Effective Date: December 2022
If you are a citizen of California, you can read our annex on compliance with the CCPA.
Here are the types of information we gather:
Information you give us: we receive and store any information you provide us when you complete our forms.
Automatic Information: we automatically receive and store certain types of information when you use USERLYTICS™, including your interaction with our website.
For what purposes?
Offering services to our clients: we offer usability and user experience testing services to our clients, as well as other types of market research services.
Improving our services: we may use some of the information to improve our site and our services.
Communicate with you: We may use your personal information to communicate with you about USERLYTICS™.
1. Information we collect
- a) When you create an account as a client or submit a form: we may collect personally identifiable information about you, such as your full name, your phone number, your IP, your email address, and other related information, such as pages visited (with the IP address, location, and time). Userlytics will collect other information about your activities, like email bounces, when you open an email we sent to you, or when you subscribe/unsubscribe from our marketing campaigns.
- b) When you log in with your client account, we may collect information about your browser, operating system, and IP address.
- c) When you submit a test: we may collect information about the test you have created, such as the name of the test, metrics, results, and your test script.
- d) Cookies and Tracking Technologies: we use technologies such as cookies, parameters, and scripts. These technologies are used for different goals, such as affiliate systems, remarketing, retargeting, or analytics studies. These technologies may be used in analyzing trends, administering USERLYTICS™ websites or client websites, tracking users’ movements around the site, knowing where a visitor comes from, and gathering demographic information about our user base as a whole.
- e) This website uses Google Analytics, an analytics tool by Google Inc, to track user activity, page content, time on page, tree maps, and other related data.
- f) This site uses Hotjar, an analytics tool, to track user behavior, like clicks, scroll usage, and screenshot and recordings of the browser screen activities.
2. Why we collect the information
We use the information we collect to operate and maintain our professional services. We may also use the information in order to contact you, send marketing campaigns or materials, inform you about new features or capabilities, send you newsletters, or answer your questions about our platform or your account. Notwithstanding anything to the contrary in this Agreement, Userlytics may use Client Data for the purposes of: (i) providing the Userlytics Platform and the Services to Client and its Customers; (ii) for Userlytics internal research and development purposes to improve our services; and (iii) enforcing its rights under this Agreement.
3. How we share your information
- a) Personally Identifiable Information: We may store personal information in locations outside the direct control of USERLYTICS™ (for instance, on servers or databases co-located with hosting providers). USERLYTICS™ may share information that identifies you personally ONLY in the following circumstances:
- 1) Such information is being featured on any of the USERLYTICS™ public pages as testimonials or case studies. USERLYTICS™ will not publish this information without prior permission from you.
- 2) USERLYTICS™ or any relevant business unit is or may be acquired by a third party;
- 3) USERLYTICS™ is under a duty to disclose or share your personal data in order to comply with any valid legal process, such as subpoenas, search warrants and court orders, or other valid law enforcement obligations, or to protect itself or others, or establish or exercise its legal rights or defend against legal claims.
- 5) In the event that you join one of our webinars, we may share the list of attendees with our training partners.
- b) Non-Personally Identifiable Information: we may share information ONLY in the following circumstances:
- 1) USERLYTICS™ may extract statistics and other non-personally identifiable information from the tests and reports you have created, and/or pass them on to third parties for marketing or other purposes.
- 2) USERLYTICS™ or any relevant business unit is or may be acquired by a third party;
- 3) USERLYTICS™ is under a duty to disclose or share this kind of data in order to comply with any valid legal process, such as subpoenas, search warrants and court orders, or other valid law enforcement obligations, or to protect itself or others, or establish or exercise its legal rights or defend against legal claims.
4. Data transfers to third parties
Third-Party Agents or Service Providers
We may transfer Personal Data to third-party agents or service providers who perform functions on our behalf. We enter into written agreements with those third-party agents and service and providers require them to provide the same level of protection that the GDPR requires and limit their use of the data to the specified services provided on our behalf.
We take reasonable and appropriate steps to ensure that third-party agents and service providers process Personal Data in accordance with our data privacy obligations and to stop and remediate any unauthorized processing. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf for their handling of Personal Data that we transfer to them.
Disclosures for National Security or Law Enforcement
Under certain circumstances, we may be required to disclose your Personal Data in response to valid requests by public authorities, which include national security or law enforcement requirements.
5. Storage and processing
Your information collected through the USERLYTICS™ Service may be stored and processed in the United States or Europe. We use SCC agreements with our clients and suppliers so as to keep in full compliance with the GDPR.
Your data will only be transferred within the EU or the US (and ONLY to 3rd parties that have signed a DPA contract with us guaranteeing the same protection level) or to you in your country. Therefore, your data will NEVER be transferred to third countries other than to you that do not have the same level of protection as defined by the GDPR.
Userlytics is also registered with the ICO of the United Kingdom, and our registration reference is: ZA465454
6. How long do we keep your personal information?
We keep your personal information to enable your continued use of USERLYTICS™ for as long as required in order to fulfill the relevant purposes described in this Privacy Notice.
We remove your account information 45 days from the date of your request. Otherwise, in the case of Annual Enterprise Plans, the data will be automatically removed after 1 year and 45 days have transpired without an active subscription.
7. How we protect your information
All information you provide to USERLYTICS™ is stored on secure servers. Any payment transactions will be encrypted using SSL technology. You are responsible for maintaining the confidentiality of any usernames or passwords associated with any account that you use to provide the testing services and for monitoring all activity under your account.
