Simon Data Privacy Statement (revised January 5, 2023)
We respect the privacy rights of users and recognize the importance of protecting information collected about you. Please read the following carefully to understand how we will collect, use and maintain your Personal Data, as well as your choices regarding use, access and correction of your Personal Data.
Changes to This Notice
Changes to This Notice
This Privacy notice may occasionally change. If and when we make changes, notification of these changes will be reflected by updating the revision date at the top of this Privacy Notice. In some cases, we may provide additional notice (such as adding a statement to our homepage, sending you an email notification, or by some other means). Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of the Services, and you are still responsible for reading and understanding them.
Your use of the Simon Data Platform or the Services after the posting of such changes shall constitute your consent to such changes.
Personal Data Collected
Simon collects the following types of personal information:
Information you provide to us
We collect information you provide directly to us including when you visit one of our websites, register for and/or use Simon Data Services, or otherwise interact with Simon Data.
For example, we collect information when you request information via a form on our website; request a demo of our Services, participate in a survey, contest, promotion, sweepstakes, activity or event; make a purchase; apply for a job; request customer support; or communicate with us via third-party social media sites.
The types of information we may collect directly from you include your name, username, email address, postal address, phone number, employer’s name, job title, transactional information (including services purchased or subscribed to and billing address) as well as any contact or other information you choose to provide.
Information we collect automatically
How Do We Use Your Personal Data?
Simon collects or discloses Personal Data for the following business and commercial purposes.
- Provide, operate, maintain and improve the Simon Data Platform.
- Enable you to access and use the Simon Data Platform.
- Creating and managing your account or other user profiles.
- Send you technical notices, updates, security alerts, and routine administrative messages.
- Provide and deliver the services and features you request, process and complete orders or other transactions, and send you related information, including purchase confirmations and invoices.
- Meeting or fulfilling the reason you provided the information to us.
- Respond to your comments, questions, and requests and provide customer service and support.
- Communicate with you about services, features, surveys, newsletters, offers, promotions, contests and events, and provide other news or information about Simon.
- Monitor and analyze trends, usage, and activities in connection with the Simon Data Platform.
- Improving the Services, including testing, research, internal analytics and product development.
- Personalizing the Services, website content and communications based on your preferences.
- Investigate and prevent unauthorized access to the Simon Data Platform.
- Doing fraud protection, security and debugging.
- Carrying out other business purposes stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws.
- Marketing and selling the Simon Data Platform.
- Showing you advertisements, including interest-based, or online behavioral or targeted advertising.
We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated or incompatible purposes without providing you notice.
How and To Whom Do We Share Your Personal Data?
We may share Personal Data with service providers, advertising partners, analytics partners, business partners, and parties you authorize, access, or authenticate, as set forth below.
- Service Providers.
- Fraud prevention service providers
- Hosting service providers
- Co-location service providers
- Telecommunications service providers
- Support and customer service vendors.
- Product fulfillment and delivery providers.
- Advertising Partners. These parties help us market our services and provide you with other offers that may be of interest to you. They include:
- Ad networks.
- Data brokers.
- Marketing providers.
- Analytics Partners. These parties provide analytics on web traffic or usage of the Services. They include:
- Companies that track how users found or were referred to the Services.
- Companies that track how users interact with the Services.
- Business Partners. These parties partner with us in offering various services. They include:
- Businesses that you have a relationship with.
- Companies that we partner with to offer joint promotional offers or opportunities.
- Parties You Authorize, Access or Authenticate,
- Third parties you access through the services.
- Social media services.
- Other users.
We also share Personal Data when we believe it is necessary to:
- Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
- Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud, or detect and investigate security incidents and potentially illegal or prohibited activities.
- Maintain the security of our products and services
- Protecting the rights, property or safety of you, Simon Data or another party.
- Enforcing any agreements with you.
- Responding to claims that any posting or other content violates third-party rights.
- Resolving disputes.
Moreover, if we, or our assets, are acquired, or if we go out of business or enter bankruptcy, or if a third party assumes control of our business (in whole or in part), we may share user information (including Personal Data) with an acquirer. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Data in accordance with this Privacy Notice or another notice provided to you.
Data That Is Not Personal Data
We may create aggregated, de-identified or anonymized data from the Personal Data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you.
How Long Do We Retain Your Personal Data?
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services or perform our business and commercial purposes for collecting your Personal Data. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
Simon’s Customers may electronically submit data or information to the Simon Data Platform for hosting and processing purposes, in which case Simon will process such information in accordance with the applicable Master Subscription Agreement, or as may be required by law. Simon may access Customer Data only for the purpose of providing the services or preventing or addressing service or technical problems, or as may be required by law.
