1. INTRODUCTION

This Privacy Policy applies to SmartDelphi (www.smartdelphi.com or app.smartdelphi.com or smartdelphi.com). Unless otherwise noted, SmartDelphi services are provided by Onsanity Solutions S.L.

References to "data" in this Privacy Policy will refer to whatever data you use SmartDelphi to collect, it’s all your data! Reference to personal information or just information, means information about you personally that we collect or for which we act as custodian.

If you want to identify your data controller please see the “Who is my data controller” section below.

2. INFORMATION WE COLLECT

2.1 Who are “you”?

We refer to “you” a lot in this Privacy Policy. To better understand what information is most relevant to you, see the following useful definitions.

• Creators: You hold an account and you either directly create questionnaires or you are collaborating on, commenting on, or reviewing questionnaires within an account.

• Respondents: You have received a questionnaire powered by SmartDelphi

2.2 Information we collect about you.

Contact Information (for example an email address)

You might provide us with your contact information, whether through use of SmartDelphi, a form on our website, an interaction with our sales or customer support team, or a response to one of SmartDelphi’s own questionnaire.

Usage information.

We collect usage information about you whenever you interact with our websites. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, what you buy and so on.

Device and browser data.

We collect information from the device and application you use to access SmartDelphi. Device data mainly means your IP address, operating system version, device type, device ID/MAC address, system and performance information, and browser type. If you are on a mobile device we also collect the UUID for that device.

Information from page tags.

We use first party and third party cookies and tracking services that employ cookies and page tags (also known as web beacons) to collect data about visitors to our websites. This data includes usage and user statistics. Emails sent by SmartDelphi or by users through SmartDelphi also include page tags that allow the sender to collect information about who opened those emails and clicked on links in them. We provide more information on cookies below and in our Cookies Policy.

Log Data.

Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system versions, device type and timestamps.

Referral information.

If you arrive at SmartDelphi from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.

If you are a Creator we will also collect:

Registration information.

You need an account before you can use SmartDelphi. When you register for an account, we collect your first and last name, username, password and email address.

Account settings.

You can set various preferences and personal details on pages like your account settings page. For example, your sex and birthday.

Use of SmartDelphi will also result in us collecting the following data on your behalf:

Questionnaire data:

We store your questionnaire data (questions and responses) for you and provide analysis tools for you to use with respect to this data.

Profile information.

When you sign up you are asked to provide us with information about yourself and to give us more detailed insights into who you are.

3. HOW WE USE THE INFORMATION WE COLLECT

3.1 Creator

We process personal data about you either with your consent or in order to pursue SmartDelphi’s legitimate interests of improving service experience and developing new products and service features.

In each of the instances where we describe how we use your data in this privacy policy, we have identified which of these grounds for processing we are relying upon.

You have consented to us using certain types of tracking and third party cookies on our websites. In particular we use:

Cookies and Similar technology.

We or third party data that we work with may use or combine multiple technologies, such as cookies, page tags, mobile identifiers and IP addresses to infer users’ common identities across SmartDelphi and multiple devices such as tablets, browsers, and mobile phones.

We process your personal information in the following categories of data for legitimate interests pursued by us, which are described in detail in this Privacy Policy. We have undertaken to ensure that we place clear limitations on each of these uses so that your privacy is respected and only the information necessary to achieve these legitimate aims is used. Our primary goal is to improve upon and make sure SmartDelphi and messaging are relevant for all our users, while also ensuring that personal information of all users is respected and protected.

Contact Information.

We use contact information to respond to your inquiries and send you information as part of SmartDelphi.

How you use SmartDelphi.

We use information about how you use SmartDelphi to improve SmartDelphi for you and all users.

Device and browser data.

We use device data both to troubleshoot problems with our service and to make improvements to it. We also infer your geographic location based on your IP address.

Log data.

We use log data for many different business purposes to include:

• To monitor abuse and troubleshoot.

• To create new services, features, content or make recommendations.

• To track behavior at the aggregate/anonymous level to identify and understand trends in the various interactions with SmartDelphi.

• To fix bugs and troubleshoot product functionality.

Legal uses.

To respond to legal requests or prevent fraud, we may need to use and disclose information or data we hold about you. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

In relation to Survey Data

Your Data.

We also use survey questions and responses on an aggregated and anonymized basis as described in this Privacy Policy. We will never sell individual response data or identify / contact individual respondents except on your request or where required by law.

3.2 Respondent

We process your personal information in the following categories of data for legitimate interests pursued by us, which are described in detail in this Privacy Policy. We have undertaken to ensure that we place clear limitations on each of these uses so that your privacy is respected and only the information necessary to achieve these legitimate aims is used. Our primary goal is to improve upon and make sure SmartDelphi and messaging are relevant for all our users, while also ensuring that personal information of all users is respected and protected.

Cookies (to include page tags).

We collect information using cookies when you take a survey. These cookies are used to ensure that the full functionality of our survey service is operational, to ensure the survey operates appropriately and optimally. For more information please read our Cookies section below and our Respondent Cookies Policy. After completion of a survey, in most cases, you will be re-directed to our website and treated as a website visitor where other cookies may be used so you should read our Website Visitor section if this is of interest to you.

Contact Information.

We only use contact information to respond to an inquiry which you, as a Respondent, submit to us.

How you use SmartDelphi (applicable to Respondents only).

We use information about how you use SmartDelphi to improve SmartDelphi for you and all users.