You may not disclose or share your username or password with any third parties or use them for any unauthorized purpose. You shall be deemed responsible, and you agree to assume full responsibility for all activities, acts, or omissions of anyone that occur under your account.
Unfortunately, the transmission of information via the internet is not completely secure. Although USERLYTICS™ will use commercially reasonable efforts to protect your personal data, it cannot guarantee the security of your data transmitted over the Internet. Any transmission is at your own risk. Once USERLYTICS™ has received your information, it will use commercially reasonable procedures and security features to try to prevent unauthorized access.
8. General data protection regulation (GDPR)
USERLYTICS™ complies with the European Union’s Standard Contractual Clauses (SCCs) in regard to the transfer of personal data from the EU to the United States. USERLYTICS™ has implemented the appropriate safeguards to ensure compliance with domestic and international data protection laws.
- As mentioned, Userlytics is also registered with the ICO of the United Kingdom, and our registration reference is: ZA465454
- USERLYTICS implements the GDPR Principles, guaranteeing Data Subjects: (i) the right to be informed; (ii) the right of access; (iii) the right of rectification; (iv) the right of erasure; (v) the right to restrict processing; (vi) the right of data portability; (vii) the right to object; and (viii) the rights related to automated decision making and profiling.
- Userlytics represents that it is self-certified to the EU-U.S. and Swiss-U.S Privacy Shield Framework and agrees, with respect to the relevant transfer or Data processing, that it shall comply with the Privacy Shield Principles when handling any such data.
- Userlytics adheres to Insights Association as our Independent Recourse Mechanism. In compliance with the Privacy Shield Principles, Userlytics Corporation commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Userlytics at: DPO@Userlytics.com for any questions or concerns.
- Userlytics has further committed to refer unresolved Privacy Shield complaints to the Insights Association, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.insightsassociation.org/Resources/Privacy-Shield/Information-for-EU-Swiss-Citizens-to-file-a-complaint for more information or to file a complaint. The services of the Insights Association are provided at no cost to you.
- With respect to Personal Data received or transferred pursuant to the Privacy Shield framework, USERLYTICS™ is also subject to the regulatory enforcement powers of the U.S. Federal Trade Commission and/or the U.S. Department of Commerce.
To learn more about the European Union’s GDPR, please visit https://gdpr-info.eu/.
9. Compromise of personal information
In the event that personal information is compromised as a breach of security, USERLYTICS™ will promptly notify our affected clients in compliance with applicable law.
10. Data access, correction, deletion, and opt-out
You can review all the information we collected from you by contacting us directly at firstname.lastname@example.org.
You can correct or update all the information we collected from you by contacting us directly at email@example.com. You can also update some of the information in your profile dashboard.
You can request to stop receiving emails or direct communications from Userlytics by clicking on the unsubscribe link on your email and following the indicated steps or by contacting us directly at firstname.lastname@example.org.
You can request to remove all of your personal information by contacting us directly at email@example.com or by indicating said intent in your profile dashboard. However, we will retain your information for as long as your account is active or as needed to provide our services and when this information is necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
For Annual Enterprise A clients, your data will remain in your account for up to 365 days after you decide you will not renew your account with Userlytics. In other words, the data will be deleted 365 days after your non-renewal date.
For Ad-Hoc Custom Project clients, your data will remain in your account for up to 365 days after purchasing a set of Custom Project Ad-Hoc credits. In other words, the data will be deleted 365 days after your last purchase.
For DIY/Quick & Easy clients, your data will remain in your account for up to 365 days after purchasing a set of DIY credits. In other words, the data will be deleted 365 days after your last purchase”.
Userlytics will also actively reach out to clients 1 & 2 months before data will be removed as a reminder that we will be removing their data soon. We will not remove data without a prior warning to our old clients.
In summary, you have the right to request access to, correct, and delete your personal data, in relation to data that is not being provided to a Client, such as audiovisual recordings and other test data related to tests and projects you may have participated in, which shall be retained for at least one year from the date of the finalization of the contractual agreement we have with the applicable client of USERLYTICS™. You may also object to our processing of your personal data or ask that we restrict the processing of your personal data in certain instances. If you wish to do any of these things, please contact us at firstname.lastname@example.org.
11. Children’s privacy
Protecting the privacy of young children is especially important. For that reason, USERLYTICS™ does not knowingly collect or solicit personal information from anyone under the age of 16 without parental consent. In the event that we learn that we have collected personal information from a child under age 16 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 16, please contact us at email@example.com.
12. Links to other websites
You acknowledge, understand, and agree that USERLYTICS™ does not have control over any third party website or software or software prototype for which you provide testing services or for which the Website may link to. USERLYTICS™ will not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of, or reliance on, any such content, products, or services available on such other websites or software or software prototype.
13. Social media widgets:
Our Site includes social media features, such as the Twitter link and other widgets, that run on our Site. These features may collect your IP address and which page you are visiting on our Site and may set a cookie to enable the feature to function correctly.
If you have any questions about this Privacy, please contact us here.
Data Controller Information:
Company name: Userlytics Corporation
Address: 1200 Brickell Avenue, Suite 1950 Miami, Florida (USA)
Phone Number: +1 888-809-0047
Contact email: firstname.lastname@example.org
The Data Protection Officer for Userlytics can be contacted here.
Additional questions about our
Analytics tells you what,
Userlytics tells you WHY.