Simon publishes customer testimonials on its website which include information such as name, title, and organization. In all cases, Simon seeks and receives prior written consent to the publication of such information.
We may also supplement the information we collect from you with information received from third parties in order to enhance our Services, or to offer you information that we believe may be of interest to you.
You can control and/or delete cookies as you wish – for details, see aboutcookies.org. Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some of the Services and functionalities may not work. We strongly recommend that you leave cookies active, because they enable you to take advantage of the most attractive features of the Services.
To explore what Cookie settings are available to you or to modify your preferences with respect to Cookies, you can access your Cookie management settings by clicking the Cookie Settings link in the footer of our website . Further information on cookies can be found at http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm or https://ico.org.uk/for-the-public/online/cookies/ if you are located in the European Union.
What types of cookies do we use and for which purposes?
These are cookies that are required to provide you with features or services that you have requested. For example, Cookies that enable you to log into secure areas of our site. Disabling these Cookies will encumber the Services’ performance and may make certain features and services unavailable.
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms.
These Cookies are used to recognize you when you return to our Services. This enables us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
These Cookies allow us to understand how visitors use our site. This includes information about the number of visitors to the site, what pages visitors view on our site and how long visitors are viewing pages on the site. Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our advertising campaigns and to optimize our Services’ content for those who engage with our advertising.
These cookies help us to understand how visitors engage with the website. We may use a set of cookies to collect information and report site usage statistics. In addition to reporting site usage statistics, data collected may also be used, together with some of the advertising cookies described, to help show more relevant ads across the web and to measure interactions with the ads we show.
Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you. For more information about this, please see the section below titled “Information about Interest-Based Advertisements.”
We use a set of cookies that are optional for the website to function. They are usually only set in response to information provided to the website to personalize and optimize your experience as well as remember your chat history.
Session Replay Technology
We may use session replay technology in order to identify and resolve customer issues, to monitor and analyze how you use our Services, to better understand user behavior, and to improve our Services. By continuing to use the Services, you consent to the use of session replay technology. If you would like to change your settings with respect to session replay technology, you can access your Cookie management settings by clicking the Cookie Settings link in the footer of our website. You can also opt out from session replay specifically by visiting https://www.fullstory.com/optout/
Information about Interest-Based Advertisements
We may serve advertisements, and also allow third-party ad networks, including third-party ad servers, ad agencies, ad technology vendors and research firms, to serve advertisements through the Services. These advertisements may be targeted to users who fit certain general profile categories or display certain preferences or behaviors (“Interest-Based Ads”). Information for Interest-Based Ads (including Personal Data) may be provided to us by you, or derived from the usage patterns of particular users on the Services and/or services of third parties. Such information may be gathered through tracking users’ activities across time and unaffiliated properties, including when you leave the Services. To accomplish this, we or our service providers may deliver Cookies, including a file (known as a “web beacon”) from an ad network to you through the Services. Web beacons allow ad networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. Web beacons also enable ad networks to serve targeted advertisements to you when you visit other websites. Web beacons allow ad networks to view, edit or set their own Cookies on your browser, just as if you had requested a web page from their site.
Do Not Track
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services do not support Do Not Track requests at this time.
Protection and Storage
Our operations are supported by a network of computers, cloud-based servers, and other infrastructure and information technology, including, but not limited to, the use of third-party service providers. We, and third-party service providers on our behalf, store and process your Personal Data in the United States and elsewhere in the world.
The servers on which Personal Data is stored are kept in a controlled environment with limited access. While we take reasonable efforts to guard Personal Data we knowingly collect directly from you, no security system is impenetrable. In addition, we cannot guarantee that any passively-collected Personal Data you choose to include in documents you store on our systems are maintained at levels of protection to meet specific needs or obligations you may have relating to that information.
While no service is completely secure, Simon takes reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls, and information access authorization controls.
You may access your account information and our service only through the use of an individual user ID and password. To protect the confidentiality of Personal Data, you should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Please advise us immediately if you believe your password has been misused. In addition, always logout and close your browser when you finish your session. Please note that we will never ask you to disclose your password in an unsolicited phone call or email.
U.S. State Law Privacy Rights
California Resident Rights
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Data to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at PRIVACY@SIMONDATA.COM.
Nevada Resident Rights
If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Data to third parties. You can exercise this right by contacting us at PRIVACY@SIMONDATA.COM with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your account. Please note that we do not currently sell your Personal Data as sales are defined in Nevada Revised Statutes Chapter 603A.
European Union, United Kingdom, and Swiss Residents
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.
For this section, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Simon will be the controller of your Personal Data processed in connection with the Services.