We will also use usage information such as the type of survey, form, questionnaire or application that you answered to personalize products we show you on completion of a survey when you are re-directed to our website.

Device and browser data.

We use device data both to troubleshoot problems with our service and to make improvements to it. We also infer your geographic location based on your IP address.

Log data.

We use log data for many different business purposes to include:

• To monitor abuse and troubleshoot.

• To create new services, features, content or make recommendations.

• To track behavior at the aggregate/anonymous level to identify and understand trends in the various interactions with SmartDelphi.

• To fix bugs and troubleshoot product functionality.

Legal uses.

To respond to legal requests or prevent fraud, we may need to disclose any information or data we hold about you. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

Use of questionnaire responses

In general questionnaire responses are controlled and managed by the Creator (the person who sent or deployed that questionnaire). In those instances SmartDelphi is only processing those responses on behalf of the Creator.

Creator and Respondent trust is paramount to everything we do and so when we do use data about Respondents, we put Creators and Respondents first. When we do analysis of response data we only do so once we have ensured the anonymity of individual respondents (by aggregating and anonymizing the data).

Our goal is to improve the user experience across SmartDelphi while maintaining the confidentiality and privacy of responses.

4. INFORMATION YOU SHARE

Some questionnaires let you share information with others. Remember that when you share information publicly, it can be indexable by search engines. SmartDelphi provide you with different options on sharing and deleting your content but we cannot delete content from search engines so you need to be careful about information you make public.

5. INFORMATION WE SHARE

We do not share your information or data with third parties outside SmartDelphi except in the following limited circumstances:

• meet any applicable law, regulation, legal process or enforceable governmental request.

• enforce applicable policies, including investigation of potential violations.

• detect, prevent, or otherwise address fraud, security or technical issues.

• protect against harm to the rights, property or safety of our users, the public or to SmartDelphi and/or as required or permitted by law.

• facilitate a sale, merger or change in control of all or any part of our company or business or in preparation for any of these events.

6. COOKIES

We and our partners use cookies and similar technologies on our websites. For more information see our Cookies Policy.

We use certain cookies, as described in our Cookies Policy and here in our Privacy Policy, that you agree to when you use our sites and, in the case of some cookies, for legitimate interests of delivering and optimizing SmartDelphi (where the cookie delivers essential functionality). Cookies are small bits of data we store on the device you use to access SmartDelphi so we can recognize repeat users. Each cookie expires after a certain period of time, depending on what we use it for. We use cookies and similar technologies for several reasons:

• For security reasons. We use cookies to authenticate your identity and confirm whether you are currently logged into SmartDelphi or determine if an incident impacts you.

• To improve SmartDelphi. We use cookies to measure your usage of our websites and track referral data, as well as to occasionally display different versions of content to you. This information helps us to develop and improve SmartDelphi (it helps us focus on the parts of the service you seem most interested in) and optimize the content we display to you (which may include marketing content).

• Google Analytics. In addition to the above, we have implemented on our websites and other services certain Google Analytics features that support Display Advertising, including re-targeting. Visitors to our websites may opt out of certain types of Google Analytics tracking, customize the Google Display Network ads by using the Google Ad Preferences Manager and learn more about how Google serves ads by viewing its Customer Ads Help Center. If you do not wish to participate in Google Analytics, you may also download the Google Analytics opt-out browser add-on. You can choose to remove or disable cookies via your browser settings.

7. DATA RETENTION

If you hold an account at SmartDelphi we do not delete the data in your account – you are responsible for and control the time periods for which you retain this data. There are controls in your account where you can delete data at the account level (all data in your account) and at the response level. If you are a Respondent, you will need to ask the Creator how long your responses will be stored in SmartDelphi.

We also describe the expiry periods for cookies on our websites in our cookies policy.

8. CHANGES TO OUR PRIVACY POLICY

We can make changes to this Privacy Policy from time to time. We will identify the changes we have made on this page. In circumstances where a change will materially change the way in which we collect or use your personal information or data, we will send a notice of this change to all of our account holders.

9. WHO IS MY DATA CONTROLLER?

As mentioned above – all response data at an individual level is controlled by the Creator. SmartDelphi can be a data controller of data about Respondents only in the very limited ways described in the section here called “How we use the information we collect - Respondent”. To the extent that is the case we have identified the correct controller below.

For Creators or Respondents who are addressed in this privacy policy and who are located outside the United States, your data controller is Onsanity Solutions S.L. to the extent that it is processing your personal data.

10. YOUR RIGHTS

European users have certain legal rights to obtain information about whether we hold personal information about them, to access personal information we hold about them, and to obtain its correction, update, amendment or deletion in appropriate circumstances. Some of these rights may be subject to some exceptions or limitations. We will respond to your request to exercise these rights within a reasonable time (and in all cases within 30 days of receiving a request).

Rights which you are entitled to are:

• Data access rights

• Right to restrict processing

• Right of Rectification

• Right to Erasure (Right to be Forgotten)

• Right to object to processing

• Right to withdraw consent; and

• Data portability rights

SmartDelphi Sub-Processors

If you are a customer located in the European Union, we provide a list of sub-processors who assist SmartDelphi in the provision of the services. In order to obtain this list you must contact us.

11. EXERCISING YOUR RIGHTS

Our Contact Information for Privacy Inquiries:

Onsanity Solutions S.L. C. Tarragona, 10, 5-A. Vilanova i la Geltrú, 08800, Barcelona (Spain). info@onsanity.com