website;
  • To transfer information to others as described in this Privacy Policy or to satisfy our legal, regulatory, compliance, or auditing policies and requirements;
  • To charge you any fees and provide you with a receipt or resolve billing issues associated with your account;
  • In the case of accounts created using business email domains, to provide your contact information to an administrator of the business email domain to facilitate the provision of additional products and/or services.

Choice. Choice is all about making sure you have the ability to control how we use your Personally Identifiable Information, and when and with whom we can share it.

We won’t share your Personally Identifiable Information with third parties (other than vendors or contractors who process such information pursuant to our agreement with you and at our discretion) unless we are required to do so by law, or if we believe in good faith that disclosure is reasonably necessary to protect our property, rights or those of third parties or the public at large.

It is possible that we may, on occasion, buy or sell assets from or to other companies. If that should occur, user information is likely to be one of the assets transferred and we reserve our right to do so.

Similarly, if we or most of our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, user information could be transferred or acquired. You should be aware that such events can occur, and that if it does, the buyer may continue to use your personal and non-Personally Identifiable Information, but only as set forth in this Privacy Policy.

Other than in these rare circumstances, we will not rent or sell Personally Identifiable Information to anyone.

If you are a registered user of our Software and Services and have supplied your email address, we may occasionally send you an email to tell you about new features, solicit your feedback, or keep you up to date with other developments at Demyst Data. We expect to keep this type of communication to a minimum. If we do send you information that you did not expressly request, we will provide you with a way to request that you don’t get any similar notices.

Onward Transfer. Onward transfer refers to us sharing your Personally Identifiable Information with third party vendors or contractors.

Prior to providing third parties with any Personally Identifiable Information, we obtain assurances that they will safeguard it in accordance with our privacy standards. Examples of assurances that may be provided include a commitment that they will handle the information in accordance with this Privacy Policy, or will provide the same level of protection, as required by the EU Directive 95/46/EC.

In the unlikely event that we should discover that a third party is using Personally Identifiable Information in a way that conflicts with this Privacy Policy, we will take all reasonable steps to stop it immediately.

Security and Data Integrity. Security of your Personally Identifiable Information is a cornerstone of our business and we are the utmost dedicated to defending that information from unauthorized access, use, disclosure, disruption, modification, or destruction. In addition to assuring you that we will protect your Personally Identifiable Information, we also take reasonable precautions to make sure that any such information in our possession is reliable for its intended use, accurate, complete and up-to-date.

All records containing Personally Identifiable Information are afforded confidential treatment at all times. All such electronic information is stored on restricted database servers, and is generally kept until such time as you may ask us to edit or delete it, as described below. We only disclose such information to our employees, contractors or affiliates that (i) need to know that information in order to process it for us or to provide our Software or Services, and (ii) have agreed in writing to afford it the requisite confidential treatment. We have a separate policy for the purpose of explicitly outlining our commitment to information security. For more information, please email legal@demystdata.com for a copy of our Information Security Policy.

Access. We do not store and retain personally identifiable information to which we might have access during your use of the Software or Services within a contributory database without your explicit written consent; instead, any Personally Identifiable Information that we collect typically resides on servers maintained with our hosting provider, Amazon Web Services (“AWS”) unless otherwise agreed to by you and us. Any Personally Identifiable Information hosted in our cloud solution is segregated on a client-by-client basis, and encrypted at rest. We retain such information with AWS as long as your account with us is active, but will comply with all reasonable instructions from you to correct, amend or delete your information, or to provide you access to your information. Please note that some information may remain in our records even after you request deletion of your information as permitted by applicable privacy laws and any separate contractual agreements in place between you and us. Additionally, there may be limits to the amount of information we can practically provide. For example, we may limit an individual’s access to Personally Identifiable Information where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy or where doing so would violate others’ rights.

Enforcement. We will conduct internal audits of our compliance with this Privacy Policy, including an annual self-assessment. Our employees take your privacy as seriously as we do, and we will take all reasonable measures against any employee found to be in violation of this policy.

Questions? If you have any concerns or complaints about how you think we’ve handled your Personally Identifiable Information, please contact legal@demystdata.com or our legal department at the address below. We will work hard to investigate and resolve any complaints.

HOW TO CONTACT US

If you have any questions about this Privacy Policy or our website in general, please contact us at legal@demystdata.com

Written Inquiries can be sent to:
Demyst Data Ltd.
Legal Department
28 West 25th Street, Level 9
New York, NY 10010
USA

EMPLOYEES’ & PROSPECTIVE EMPLOYEES’ INFORMATION

This section covers any ways in which Personally Identifiable Information we collect from employees or applicants might be treated differently than user information. If you are not an employee or interested in applying for a job with DemystData, no need to read on. Then again, who wouldn’t want to work with an amazingly talented team dedicated to unlocking the next tier of financial services for customers by leveraging the world’s best data and most innovative tools at the intersection of big data, technology and banking. Want to know more? Check out our careers page. And if you do, be sure to review the following non-exclusive list of ways that we may use information provided to us by employees or applicants:

  • Responding to inquiries in connection with prospective employment at Demyst Data, and processing employment applications;
  • Carrying out human resources functions like training, career / succession planning, administering contracts, evaluating employees, and providing benefits;
  • Enabling DemystData and its employees to contact each other by telephone, fax, e-mail, or “snail mail”;
  • Administering compensation, bonus and other employment needs;
  • Arranging employees’ travel plans;
  • Maintaining building security and employee health and safety;
  • Running internal administrative analytics, such as staffing, headcount and statistics initiatives;
  • Complying with our legal obligations, policies and procedures;
  • Transferring Personally Identifiable Information to others as required by our legal, regulatory, compliance and auditing needs.