If there are any conflicts between this section and any other provision of this Privacy Notice, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at PRIVACY@SIMONDATA.COM. Note that we may also process Personal Data of our customers’ end users or employees in connection with our provision of services to customers, in which case we are the processor of Personal Data. If we are the processor of your Personal Data (i.e., not the controller), please contact the controller party in the first instance to address your rights with respect to such data.
Personal Data We Collect
The “Personal Data Collected” section above details the Personal Data that we collect from you.
Personal Data Use and Processing Grounds
The “How Do We Use Your Personal Data?” section above explains how we use your Personal Data.
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
- Contractual Necessity: We process the following categories of Personal Data as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data
- Legitimate Interest: We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties. Examples of these legitimate interests include:
- Operation, customization, and improvement of the Services
- Marketing the Services
- Provision of customer support and corresponding with you
- Protection from fraud or security threats
- Compliance with legal obligations and enforcement of legal terms
- Completion of corporate transactions
- Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
- Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
Sharing Personal Data
The “How and To Whom Do We ShareYour Personal Data?” section above details how we share your Personal Data with third parties.
What Rights Do You Have Regarding Your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email PRIVACY@SIMONDATA.COM. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
- Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by or by contacting us at PRIVACY@SIMONDATA.COM.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can correct some of this information directly by or by contacting us at PRIVACY@SIMONDATA.COM.
- Erasure: You can request that we erase some or all of your Personal Data from our systems.
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
- Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
- Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
- Right to File Complaint: You have the right to lodge a complaint about Simon’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Transfers of Personal Data
The Services are hosted and operated in the United States (“U.S.”) through Simon and its service providers, and if you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Simon in the U.S. and will be hosted on U.S. servers, and you authorize Simon to transfer, store and process your information to and in the U.S., and possibly other countries. In some circumstances, your Personal Data may be transferred to the U.S. pursuant to a data processing agreement incorporating standard data protection clauses and/or the DPF, as discussed below.
Data Privacy Framework(s)
In addition, under the EU-U.S. DPF, the EU-UK DPF, and the Swiss-U.S. DPF, we will provide EU, UK, and Swiss individuals with the choice to opt-out from the sharing of their Personal Data with any third parties (other than our agents or those that act on our behalf or under our instruction), or before we use it for a purpose that is materially different from the purpose for which it was originally collected or subsequently authorized.
Simon’s accountability for Personal Data that it receives in the U.S. under the EU-U.S. DPF, the EU-UK DPF, and the Swiss-U.S. DPF and subsequently transfers to a third party acting as an agent on our behalf is described in the EU-U.S. DPF Principles, the EU-UK DPF Principles, and the Swiss-U.S. DPF Principles. In particular, Simon remains liable under the EU-U.S. DPF Principles, the EU-UK DPF Principles, and the Swiss-U.S. DPF Principles if our agents process Personal Data in a manner inconsistent with the DPF Principles, unless Simon proves that we are not responsible for the event giving rise to the damage.
In compliance with the EU-U.S. DPF, the EU-UK DPF, and the Swiss-U.S. DPF, Simon commits to resolve EU-U.S. DPF Principles, EU-UK DPF Principles, and Swiss-U.S. DPF Principles-related complaints about our collection and use of your Personal Data. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the DPF should first contact Simon at PRIVACY@SIMONDATA.COM.
In compliance with the EU-U.S. DPF, the EU-UK DPF, and the Swiss-U.S. DPF, Simon commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the EU-UK DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the U.S. If you do not receive timely acknowledgment of your EU-U.S. DPF Principles, EU-UK DPF Principles, and Swiss-U.S. DPF Principles-related complaint from us, or if we have not addressed your EU-U.S. DPF Principles, EU-UK DPF Principles, and Swiss-U.S. DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
If your EU-U.S. DPF, EU-UK DPF, and Swiss-U.S. DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Annex 1 of the Data Privacy Framework Principles, located at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.
Personal Data of Children
Simon does not knowingly collect Personal Data from children under 16; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If you become aware or believe that a child under the age of 16 years of age has provided us with Personal Data, please contact us at REPORT-ABUSE@SIMONDATA.COM. If we become aware that a child under 16 years of age has provided us with Personal Data, we will delete that information as quickly as possible.
Simon Data’s current list of subprocessors can be found HERE.
What If You Have Questions Regarding Your Personal Data?
If you have any questions about this section or our data practices generally, please contact using the following information:
Simon Data, Inc.
115 Broadway, WeWork 5th floor
New York, NY 10004
Email address for contact:|
Data Protection Officer and contact information:
EU and UK Member Representative and contact information:
EU: DP-Dock GmbH, Attn: Simon Data Inc., Ballindamm 39, 20095 Hamburg, Germany
UK: DP Data Protection Services UK Ltd., Attn: Simon Data Inc., 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom