Privacy Policy
Your privacy is our concern, and we are serious about it.
This Privacy Policy explains what type of information D-TAG Analytics may collect, hold and process in connection with provision of any D-TAG Analytics' products, services, content, applications, or websites (referred to collectively as the "Services"), and how that information is used and protected. It also sets out how you can contact us if you have any queries or concerns regarding your personal data.
We reserve the right to make changes to this Privacy Policy at any time. Please check the Privacy Policy periodically for changes, although, if you are our customer, we may also notify you via email of any changes that, in our sole discretion, materially impact your use of the Services or the way we process your personal data. Your continued use of our Services covered by this Privacy Policy will signify your acceptance of any and all changes to this Privacy Policy made by us from time to time.
This Privacy Policy is issued by D-TAG Analytics Inc., with its registered office at Kálvária u. 36., 7625 Pécs, Hungary, tax registration No. 27295869202, company ID No. 02 10 060461, registered in the Companies Register maintained by the Court of Registration of the Pécs General Court (hereinafter: "D-TAG Analytics" or "we").
We reserve the right to make changes to this Privacy Policy at any time. Please check the Privacy Policy periodically for changes, although, if you are our customer, we may also notify you via email of any changes that, in our sole discretion, materially impact your use of the Services or the way we process your personal data. Your continued use of our Services covered by this Privacy Policy will signify your acceptance of any and all changes to this Privacy Policy made by us from time to time.
This Privacy Policy is issued by D-TAG Analytics Inc., with its registered office at Kálvária u. 36., 7625 Pécs, Hungary, tax registration No. 27295869202, company ID No. 02 10 060461, registered in the Companies Register maintained by the Court of Registration of the Pécs General Court (hereinafter: "D-TAG Analytics" or "we").
1. About D-TAG Analytics
D-TAG Analytics is a provider of Software as a Service (SaaS) AI-Powered solution for social media analytics and hybrid data intelligence. For more information about D-TAG Analytics, please visit the "About" page of our website at https://d-tag.com/about.
2. Data we collect or receive
We collect personal data from our customers and users of the Services (which includes employees of our corporate or institutional customers) for our own purposes, such as to provide and administer the Services. We are the data controller in respect of this personal data.
In order to provide our Services, we analyse user profiles and other information that we receive directly from the social media platforms such as Facebook, Twitter, LinkedIn and other data providers, via these platforms’ APIs. Such data include both non-personal data such as various statistics and metrics and personal data of the platforms’ users. Where we source the data directly from the relevant platforms, via these platforms’ public APIs, we determine the purpose of processing, which is developing and constantly enhancing our Services and offering them to our customers on a world-wide basis, via our web platform. In such cases, we are the data controller with respect to such data.
We also process personal data on behalf of our customers as a data processor; this is when the provision of certain Service or specific feature requires that our customers give us a permission (such as, for example, an access token or other administrative permission), within the Service, to access and manage any information that our customers monitor or collect from social media sites; this may include information that is not publicly available. When we access customer’s data with respect to which the customers are the data controllers, we act in accordance with the instructions of our customers (which they give us through the Services) as their data processor. We always keep personal data that we process on behalf of our customers and pursuant to their instructions separate from our other customers’ data and keep them strictly confidential.
2.1 Data of customers and users of our Services
We collect your personal data when:
• You register or use registration for our Services, by contracting form and giving the users’ data (email addresses to the accounts);
• You register or use registration for our Services, by completing a web registration form;
• You log to our Service, either by entering your username (email) and password, or using a social login such as Facebook Login or Sign In with Twitter, or by any other similar authentication means that we may make available to you;
• You otherwise voluntarily provide such data, e.g. by filling out and submitting any forms made available to you through D-TAG Analytics’ website or the Services or through websites or services of our business partners.
When you create an account with D-TAG Analytics, we will ask you to complete a registration form indicating your first name, surname, email. You can also choose to add any photo to your account.
You can log in to the Services with your username. In such case, you provide to us your username (email) and password. The password is hashed and D-TAG Analytics does not see it.
If you log in to our Services using your social network account, we receive basic personal details from your social network profile. The scope of details we receive depends on your social network account privacy settings and on your settings when logging into our Services; they might include your social network ID, public profile information (such as name, profile picture, gender, age range, or country) and e-mail address. We may also receive additional information from your profile if you give us permission to access it. If you wish to change the scope of your social network profile information that we receive upon your registration, you should review the privacy policy or other guidance available on your social network’s website and change your privacy settings.
For purposes of analysis and improvement of our Services, our servers may automatically record information when you visit our website or use some of our Services, including:
• URL;
• IP address;
• Browser type and language; and
• Date and time of your request or action, including your actions within the Services such as history of how you use our Services.
