This privacy statement addresses the personally identifiable information (“data”) that we collect and process about users of our services (“you” or “your”). “Services” means any services that we offer, including visitors to our website.
1.1. We are Runtime Collective Limited (trading as Brandwatch) (“we”, “us” or “Brandwatch”). Our registered office address is at Sovereign House, Church Street, 1st Floor, Brighton, BN1 1UJ, United Kingdom. Our company number is 03898053 and our VAT number 754 7507 10.
1.2. This Privacy Statement explains how we collect, process, and use data about you. This Privacy Statement applies to all users, including those users who use the Services via their employer or another company. This Privacy Statement also applies to all of the data that we collect through our Services, irrespective of the type of Services or the device you use to access the Services.
2.1. The data we collect about you depends on the Services that you use (and how you use them). For example, if you are the primary account holder for your company and use Analytics, the data we collect about you would be different than the data that we collect about a user who has view-only access to Analytics. The remainder of this section sets out the categories of data we collect depending on your use of our Services.
2.2. If you register as a user of any of our Services, we may ask you to provide your name, email address, contact telephone number (landline and/or mobile), the company you work for, your address, a username and password, and other data relevant to the Services we provide. If you are not an administrative user for your account, the same data about you may be provided by a colleague or other third party. We may also collect other data directly from you, from time to time.
2.3. Depending on your account type, we may collect payment data from you in order to take payment for our Services.
2.4. If you contact our support services, we will collect the data we need to categorize your question and respond to it. We also use this data to track potential issues with our Services and customize our support responses to better serve you.
2.5. We collect data about you when you use any part of our Services. For example, if you are logged in to your Analytics account, we will collect data as to how often you use Analytics, what queries you created or amended, and other data about how you interact with Analytics. We may also collect data about how you interact with messages we send to you, for example whether you opened an email or read an in-app message.
2.6. We collect data about the device you use to use our Services, including operating system details, web browser type, your mobile device identifier and mobile operating system, and the name of your ISP or mobile carrier. We may also collect your location data if your device permits this.
2.7. We also infer data about you based on the data you have provided or made available to us. This may include personalizing your experience of using our Services, suggesting different Services you may be interested in trying, or other inferences about you.
2.8. We are constantly trying to improve our Services to you. This means that we are introducing new features of our Services regularly, some of which may result in the collection of new data from you.
2.9. We will indicate where any personal information we have requested is mandatory or optional. We will also explain the consequences should you decide not to provide information which we have indicated is mandatory. In some circumstances this may mean we are unable to provide you with a certain service or product.
3. Using your data
3.1. The legal basis for our processing of data about you is generally pursuant to our “legitimate interests”. Our legitimate interests are in providing our Services to our customers, which includes providing technology that empowers our customers to act with more certainty in a way that is easy-to-access and use. However, the legal basis for our processing of data may also be where we have your consent (for example where consent is required to send certain marketing communications) or where the processing is necessary for compliance with our legal obligations (for example where we receive requests from regulatory authorities).
3.2. We combine data about you across our different Services. We use data and content that you and other users provide or make available to us to provide the Services to you and our other customers. We also use data to conduct research and development for the improvement of our Services so that we can provide all of our users with a better experience.
3.3. We communicate with you in writing, via email, or other means available on or through the Services (for example, via messaging in Analytics or push notifications if you use a mobile application). We may communicate transactional or service messages to you, such as welcoming you to our Services or informing you of scheduled downtime. We may also send you marketing communications, on our own behalf or on the behalf of third parties. Marketing communications may be sent to you, even if you do not have an account, if you have indicated to us that you wanted to receive such communication. In respect of marketing communications, you can opt out of receiving future communications in the footer of each email we send to you. You cannot opt out of receiving transaction or service messages from us.
3.4. We do not use your personal data to engage in automated decision making about you.
4. Sharing your data
4.1. We share data with our affiliates (meaning legal entities controlled by, controlling, or under common control with us) as reasonably necessary to provide the Services.
4.2. We may share your data with selected third parties, including our business partners, suppliers, and sub-contractors, for the performance of any contract we enter into with them. We may also share your data with analytics and search engine providers that assist us in the improvement of our website.
4.3. We may also disclose your data to other third parties. For example, if we sell or buy any business or assets, we may disclose your data to the prospective seller or buyer of such business or assets. Alternatively, if we or substantially all of our assets are acquired by a third party, your data may be part of the transferred assets.
4.4. If any third party processes any of your data, we ensure there are sufficient contractual and operational safeguards protecting your data.
5. Accuracy, retention, security, and your rights
5.1. We will retain data about you for as long as it is reasonably necessary for us to provide the Services. We anonymize any data about you as soon as it is reasonably practical, once you no longer use our Services.
5.2. We may transfer your data to, and store it in, a country other than your own. That country may not provide the same level of data protection as your own country. Whenever we transfer your information outside of Europe, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely. If you are located in Europe, you may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances.
5.3. The servers that store your data have appropriate administrative, technical, and physical controls that are designed to safeguard your data, including industry-standard encryption technology.
5.4. You have a number of legal rights in your data under applicable data privacy law. Under applicable law you may:
a. request access to the data that we have about you and request that it be updated, rectified, deleted, or blocked;
b. request that we refrain from further use of any data we hold about you;
c. if we ever process your data based on your consent, to revoke your consent at any time, where relevant; or
d. request to receive a machine-readable copy of the data have provided to us.
5.5. To exercise any rights listed above, please email us at email@example.com or write to us at the address listed at the top of this document.
5.6. You may lodge a complaint with the supervisory authority about our processing of your data under this Privacy Statement. The appropriate supervisory authority is the data privacy regulator in which you live. If you live in the United Kingdom it is the Information Commissioner’s Office and you can report a concern at ico.org.uk/concerns.
5.7. Please note that we cannot always delete records of all historical data. For example, we are required to retain certain records for financial reporting and compliance reasons.
6. Privacy practices of third parties
6.1. This Privacy Statement only addresses our collection, processing and use (including disclosure) of your personal data. Our customers and other third parties may have access to your personal data and use it in other ways in accordance with their own privacy practices. We encourage you to familiarize yourself with the privacy statements provided by any platform you use to publish any data.
6.2. Please note that our Services may use the YouTube API. YouTube’s developer terms require us to notify you that our Services use YouTube API Services (i.e. data from YouTube) and to link to the YouTube privacy statement http://www.google.com/policies/privacy.
7. Governing law and jurisdiction
7.1. English law governs this privacy statement and any dispute or claim related to it. Each party agrees that the English courts have exclusive jurisdiction over this privacy statement and any dispute or claim related to it.
Last Updated 3 August 2018