Dated: November 22, 2021
2. PROCESSING ACTIVITIES COVERED
Our Services may contain links to other websites, applications, and services maintained by third parties. The information practices of other services or social media platforms that host our branded social media pages, are governed by their privacy statements, which you should review to better understand their privacy practices.
3. COLLECTION OF INFORMATION
3.1 Personal Data We Collect Directly From You
The Personal Data we collect directly from you includes identifiers, professional or employment-related information, commercial information, visual information, mobile and internet activity information. We collect such information in the following situations:
If you believe that your Personal Data has been provided to us improperly, or want to exercise your rights relating to your Personal Data, please contact us by using the information in the “Contact Us” section below.
3.2 Personal Data We Collect From Other Sources
We also collect information about you from other sources including third parties from whom we may license Personal Data and from publicly available information. We may combine this information with Personal Data provided by you. This helps us update, expand, and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. The Personal Data we collect from other sources includes identifiers, professional or employment-related information, education information, commercial information, visual information, internet activity information, and inferences about preferences and behaviors. For example, we may collect such Personal Data from the following sources:
4. PROCESSING OF DEVICE AND USAGE DATA
We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our Services, our Services, or interact with our advertisements or emails we have sent to you.
4.1 Device and Usage Data
We gather certain information automatically when individual users visit our Services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider and/or mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the Services. This information is used to analyze overall trends, help us provide and improve our Services, offer a tailored experience for Website users, and secure and maintain our Services.
In addition, we gather certain information automatically as part of your use of our Services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system and system configuration information and date and time stamps associated with your usage. This information is used to maintain the security of the Services, to provide necessary functionality, to improve performance of the Services, to assess and improve customer and user experience of the Services, to review compliance with applicable usage terms, to identify future opportunities for development of the Services, to assess capacity requirements, to identify customer opportunities, and for the security of Archipelago generally (in addition to the security of our products and Services). Some of the device and usage data collected by the Services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that such device and usage data is generally used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the Services to our customers.
4.2 Cookies and Online Analytics
We use a variety of online tracking and analytics tools (e.g., cookies, pixel tags, and web beacons ) to collect and analyze information as you use our Services.
When you visit our Services, we, or an authorized third party, may place a cookie on your device that collects information, including Personal Data, about your online activities over time and across different sites. Cookies allow us to track use, infer browsing preferences, and improve and customize your browsing experience.
We may also use third-party web analytics services (e.g. Google Analytics, Mixpanel, Hubspot, Outreach.io, Segment, etc.) to track and analyze usage information to provide enhanced interactions and more relevant communications, and to track the performance of our advertisements. You can learn about Google’s privacy practices by going to www.google.com/policies/privacy/partners/.
The types of tracking and analytics tools we and our service providers use for these purposes include, for example:
4.3 Notices on Behavioral Advertising and Opt-Out for Website Visitors
To learn how to manage privacy and storage settings for Flash cookies, click here. Various browsers may also offer their own management tools for removing certain types of local storage.
4.4 Opt-Out From the Setting of Cookies on Your Individual Browser
In many cases you may opt-out from the collection of non-essential device and usage data on your web browser by managing your cookies at the browser or device level. In addition, if you wish to opt-out of interest-based advertising, click here (or, if located in the European Union, click here). Please note, however, that by blocking or deleting cookies and similar technologies used on our Services, you may not be able to take full advantage of the Services.
Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not currently recognize or respond to browser-initiated DNT signals. Learn more about Do Not Track.
5. PURPOSES FOR WHICH WE PROCESS PERSONAL DATA
We collect and process your Personal Data for the following purposes. Where required by law, we obtain your consent to use and process your Personal Data for these purposes. Otherwise, we rely on other authorized legal bases, including but not limited to the (a) performance of a contract or (b) legitimate interest in collecting and processing your Personal Data.
If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.
6. SHARING OF PERSONAL DATA
We may share your Personal Data as follows:
We may also share anonymous or de-identified usage data with Archipelago’s service providers for the purpose of helping Archipelago in such analysis and improvements. Additionally, Archipelago may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our Services.
Anyone using our communities, forums, blogs, or chat rooms on our Services may read any Personal Data or other information you choose to submit and post.
7. INTERNATIONAL TRANSFER OF PERSONAL DATA
We may transfer information that we collect about you to third party processors across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that you are transferring information to a country and jurisdiction that does not have the same data protection laws as your jurisdiction. As required by applicable law, we will take reasonable and appropriate steps to ensure that any third party who is acting as a “data processor” under applicable EU and Swiss terminology is processing the personal data we entrust to them in a manner consistent with applicable law, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR). Where required by applicable law, we will only share, transfer or store your Personal Data outside of your jurisdiction with your prior consent.
Our Services are not directed at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us by using the information in the “Contact Us” section below and we will take steps to delete their Personal Data from our systems.
9. RETENTION OF PERSONAL DATA
We may retain your Personal Data for a period of time consistent with the original purpose of collection (see the “Purposes for which we process Personal Data” section, above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).
After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.
10. YOUR RIGHTS RELATING TO YOUR PERSONAL DATA
10.1 Your Rights
You may have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws these rights may include the right to:
10.2 How to Exercise Your Rights
To exercise your rights, please contact us by using the information in the “Contact Us” section, below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of an Archipelago customer, we recommend you contact your employer’s system administrator for assistance in correcting or updating your information.
Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.
10.3 Your Rights Relating to Customer Data
11. HOW WE SECURE YOUR PERSONAL DATA
We take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Data we process or use.
While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of Services after your sessions. If you have any questions about the security of our Services, please contact us by using the information in the “Contact Us” section, below.
12. YOUR PREFERENCE FOR EMAIL AND SMS MARKETING COMMUNICATIONS
From time to time we may contact you with information about our Services, including sending you marketing messages and asking for your feedback on our Services. You may manage your receipt of marketing and non-transactional communications from us by clicking on the “unsubscribe” link located on the bottom of Archipelago marketing emails, by replying or texting ‘STOP’ if you receive Archipelago SMS communications, or by contacting firstname.lastname@example.org.
Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information.
13. YOUR PREFERENCE FOR TELEMARKETING COMMUNICATIONS
If you want your phone number to be added to our internal Do-Not-Call telemarketing register, please contact us by using the information in the “Contact Us” section below. Please include your first name, last name, company and the phone number you wish to add to our Do-Not-Call register. Alternatively, you can always let us know during a telemarketing call that you do not want to be called again for marketing purposes.
14. LINKS TO OTHER WEBSITES AND SERVICES
The Service may contain links to and from third party websites of our business partners, advertisers, and social media sites and our users may post links to third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability resulting from you following a link to these websites. Additionally, other privacy policies may apply when you engage with us through a co-branded or co-sponsored promotional or marketing activity. We strongly recommend that you read the privacy policies and terms and conditions of use of any third party website or service to understand how your information will be collected, used and shared. We are not responsible for the privacy practices or the content on the websites of third-party sites.
16. CONTACT US