If our Services are purchased by an entity, it is the individual users within such entity’s organization who log into our Services platform and whose personal data are collected, as described above. Where such entity provides us directly with any personal data of its employees or other individual users that it authorized to access the Services, it must have all necessary consents, permissions or registrations to process and to provide to us its employees’ or users’ personal data.
2.2 Social network user data
The type and scope of personal data obtained from social media platforms depends on the type of the APIs and permissions set out by the respective platforms, and on the administrative permissions granted to us by our customers, where applicable.
Below are the most typical examples of data collected about social media platform users:
• Basic user profile information (such as the username, user photo);User generated content (such as posts, comments, pages, profiles, images or feeds) including its metadata (such as time and location of a post or comment);
• Contact details (such as name, email address, telephone number) if made public by the user;
• Additional individual information (such as age, gender, employer, profession, geographic location, education information, financial status, habits, and preferences) published by the user.
We only process data that the social network users made available to general public, pursuant to the relevant platforms’ terms, and that are generally accessible via the social network APIs, or data that our customers grant us permission to access.
In order to provide our Services, we analyse user profiles and other information that we receive directly from the social media platforms such as Facebook, Twitter, LinkedIn and other data providers, via these platforms’ APIs. Such data include both non-personal data such as various statistics and metrics and personal data of the platforms’ users. Where we source the data directly from the relevant platforms, via these platforms’ public APIs, we determine the purpose of processing, which is developing and constantly enhancing our Services and offering them to our customers on a world-wide basis, via our web platform. In such cases, we are the data controller with respect to such data.
We also process personal data on behalf of our customers as a data processor; this is when the provision of certain Service or specific feature requires that our customers give us a permission (such as, for example, an access token or other administrative permission), within the Service, to access and manage any information that our customers monitor or collect from social media sites; this may include information that is not publicly available. When we access customer’s data with respect to which the customers are the data controllers, we act in accordance with the instructions of our customers (which they give us through the Services) as their data processor. We always keep personal data that we process on behalf of our customers and pursuant to their instructions separate from our other customers’ data and keep them strictly confidential.
2.1 Data of customers and users of our Services
We collect your personal data when:
• You register or use registration for our Services, by contracting form and giving the users’ data (email addresses to the accounts);
• You register or use registration for our Services, by completing a web registration form;
• You log to our Service, either by entering your username (email) and password, or using a social login such as Facebook Login or Sign In with Twitter, or by any other similar authentication means that we may make available to you;
• You otherwise voluntarily provide such data, e.g. by filling out and submitting any forms made available to you through D-TAG Analytics’ website or the Services or through websites or services of our business partners.
When you create an account with D-TAG Analytics, we will ask you to complete a registration form indicating your first name, surname, email. You can also choose to add any photo to your account.
You can log in to the Services with your username. In such case, you provide to us your username (email) and password. The password is hashed and D-TAG Analytics does not see it.
If you log in to our Services using your social network account, we receive basic personal details from your social network profile. The scope of details we receive depends on your social network account privacy settings and on your settings when logging into our Services; they might include your social network ID, public profile information (such as name, profile picture, gender, age range, or country) and e-mail address. We may also receive additional information from your profile if you give us permission to access it. If you wish to change the scope of your social network profile information that we receive upon your registration, you should review the privacy policy or other guidance available on your social network’s website and change your privacy settings.
For purposes of analysis and improvement of our Services, our servers may automatically record information when you visit our website or use some of our Services, including:
• URL;
• IP address;
• Browser type and language; and
• Date and time of your request or action, including your actions within the Services such as history of how you use our Services.
If our Services are purchased by an entity, it is the individual users within such entity’s organization who log into our Services platform and whose personal data are collected, as described above. Where such entity provides us directly with any personal data of its employees or other individual users that it authorized to access the Services, it must have all necessary consents, permissions or registrations to process and to provide to us its employees’ or users’ personal data.
2.2 Social network user data
The type and scope of personal data obtained from social media platforms depends on the type of the APIs and permissions set out by the respective platforms, and on the administrative permissions granted to us by our customers, where applicable.
Below are the most typical examples of data collected about social media platform users:
• Basic user profile information (such as the username, user photo);User generated content (such as posts, comments, pages, profiles, images or feeds) including its metadata (such as time and location of a post or comment);
• Contact details (such as name, email address, telephone number) if made public by the user;
• Additional individual information (such as age, gender, employer, profession, geographic location, education information, financial status, habits, and preferences) published by the user.
We only process data that the social network users made available to general public, pursuant to the relevant platforms’ terms, and that are generally accessible via the social network APIs, or data that our customers grant us permission to access.
3. How we use the data
We use your personal data for the following purposes:
3.1 To provide the Services
We may process your personal data in the scope specified in Section 2.1 of this Privacy Policy to identify you when you login to your account and use our Services, to enable us to operate the Services and provide them to you. This may include verification of your payments, purchase orders and billing information. It may also include verification to determine free trial eligibility.
Analysis of data from social networks, which may include personal data in the scope specified in Section 2.2 of this Privacy Policy, is the core of our Services. We analyse this data to provide our Services to our customers in the scope and manner set out by the social platform terms for developers.
3.2 To communicate with you
We may process data of our customers or their individual users in the scope specified in Section 2.1 of this Privacy Policy, in particular name, email or other contact data, to communicate with our customers and users, for example, when we assist them with setting up or administering their account, when we provide customer care and support, send technical notices, updates of upcoming changes or improvements to the Services, reminders, security alerts and other support and administrative messages.
3.3 To provide a better user experience
We may process your personal data in the scope specified in Section 2.1 to learn how you use our Services to be able to continuously enhance user experience as well as provide our customers seamless customer support. We may process such personal data also to improve and enhance our existing Services and develop new offerings. This includes product and market statistics, research and analytics, benchmarks and other analyses to better understand your needs and the needs of users in the aggregate, diagnose problems and analyse trends. See Section 7 below for more details.
3.4 To protect our Services and secure our or third party rights
We process your personal data in the scope specified in Section 2.1 to keep the Service safe, secure and reliable. This includes detecting, preventing, and responding to fraud, abuse, security risks, and technical issues that could harm D-TAG Analytics, our customers and users.We may process some of data specified in Section 2.1 when required by law or to establish, exercise or defend our legal claims or, where necessary, protect rights of D-TAG Analytics. For example, we may store data about how you use our Services, including payments for Services, to prove or otherwise support our rights.
3.5 For marketing and sales purposes
We may process your contact personal data, in particular email, name, company and job title to offer you our new Services. For more details please see Section 8 below.
3.1 To provide the Services
We may process your personal data in the scope specified in Section 2.1 of this Privacy Policy to identify you when you login to your account and use our Services, to enable us to operate the Services and provide them to you. This may include verification of your payments, purchase orders and billing information. It may also include verification to determine free trial eligibility.
Analysis of data from social networks, which may include personal data in the scope specified in Section 2.2 of this Privacy Policy, is the core of our Services. We analyse this data to provide our Services to our customers in the scope and manner set out by the social platform terms for developers.
3.2 To communicate with you
We may process data of our customers or their individual users in the scope specified in Section 2.1 of this Privacy Policy, in particular name, email or other contact data, to communicate with our customers and users, for example, when we assist them with setting up or administering their account, when we provide customer care and support, send technical notices, updates of upcoming changes or improvements to the Services, reminders, security alerts and other support and administrative messages.
3.3 To provide a better user experience
We may process your personal data in the scope specified in Section 2.1 to learn how you use our Services to be able to continuously enhance user experience as well as provide our customers seamless customer support. We may process such personal data also to improve and enhance our existing Services and develop new offerings. This includes product and market statistics, research and analytics, benchmarks and other analyses to better understand your needs and the needs of users in the aggregate, diagnose problems and analyse trends. See Section 7 below for more details.
3.4 To protect our Services and secure our or third party rights
We process your personal data in the scope specified in Section 2.1 to keep the Service safe, secure and reliable. This includes detecting, preventing, and responding to fraud, abuse, security risks, and technical issues that could harm D-TAG Analytics, our customers and users.We may process some of data specified in Section 2.1 when required by law or to establish, exercise or defend our legal claims or, where necessary, protect rights of D-TAG Analytics. For example, we may store data about how you use our Services, including payments for Services, to prove or otherwise support our rights.
3.5 For marketing and sales purposes
We may process your contact personal data, in particular email, name, company and job title to offer you our new Services. For more details please see Section 8 below.
4. Lawful basis
For the purposes specified in Sections 3.1 and 3.2, we process your personal data based on our contract with you (if you are our direct customer and an individual) or based on our legitimate interest to provide our Services to our customers (where our customer is your company or organisation and you are an authorized user designated by your company or organization, or if you are social network user whose data are analysed as described in Section 2.2 above).
For the purposes specified in Section 3.3, we process your personal data based on our legitimate interest to develop and improve our Services.
For the purposes specified in Section 3.4, we process your personal data based on our legitimate interest to protect and secure our rights or claims or the rights of our customers or users.
For the purpose specified in Section 3.5, we process your personal data based on your voluntary consent where you have given us such consent.
Where we use your personal data for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as performance of contract, your consent or a legal obligation). If you have any concerns about our processing, please refer to details of “Your rights” in Section 11 below.
For the purposes specified in Section 3.3, we process your personal data based on our legitimate interest to develop and improve our Services.
