This privacy statement addresses the personally identifiable information (“data”) that we collect and process about individual authors of online content (“Author”, “you” or “your”) through the services that we offer to our customers. Basically, if you publish information on publicly available websites (Twitter, Instagram, etc.), you’re an Author for purposes of this privacy statement.
1.1. We are Runtime Collective Limited (trading as Brandwatch) (“we”, “us” or “Brandwatch”). Our registered office address is at Sovereign House, Church Street, 1st Floor, Brighton, BN1 1UJ, United Kingdom. Our company number is 03898053 and our VAT number 754 7507 10. We are a data controller of the data that we process about you.
1.2. We crawl and index publicly available information (including data) from the Internet. We also contract directly with third party providers to gain access to their information (including data). In each case, the information that we have access to is published or made available by Authors. This information is then collated and stored in our database. We offer access to our database, as well as analytics of the data within that database, to third parties (our “Services”).
1.3. Since all of the information that we access is publicly available, the raw information we have about you could be found by anybody with access to the Internet. Some of this information is personal data. For example your name or username in connection with your Twitter or Facebook profile would be personal data. Other information we process may not be personal data (for example if you publish an anonymous review on a website).
1.4. As an Author, you are the source of the data. You have control over that data within the platform you choose to publish it on (e.g. Twitter or Facebook), including through using the privacy settings made available to you by that platform. In addition to whatever rights you have via your relationship with any publishing platform, you also have certain rights relating to your data that we process, as set out in this Privacy Statement.
2. Information we collect about you
2.1. The data we collect varies depending on the source of the data, what the source or platform chooses to make available to us, plus what you choose to make available. It could include the following:
a. your name, username, handle, or other identifier;
b. the content of the information you have published via that name, username, handle, or other identifier, including comments, expressions, opinions, posts, etc.;
c. your profile picture or other images or videos that you post or interact with;
d. your job title or profession (including category of profession, for example “journalist”;
e. your interests;
f. your location;
g. your gender; and
h. any other information you publish on an Internet website we crawl or on a third party platform that provides us with data.
2.2. In addition to the data you make available about yourself, we may also use that information to infer other data about you. For example, based on your name, we may infer your gender. Equally, based on the content of one of your posts, we may infer some of your interests, your profession, your location, etc.
2.3. We may also analyse the content of the data you publish and provide our analysis to our customers. For example, if you publish a Tweet stating that you like a certain brand’s ice cream, we may mark that Tweet as having a positive sentiment toward that brand.
3. Using your data
3.1. The legal basis for the data that we process is pursuant to our legitimate interests. Our legitimate interests are in providing our Services to our customers, which includes providing technology that empowers our customers to act with more certainty in a way that is easy-to-access and use. In turn, this allows our customers to learn more about their brand, their customers, their competitors, and other information available on the social web that is relevant to our customers.
3.2. We also use the data in ways related to, but ancillary, to the Services that we offer. For example, we may use the data to comply with our legal obligations or enforce our rights, including the legal obligations or enforcement of rights of third parties. We may also use the data to improve our Services.
3.3. Although it is the responsibility of our customers to use our Services properly, we do put in place safeguards to protect your data. We require our customers to comply with applicable law, including data privacy law, when using our Services. We also prohibit our customers from using our Services, including your data, in a way that is outside of your reasonable expectations.
3.4. When we infer data about you, we do so automatically. The inferences are based on algorithms that analyse the data that you have posted. We do not make any decisions about you based on the data that we process about you (inferred or not). In other words, we only make the data available to our customers. It is up to our customers what (if anything) to do with the data and any inferences about the data.
4. Sharing your data
4.1. In addition to sharing your data with our customers, we may share your data with any member of our company group (i.e. our subsidiaries, parent companies, and affiliates).
4.2. We may share your data with selected third parties, including our business partners, suppliers, and sub-contractors, for the performance of any contract we enter into with them. We may also share your data with analytics and search engine providers that assist us in the improvement of our website.
4.3. We may also disclose your data to other third parties. For example, if we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets. Alternatively, if we or substantially all of our assets are acquired by a third party, your data may be part of the transferred assets.
4.4. If any third party processes any of your data, we ensure there are sufficient contractual and operational safeguards protecting your data.
5. Accuracy and retention
5.1. Most of the data we have about you comes directly from you. If it is inaccurate, we advise you to fix it on the original platform in which you published that data. Where we infer data about you, it is our aim to ensure that any of this additional data is accurate and kept up to date.
5.2. We will retain any data about you for as long as it is reasonably necessary for us to provide the Services. However, if you request that we delete your data, or if you delete your data from the platform in which it was originally published, we will also delete your data from our Services.
6. Storage, security and your rights
6.1. We may transfer your data to, and store it in, a country other than your own. That country may not provide the same level of data protection as your own country. Whenever we transfer your information outside of Europe, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely. If you are located in Europe, you may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances.
6.2. The servers in which we hold your data have appropriate administrative, technical, and physical controls that are designed to safeguard your data, including industry-standard encryption technology.
6.3. You have a number of legal rights in your data under applicable data privacy law. Under applicable law you may:
a. request access to the data that we have about you and request that it be updated, rectified, deleted, or blocked; or
b. request that we refrain from further use of any data we hold about you.
6.4. To exercise any rights listed above, please email us at firstname.lastname@example.org or write to us at the address listed at the top of this document.
6.5. You may lodge a complaint with the supervisory authority about our processing of your data under this Privacy Statement. The appropriate supervisory authority is the data privacy regulator in which you live. If you live in the United Kingdom it is the Information Commissioner’s Office and you can report a concern at ico.org.uk/concerns
6.6. Please note that we cannot always delete records of all historical data. For example, we are required to retain certain records for financial reporting and compliance reasons.
7. Privacy practices of third parties
7.1. This privacy statement only addresses our collection, processing, and use (including disclosure) of your data. Our customers and other third parties that may have access to your data can use it in other ways in accordance with their own privacy practices and applicable law. We encourage you to familiarize yourself with the privacy statements provided by any platform you use to publish any information.
8. Governing law and jurisdiction
8.1. English law governs this privacy statement and any dispute or claim related to it. Each party agrees that the English courts have exclusive jurisdiction over this privacy statement and any dispute or claim related to it.
Last updated 1 February 2018