If you publish information on publicly available websites or social media platforms (e.g. Twitter, Instagram, Facebook, etc.), Brandwatch may have collected Personal Data about you. This is because Brandwatch operates a service that collects publicly available information from the Internet, analyzes it, puts it in a database, and offers access to its database, along with analytics, to companies who want to understand how consumers react to their brand and campaigns online.
All the information we collect is already publicly available. The information is also information that you chose to publish online – we just collect it, index it, and put it all in the same place. This makes the data easier to search for what people are talking about online, and what they think of certain brands.
We know how valuable your privacy is to you. You can trust us to handle it carefully. We work to keep your Personal Data secure, and we place restrictions on our customers’ use of the data they access through us.
Also remember: you are in control of your data. First, you have choices about what you post online, the platforms you use, and the privacy settings that apply to your posts. Second, you have legal rights depending on where you live and on our legal obligations. For example, you can ask us to show you what data we have about you, make us correct that data if it is inaccurate, and even ask us to delete or stop using the data.
This privacy statement addresses how we handle the personally identifiable information (“Personal Data”) that Brandwatch collects and processes about individual authors of online content (“Author”, “you” or “your”) through the Services that we offer to our customers.
This privacy statement applies to you if you publish information on publicly available websites (Twitter, Instagram, Facebook, Reddit etc.) that we collect data from.
For reference, we are Runtime Collective Limited, and we trade as Brandwatch (“we”, “us” or “Brandwatch”). Our registered office address is at Sovereign House, Church Street, 1st Floor, Brighton, BN1 1UJ, United Kingdom. Our company number is 03898053 and our VAT number is 754 7507 10. Our subsidiaries, such as Crimson Hexagon, Inc. and Paladin Software, LLC, and our affiliates such as Falcon.io ApS and Falcon.io US Inc may also act as a data controller from time to time. We act as the data controller of the Personal Data that we process about you.
We collect and collate information that is publicly available on the Internet. If you can be identified from this information, and it relates to you, then it will be your Personal Data. For example, your name or username in connection with your Twitter or Facebook profile or the content of your public posts on these sites would be your Personal Data.In a nutshell, this is how we work: we collect and index publicly available information from the Internet. We get data via search crawling or by contracting directly with content providers and data resellers to gain access to data from them. In each case, the only information that we have access to is information that Authors like you published or made available publicly.This information is then collected, indexed, and stored in our database. We offer access to our database, as well as analytics of the data within that database, to customers (our “Services”). This allows our customers to learn more about their brand, their consumers, their competitors, and act with more certainty in their marketing decisions. The following graphic depicts how our Services work.
Personal data you publish
While nearly all Personal Data we collect about you comes from publicly available sources, the categories of Personal Data we collect depends on the source of the data, what the source or platform chooses to make available to us, plus what you choose to make publicly available. The Personal Data that we collect could include the following categories and examples:
Personal data we may infer about you
We may also analyse the Personal Data you have published to infer other Personal Data about you and provide our analysis to our customers. For example:
When we infer data about you, we do so automatically, based on each individual post. We do not look at multiple posts in combination, and our algorithms analyse each of your posts individually.
We principally use each of the categories of your Personal Data referenced above to offer our Services to our customers. We do not use algorithms to make automated decisions about you in violation of applicable law or in a way that produces a significant legal effect. In other words, we only make data (inferred or not) and analytics available to our customers. Our legal basis for this type of data processing is that we have a legitimate interest in running our business and providing our Services to our customers. Whenever we process data that has sensitive Personal Data in it, we do so only because you have made that information public. In addition to our uses of your Personal Data, our customers also have a legitimate interest in accessing this data in order to understand their customer base and engagement with their brands.
For more information on Brandwatch’s services please click here
We also use each of the categories of Personal Data referenced above in ways related, but ancillary, to the Services that we offer. For example, we may use the data to:
We will keep your Personal Data for as long as it is necessary for us to provide the Services. However, if you request that we delete your data, please be aware that if your data is still published on the public sources we pull data from so you will need to remove it from there also. We may not be able to comply with a request to delete your data is we are required to retain the data according to applicable law.
The servers that hold your data have administrative, technical, and physical controls to safeguard your data, including industry-standard encryption technology.
We prohibit our customers from using your Personal Data:
If other entities process your Personal Data, we ensure there are adequate contractual and operational safeguards in place.
We may transfer your Personal Data to, and store it in, a country other than your own. That country may not provide the same level of data protection as your own country. Whenever we transfer your information outside of the European Economic Area or the United Kingdom, we will take steps to ensure that adequate safeguards are in place to protect your Personal Data and to make sure it is treated securely.You may contact us for a summary of the safeguards which we have put in place to protect your Personal Data and privacy rights in these circumstances.
As an Author, you are the creator of the Personal Data and have direct control over what you decide to post publicly online.
You can always review the privacy settings available on all platforms you use to publish content online, including making your profile private.
You should read the privacy statements provided by the platforms you publish content on.
You may have certain rights in relation to your data under applicable data privacy law. Depending on applicable law, you may:
Please note that we cannot always complete all requests. For example, we must keep certain records for financial reporting and compliance reasons or to continue to provide you with the Services. To exercise any of these rights, ask us questions, voice concerns, or request a copy of this statement in a different format, please submit a verifiable request to us by either:
Only you, or a person you have authorized to act on your behalf, may make a request related to your Personal Data. You may also make a verifiable request on behalf of your minor child or ward. If you submit a request through an authorized agent, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity with us.
In order to protect your Personal Data, we may ask you or your authorized agent to provide additional Personal Data so that we can verify your identity. Any information that you provide will only ever be used as part of the process to confirm your identity and complete your request. In order to protect your Personal Data, if we cannot verify your identity, we will not be able to comply with your request.
Once you have submitted a request, you can expect an initial reply from the Brandwatch Privacy Team within a reasonable amount of time, dependent on where you live. Except where the law does not require or allow us to do so, any information we have of yours will be provided in an easily accessible and portable format once we have received your verifiable request. We will adhere to the appropriate response timeline that applies to you depending on where you live. We may request additional time if necessary in accordance with applicable law.
The U.S. Data Privacy Framework
Brandwatch (registered as Crimson Hexagon, Inc and Falcon.io US, Inc) complies with:
as set forth by the U.S. Department of Commerce. You can read Brandwatch’s full U.S. Data Privacy Framework Policy here.
To learn more about the Data Privacy Framework (DPF) program, and to view the certification, please visit https://www.dataprivacyframework.gov/.