For the purposes specified in Section 3.4, we process your personal data based on our legitimate interest to protect and secure our rights or claims or the rights of our customers or users.
For the purpose specified in Section 3.5, we process your personal data based on your voluntary consent where you have given us such consent.
Where we use your personal data for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as performance of contract, your consent or a legal obligation). If you have any concerns about our processing, please refer to details of “Your rights” in Section 11 below.
5. Retention periods
Where we process personal data as data controller, we retain your personal data for the period necessary to fulfil the purposes outlined in this Privacy Policy and/or any Services agreement, unless a longer retention is required by law (e.g. for tax or accounting purposes or due to other legal requirements) or storing of the data is needed for the establishment, exercise or defence of D-TAG Analytics legal claims; in such case, we will store only the data necessary for the enforcement of our claims or our defence for the period necessary in the given case and not exceeding the statutory limitation periods.
Where we process personal data on behalf of our customers as a data processor, we retain such data for the duration of our agreement with such customers and delete them in accordance with our retention and backup processes automatically within 90 days after termination of the agreement, unless the customers ask us to erase them earlier.
Where we process personal data on behalf of our customers as a data processor, we retain such data for the duration of our agreement with such customers and delete them in accordance with our retention and backup processes automatically within 90 days after termination of the agreement, unless the customers ask us to erase them earlier.
6. Sharing your personal data for legal and business purposes
We may use and/or disclose to third parties (including government bodies and law enforcement authorities, our affiliates, professional advisors and our vendors or subcontractors) information about you when:
• Complying with legal process;
• Enforcing or defending the legal rights of D-TAG Analytics, and in connection with a corporate restructuring such as a merger, business acquisition or insolvency situations;
• Preventing fraud or imminent harm; and
• Ensuring the security and operability of our network and services.
This information will be shared provided that, in all such circumstances, we will only share the limited personal information that is required to be shared in the unique situation.
We share your data with our trusted business partners or individuals who process your data as our data processors on our behalf and pursuant to our instructions, in accordance with this Privacy Policy. We select our vendors very carefully and always ensure that they provide adequate data protection and security safeguards. To this effect, we have bound our data processors with data processing agreements concluded pursuant to Article 28 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and, where such processor reside outside of the European Economic Area (EEA), we have concluded Standard Contractual Clauses (model clauses) approved by the European Commission (2010/87/EU) with such processors. The data processing agreements with our processors provide for, inter alia, audit rights, detail minimum security standards and measures that each our processor must maintain as well as their obligation to submit copies of their security audits and certificates. We also contractually require our processors to provide us with a prompt notice of any data breach or security incident concerning processed data. We continue to monitor for further guidance from the EU supervisory authorities, including on any additional supplementary measures that we may undertake and additional safeguards that we may require from our non-EU vendors to meet our obligations under EU data protection law.
Our current processors are:
• Alphabet, Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google Analytics, Tag Manager);
• Meta Platforms, Inc. 1601 Willow Road, Menlo Park, CA 94025, USA (Meta Pixel)
• Webflow, Inc. 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (website hosting);
• Stripe, Inc. 354 Oyster Point Boulevard, South San Francisco, California, 94080, USA (payment services);
• Atlassian Pty Ltd c/o Atlassian, Inc. 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (document storage, ticketing);
• Zoom Video Communications, Inc. 55 Almaden Blvd., San Jose, CA 95113, USA (videoconferencing);
• Microsoft Corporation. One Microsoft WayRedmond, Washington 98052-6399, USA (e-mail, cloud service, document storage, Microsoft Clarity).
We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
• Complying with legal process;
• Enforcing or defending the legal rights of D-TAG Analytics, and in connection with a corporate restructuring such as a merger, business acquisition or insolvency situations;
• Preventing fraud or imminent harm; and
• Ensuring the security and operability of our network and services.
This information will be shared provided that, in all such circumstances, we will only share the limited personal information that is required to be shared in the unique situation.
We share your data with our trusted business partners or individuals who process your data as our data processors on our behalf and pursuant to our instructions, in accordance with this Privacy Policy. We select our vendors very carefully and always ensure that they provide adequate data protection and security safeguards. To this effect, we have bound our data processors with data processing agreements concluded pursuant to Article 28 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”) and, where such processor reside outside of the European Economic Area (EEA), we have concluded Standard Contractual Clauses (model clauses) approved by the European Commission (2010/87/EU) with such processors. The data processing agreements with our processors provide for, inter alia, audit rights, detail minimum security standards and measures that each our processor must maintain as well as their obligation to submit copies of their security audits and certificates. We also contractually require our processors to provide us with a prompt notice of any data breach or security incident concerning processed data. We continue to monitor for further guidance from the EU supervisory authorities, including on any additional supplementary measures that we may undertake and additional safeguards that we may require from our non-EU vendors to meet our obligations under EU data protection law.
Our current processors are:
• Alphabet, Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google Analytics, Tag Manager);
• Meta Platforms, Inc. 1601 Willow Road, Menlo Park, CA 94025, USA (Meta Pixel)
• Webflow, Inc. 398 11th Street, 2nd Floor, San Francisco, CA 94103, USA (website hosting);
• Stripe, Inc. 354 Oyster Point Boulevard, South San Francisco, California, 94080, USA (payment services);
• Atlassian Pty Ltd c/o Atlassian, Inc. 350 Bush Street, Floor 13, San Francisco, CA 94104, USA (document storage, ticketing);
• Zoom Video Communications, Inc. 55 Almaden Blvd., San Jose, CA 95113, USA (videoconferencing);
• Microsoft Corporation. One Microsoft WayRedmond, Washington 98052-6399, USA (e-mail, cloud service, document storage, Microsoft Clarity).
We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
7. Anonymous statistics
We may use aggregated anonymised data derived from the personal data provided by you or collected by the program analytics such as user behaviour and activities for our own statistics, for auditing, for the purposes of product and market research, for analytics (which helps us to optimise and improve our Services and their usability, the range of Services and to develop new technologies, products, and services), and for benchmarks and other analyses. Additionally, we may choose to publish such anonymised data and to share it with third parties outside of D-TAG Analytics. We will not directly or indirectly transfer any data received from you to (or use such data in connection with) any ad network, ad exchange, data broker, or other advertising or monetization related toolset.
8. Marketing communications
We may contact you about our news, events, Services and their features or special offers that we believe may interest you, provided that we have the requisite permission to do so, on the basis of your consent (where we have requested it and you have provided it to us).
Your marketing communication preferences may be changed at any time by following the instructions below:
• If you would like to unsubscribe from an email sent to you, follow the 'unsubscribe' link and/or instructions placed at the bottom of the email.
• Alternatively, you can contact us using the details in the "Contact Us" section below to change your marketing communication preferences, including the withdrawal of your consent.
If you have received unwanted, unsolicited emails sent via our system or purporting to be sent via our system, please forward a copy of that email with your comments to nuance@d-tag.com for review.
We may share your contact details with our vendors or business partners who provide the relevant services or functions on our behalf, including event organization, marketing, distribution of surveys customer service, or public relations. These third-party vendors have access to and may collect information only as needed to perform their functions on our behalf and are not permitted to share or use the information for any other purpose.
Please note that we may occasionally send you important information (including via email) about our Services that you are using or have used including changes to applicable terms and conditions and/or other communications or notifications as may be required to fulfil our legal and contractual obligations, as described in Section 3.2 above. These important Service communications are not affected by your marketing communication preferences.
Your marketing communication preferences may be changed at any time by following the instructions below:
• If you would like to unsubscribe from an email sent to you, follow the 'unsubscribe' link and/or instructions placed at the bottom of the email.
• Alternatively, you can contact us using the details in the "Contact Us" section below to change your marketing communication preferences, including the withdrawal of your consent.
If you have received unwanted, unsolicited emails sent via our system or purporting to be sent via our system, please forward a copy of that email with your comments to nuance@d-tag.com for review.
We may share your contact details with our vendors or business partners who provide the relevant services or functions on our behalf, including event organization, marketing, distribution of surveys customer service, or public relations. These third-party vendors have access to and may collect information only as needed to perform their functions on our behalf and are not permitted to share or use the information for any other purpose.
Please note that we may occasionally send you important information (including via email) about our Services that you are using or have used including changes to applicable terms and conditions and/or other communications or notifications as may be required to fulfil our legal and contractual obligations, as described in Section 3.2 above. These important Service communications are not affected by your marketing communication preferences.
9. Security and location of your data
We have implemented and will maintain appropriate technical and organizational measures, internal controls, and information security routines in accordance with good industry practice while keeping in mind the state of technological development in order to protect your data against accidental loss, destruction, alteration, unauthorized disclosure or access or unlawful destruction. Such measures may include, without limitation, taking reasonable steps to ensure the reliability of employees having access to your data and providing for limited access rights and access controls; authentication; personnel training; regular back up; data recovery and incident management procedures; restrictions on storing, printing and disposal of personal data; software protection of devices on which personal data are stored; etc.
We have also implemented Information and Data Security Framework in accordance with the requirements of information security standard, including penetration tests, vulnerability scans, secure development frameworks access management, supplier management and compliance processes.
Data collected from you may be transferred to, and stored and processed in, the United States (US) or any other country in which D-TAG Analytics, its affiliates, subcontractors, suppliers or other third party vendors maintain facilities. While we reserve the right to change our business partners and /or data locations, when we transfer any personal data to the USA or any other country outside the EU or EEA in which D-TAG Analytics, its affiliates, subcontractors, suppliers or vendors maintain facilities, we will implement such appropriate legal mechanism as are required by EU law to ensure an adequate level of personal data protection by such third parties receiving your personal data (for example, European Commission’s Standard Contractual Clauses).
Our platform and Services (including any personal data contained therein) are hosted in the Microsoft Azure Cloud. The data are transferred to and stored and processed by Microsoft Azure Cloud Services (http://azure.microsoft.com).
D-TAG Analytics is following MSFT Azure Cloud Services terms and protocols valid for the controller-to-processor Standard Contractual Clauses approved by the European Commission (2010/87/EU) to ensure regulatory compliance for data transfers from Europe to the USA. The specific Azure Cloud Data Processing Addendum incorporating these model clauses has been approved and validated on EU level by Article 29 Working Party in 2015 as ensuring an adequate level of protection. See https://docs.microsoft.com/en-us/azure/compliance/ for more details.
We have also implemented Information and Data Security Framework in accordance with the requirements of information security standard, including penetration tests, vulnerability scans, secure development frameworks access management, supplier management and compliance processes.
Data collected from you may be transferred to, and stored and processed in, the United States (US) or any other country in which D-TAG Analytics, its affiliates, subcontractors, suppliers or other third party vendors maintain facilities. While we reserve the right to change our business partners and /or data locations, when we transfer any personal data to the USA or any other country outside the EU or EEA in which D-TAG Analytics, its affiliates, subcontractors, suppliers or vendors maintain facilities, we will implement such appropriate legal mechanism as are required by EU law to ensure an adequate level of personal data protection by such third parties receiving your personal data (for example, European Commission’s Standard Contractual Clauses).
Our platform and Services (including any personal data contained therein) are hosted in the Microsoft Azure Cloud. The data are transferred to and stored and processed by Microsoft Azure Cloud Services (http://azure.microsoft.com).
D-TAG Analytics is following MSFT Azure Cloud Services terms and protocols valid for the controller-to-processor Standard Contractual Clauses approved by the European Commission (2010/87/EU) to ensure regulatory compliance for data transfers from Europe to the USA. The specific Azure Cloud Data Processing Addendum incorporating these model clauses has been approved and validated on EU level by Article 29 Working Party in 2015 as ensuring an adequate level of protection. See https://docs.microsoft.com/en-us/azure/compliance/ for more details.
10. Cookies
We use cookies so that the users can login into the system and fully navigate within the system; turning off cookies would result in the user being unable to login to the system.
Additionally, we use cookies and other technologies (such as site measuring software and user experience software) to enhance your online experience and learn about how you use our services in order to improve the quality of the Services. We may combine data gained through cookies with other data you provide to us.
For further information relating to the use of cookies please read our Cookie Policy which is available at https://d-tag.com/cookies.
Additionally, we use cookies and other technologies (such as site measuring software and user experience software) to enhance your online experience and learn about how you use our services in order to improve the quality of the Services. We may combine data gained through cookies with other data you provide to us.
For further information relating to the use of cookies please read our Cookie Policy which is available at https://d-tag.com/cookies.
11. Your rights
This Section describes your rights under the applicable laws, such as the GDPR, Act CXII of 2011 on the right to information self-determination and freedom of information and Hungarian Civil Code how to apply them. If you exercise any of your rights pursuant to this Section or pursuant to applicable laws, we will communicate any rectification or erasure of your personal data or restriction of processing carried out in accordance with your request to each recipient to whom the personal data have been disclosed pursuant to Section 6 of this Privacy Policy, unless such communication proves impossible or involves disproportionate effort.
If you wish to exercise these rights and/or obtain all relevant information about the processing of your personal data, please contact us at nuance@d-tag.com. You will be asked to identify yourself; this is necessary to verify that the request has been sent by you. We will respond within 1 month after receipt of your request, but we retain the right to extend this period up to 2 months in exceptional circumstances. We will in any event inform you within 1 month after receipt of your request if we decide to extend the period for our response.
In accordance with applicable laws and as further described below, you have the right to request access to your personal data and information about their processing, the right to rectification, erasure or portability (e.g. transfer of your personal data to another service provider) of your personal data we process, as well as the right to object to the processing of your personal data and/or request restriction of such processing.
Please note that your objection to processing could mean that we are unable to provide you with our Services or otherwise perform the actions necessary to achieve the purposes set out above (see Section 3 'How we use the data').
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by contacting us via the contact details in Section 14 'Contact us'.
11.1 Information about, access to and rectification of your personal data
According to applicable laws, you have the right to obtain confirmation as to whether or not personal data concerning you are being processed (pursuant to the process described above), and, where that is the case, the right to access and rectify your personal data you have shared with us. Through your settings of the Services, you can access and update your account information and change your profile settings.
If you wish to limit or change access to or the sharing of your personal data with a social network, please do this via your account settings on that social network.
11.2 Accuracy of your personal data
We take reasonable measures to ensure that you are able to keep your personal data accurate and updated. You can always approach us in order to obtain confirmation whether or not we still process your personal data.
If you find out that your personal data processed by us is inaccurate or incomplete and you are unable to update your personal data according to Section 11.1 of this Privacy Policy, you may request us to update such personal data. We will verify your identity and update your personal data on your behalf.
11.3 Erasure of your personal data
You can ask us to erase your personal data at any time. If you approach us with such a request, we will delete all your personal data we have without undue delay, provided that your personal data is no longer necessary for the provision of the Services or other permitted purposes, in particular in connection with exercising and defending our legal rights, or meeting our legal obligations. We will also delete (and ensure deletion by the processors that we engage) all your personal data in case you withdraw your consent or in the circumstances that the law requires us to do so.
11.4 Restriction of processing
If you request us to restrict the processing of your personal data, e.g. in circumstances when you contest the accuracy, lawfulness or our need to process your personal data, we will limit processing of your personal data to the necessary minimum (storage) and, if applicable, will process them only for the establishment, exercise or defence of legal claims or, where necessary, for protection of rights of another natural or legal person, or other limited reasons dictated by the applicable law. In case the restriction is lifted, and we continue processing your personal data, you will be informed accordingly without undue delay.
11.5 Portability of your personal data
You have the right to receive personal data relating to you and which you have provided to us. If you approach us with such request, we will provide your personal data in commonly used and machine-readable format to you without undue delay from receipt of your request. If you request so, we will send your personal data to a third party (another data controller) which you will identify in your request, unless such request would adversely affect rights or freedoms of others and where technically feasible.
11.6 Objection to processing
You have the right to object to our using your personal data on the basis of our legitimate interests (refer to Section 4 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground. In such case, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for their further processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of our legal claims. If you object to processing of your data for direct marketing purposes, we will cease to process your data for these purposes.
11.7 Withdraw your consent
If you have provided us any consent with the processing of personal data, for example for marketing communication, you can withdraw your given consent at any time without stating any reason. We will block your personal data for any further processing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing based on consent before its withdrawal.
11.8 Complaint to a data protection authority
You have the right to submit a complaint concerning our data processing activities to Nemzeti Adatvédelmi és Információszabadság Hatóság (National Data Protection and Freedom of Information Authority), at Szilágyi Erzsébet fasor 22/c., 1125 Budapest, Hungary; ugyfelszolgalat@naih.hu; www.naih.hu.
11.9 Request to opt out of the sale of personal data under the California Consumer Privacy Act (CCPA)
D-TAG Analytics does not sell, as defined in the CCPA, any personal data. Therefore, if a California consumer communicates an opt-out request under this provision, it will have no effect. If you require additional information about your rights under the CCPA to opt out of the sale of your personal data, please contact: nuance@d-tag.com and put CCPA Request in the subject line.
If you wish to exercise these rights and/or obtain all relevant information about the processing of your personal data, please contact us at nuance@d-tag.com. You will be asked to identify yourself; this is necessary to verify that the request has been sent by you. We will respond within 1 month after receipt of your request, but we retain the right to extend this period up to 2 months in exceptional circumstances. We will in any event inform you within 1 month after receipt of your request if we decide to extend the period for our response.
In accordance with applicable laws and as further described below, you have the right to request access to your personal data and information about their processing, the right to rectification, erasure or portability (e.g. transfer of your personal data to another service provider) of your personal data we process, as well as the right to object to the processing of your personal data and/or request restriction of such processing.
Please note that your objection to processing could mean that we are unable to provide you with our Services or otherwise perform the actions necessary to achieve the purposes set out above (see Section 3 'How we use the data').
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by contacting us via the contact details in Section 14 'Contact us'.
11.1 Information about, access to and rectification of your personal data
According to applicable laws, you have the right to obtain confirmation as to whether or not personal data concerning you are being processed (pursuant to the process described above), and, where that is the case, the right to access and rectify your personal data you have shared with us. Through your settings of the Services, you can access and update your account information and change your profile settings.
If you wish to limit or change access to or the sharing of your personal data with a social network, please do this via your account settings on that social network.
11.2 Accuracy of your personal data
We take reasonable measures to ensure that you are able to keep your personal data accurate and updated. You can always approach us in order to obtain confirmation whether or not we still process your personal data.
If you find out that your personal data processed by us is inaccurate or incomplete and you are unable to update your personal data according to Section 11.1 of this Privacy Policy, you may request us to update such personal data. We will verify your identity and update your personal data on your behalf.
11.3 Erasure of your personal data
You can ask us to erase your personal data at any time. If you approach us with such a request, we will delete all your personal data we have without undue delay, provided that your personal data is no longer necessary for the provision of the Services or other permitted purposes, in particular in connection with exercising and defending our legal rights, or meeting our legal obligations. We will also delete (and ensure deletion by the processors that we engage) all your personal data in case you withdraw your consent or in the circumstances that the law requires us to do so.
11.4 Restriction of processing
If you request us to restrict the processing of your personal data, e.g. in circumstances when you contest the accuracy, lawfulness or our need to process your personal data, we will limit processing of your personal data to the necessary minimum (storage) and, if applicable, will process them only for the establishment, exercise or defence of legal claims or, where necessary, for protection of rights of another natural or legal person, or other limited reasons dictated by the applicable law. In case the restriction is lifted, and we continue processing your personal data, you will be informed accordingly without undue delay.
11.5 Portability of your personal data
You have the right to receive personal data relating to you and which you have provided to us. If you approach us with such request, we will provide your personal data in commonly used and machine-readable format to you without undue delay from receipt of your request. If you request so, we will send your personal data to a third party (another data controller) which you will identify in your request, unless such request would adversely affect rights or freedoms of others and where technically feasible.
11.6 Objection to processing
You have the right to object to our using your personal data on the basis of our legitimate interests (refer to Section 4 above to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground. In such case, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for their further processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of our legal claims. If you object to processing of your data for direct marketing purposes, we will cease to process your data for these purposes.
11.7 Withdraw your consent
If you have provided us any consent with the processing of personal data, for example for marketing communication, you can withdraw your given consent at any time without stating any reason. We will block your personal data for any further processing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing based on consent before its withdrawal.
11.8 Complaint to a data protection authority
You have the right to submit a complaint concerning our data processing activities to Nemzeti Adatvédelmi és Információszabadság Hatóság (National Data Protection and Freedom of Information Authority), at Szilágyi Erzsébet fasor 22/c., 1125 Budapest, Hungary; ugyfelszolgalat@naih.hu; www.naih.hu.
11.9 Request to opt out of the sale of personal data under the California Consumer Privacy Act (CCPA)
D-TAG Analytics does not sell, as defined in the CCPA, any personal data. Therefore, if a California consumer communicates an opt-out request under this provision, it will have no effect. If you require additional information about your rights under the CCPA to opt out of the sale of your personal data, please contact: nuance@d-tag.com and put CCPA Request in the subject line.
12. Data transfer statement
I acknowledge the following personal data stored in the user account of D-TAG Analytics Inc. (7625 Pécs, Kálvária u. 36., Hungary) in the user database of d-tag.com will be handed over to Stripe, Inc. and is trusted as data processor. The data transferred by the data controller are the following: name, e-mail, phone, billing address, shipping address.
The nature and purpose of the data processing activity performed by the data processor can be found at https://stripe.com/en-hu/privacy.
The nature and purpose of the data processing activity performed by the data processor can be found at https://stripe.com/en-hu/privacy.
13. Oneclick card registration statement
Recurring credit card payment (hereinafter referred to as Recurring payment) is a function included in the acceptance of credit cards provided by Stripe meaning that in the future it is possible to make payments with credit card details provided by the Customer during the registration transaction without giving credit card details again. One of the types of recurring payment, the so-called "ad-hoc payment" is made with the approval of the Customer during each transaction, so you have to approve all transactions in the case of each future payment. You will receive a notification of the successful payment through channels identical with conventional credit card payments in every case.
By accepting this statement to use recurring payment, you allow to make subsequent payments made from your user account in this online store (d-tag.com) without providing credit card details again after the successful registration.
Please note: the processing of credit card details is in accordance with the rules of card issuers. Neither the merchant nor Stripe has access to the credit card data. The Merchant shall assume direct liability for false or unauthorized recurring payments initiated by the Merchant, any claim enforcement against the Merchant's payment service provider (Stripe) shall be unavailable.
I have read this notification, I take notice of its content and accept it.
By accepting this statement to use recurring payment, you allow to make subsequent payments made from your user account in this online store (d-tag.com) without providing credit card details again after the successful registration.
Please note: the processing of credit card details is in accordance with the rules of card issuers. Neither the merchant nor Stripe has access to the credit card data. The Merchant shall assume direct liability for false or unauthorized recurring payments initiated by the Merchant, any claim enforcement against the Merchant's payment service provider (Stripe) shall be unavailable.
I have read this notification, I take notice of its content and accept it.
14. Contact us
If you have any queries regarding our data collection and protection practices or your rights, please do not hesitate to contact us, at nuance@d-tag.com.
This Privacy Policy was last updated in May 2024.
