This Privacy Policy (“Policy”) applies to all the services offered by Userology. This Policy covers the information about our usage of any data provided by you to Userology on our website or any other Userology platform. We are committed to protecting your privacy. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this Policy. Userology reserves the right to update this Policy frequently, hence you should check this page from time to time.
​​
“Customer” is hereby referred to as an entity that directly engages with Userology to use our services. “Customer’s End Users” are hereby referred to as end-users who use customer platforms and thus use Userology services indirectly.
We are committed to respecting and protecting the privacy of both Customer and Customer’s End Users and the personal information we may obtain through our services or other Company operations. Accordingly, we have created this Privacy Policy to inform all users about how we collect, use, and share Customer information and personal information of Customer’s End Users, and about our customer information privacy practices in general.
​
We are always ready to address questions and concerns regarding this privacy policy and our privacy practices. If you would like to contact customer service, please contact us.
​
We may modify this Privacy Policy from time to time to reflect changes in our privacy practices. All users, including Customers and Customer’s End Users, are encouraged to review this Privacy Policy periodically and to check the “Last Updated” date at the top of the Privacy Policy for the most recent version. If we make changes to this Privacy Policy, we will notify you here, by email, or through other industry-standard means.
​
What Information we collect?
Userology collects the following types of data:
Personal Data: “Personal Data” is information relating to a specific identified or identifiable person. Generally, Userology collects two types of Personal Data, Personal Data from Website users, Customers, and Personal Data from Customer’s End Users.
Website Data: Userology collects several types of information from and about users of our website, including information by which they may be personally identified, such as name, company name, e-mail address, telephone number, or any other identifier by which you may be contacted online or offline.
Customer Data

Userology collects Personal Data from Customers relating to Customer accounts and their management of them. As Customers navigate the Userology services, we may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from Customer’s Web browsers (such as browser type and browser language), their Internet Protocol (“IP”) address, and the actions they take on the Userology services (such as the Web pages viewed and the links clicked).



We may use Personal Data from Customers to provide products and/or services to Customers, collect payment for our products and/or services, administer sweepstakes and contests, enhance the operation of the Userology services, improve our marketing and promotional efforts, analyze the use of the Userology services, improve the Userology services, and tailor the experience of Customers in using the Userology services.



We may also use Personal Data to troubleshoot, resolve disputes, accomplish administrative tasks, contact Customers, enforce our agreements with Customers, including our Master SaaS Subscription Agreements or Terms of Service, and this Privacy Policy, comply with applicable law, and cooperate with law enforcement activities.

Customer’s End User Data

As part of the provision of the Userology service to Customers, Userology collects certain Personal Data and other, Non-Personal Data about Customer’s End Users as determined by the applicable Customer (“Customer’s End User Data”). Userology does not control or otherwise approve any messages or requests for Customer’s End User Data made by a Customer to a Customer’s End User.



Customer’s End Users should be aware that a Customer can request such Customer’s End User Data from them in order to use the Customer’s website(s), web applications, API, and/or mobile application(s) and that Customer’s End User Data may then be included in the information given to Userology through your use of Userology services. Therefore, Customer’s End Users should review the privacy policy of a Customer’s website(s), web applications, API, and/or mobile application to assess the security of any information a Customer’s End User discloses. To the extent that Userology does receive any Customer’s End User Data, Userology shall make all efforts, consistent with the terms of this Privacy Policy, to maintain the confidentiality of such Customer’s End User Data.



Userology has no direct relationship to the Customer’s End Users whose Customer’s End User Data it processes and such Customer’s End User who seeks access, or who seeks to correct, amend, or delete inaccurate Customer’s End User Data should direct his or her query to the applicable Customer for removal. Once such Customer requests removal of such applicable Customer’s End User Data, Userology will respond to such request within the agreed SLA during discussions with the customer (3 working days if not defined specifically).



Userology ’s Customers may electronically submit Customer’s End User Data to Userology. Userology will not review, share, distribute, or reference any such Customer’s End User Data except as provided in Userology ’s applicable agreement with Customer, or as may be required by applicable law.



Userology acknowledges that Customer’s End Users have the right to access their Personal Data. If Personal Data pertaining to a Customer’s End User has been submitted to us by a Customer, and a Customer’s End User wishes to exercise any rights it may have to access, correct, amend, or delete such Personal Data, the Customer’s End User should inquire with the Customer directly.
​
Non-Personal Data: “Non-Personal Data” is information that does not identify a specific person.

Website users

Userology collects several types of information that is about you but individually does not identify you, information comprising communications with you, about your browsing sessions using the Website (Internet activity information), including, but not limited to, browsing history, search history, and information regarding a user’s interaction with the Website and/or geolocation information (based on IP address).
Non-Personal Data from Customers

Userology may receive Non-Personal Data from Customers, which may include data such as the URL of the website a Customer visited before participating in Userology services, the URL of the website visited after participating in Userology services, the type of browser the Customer is using, or general and/or aggregated location data that does constitute Personal Data. We, and/or our authorized Third-Party Service Providers (defined below), may automatically collect this information when Customers visit or use Userology services through the use of electronic tools like Cookies and Web beacons or Pixel tags, as described below in this Privacy Policy.



We use Non-Personal Data to provide products and/or services to Customers, enhance the operation of Userology services, troubleshoot, administer Userology services, analyze trends, gather demographic information, comply with applicable law, and cooperate with law enforcement activities. We may also share this information with our authorized Third-Party Service Providers to measure the overall effectiveness of our products and services.

Non-Personal Data from Customer’s End Users

Userology ’s Customers may electronically submit Non-Personal Data from Customer’s End Users to Userology services. Userology does not review, share, distribute, or reference any such Non-Personal Data except as provided in Userology ’s applicable agreement with Customer, or as may be required by applicable law. Userology uses such Non-Personal Data for the purpose of enhancing or providing the Userology service.
Cookies: To facilitate and customize your experience with the Userology service, we may store cookies on your computer or other similar device through which you access the Userology services. A cookie is a text file containing small amounts of information, which is downloaded to your device when you first visit a website. A cookie helps us keep track of your visits & activities on a website. It asks permission to be stored on your computer. Once you agree, the stored file or the cookie helps analyse web traffic or lets you know when you visit a particular site. The web application can tailor its operations to your needs, likes, and dislikes by gathering and remembering information about your preferences that are stored on the computer after you agree.
Other Tracking Devices: When you access the Userology website, pixel tags, and web beacons generate a Non-Personally Identifiable notice of that action. Pixel tags allow us to measure and improve our understanding of visitor traffic and behavior on the Userology website, as well as give us a way to measure our promotions and performance. We may also utilize pixel tags and web beacons provided by our marketing partners for the same purposes.

What Information We Do Not Collect
We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not attempt to register for the services provided by Userology or send any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 18 years, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us personal information, please contact us at shrey@userology.in
​

Sharing of Data
We do not sell or share Personal Data or Non-Personal Data related to our Customers’ End Users. We use all such data to strictly provide Services or Websites and its content to you. We will not share Personal Data with other parties except as provided below:
Authorized Third-Party Service Providers: Userology may provide products and services through third parties. These “Third-Party Service Providers” will need to work on data provided by you for the sake of aiding our services, including analytics, hosting and assistance with technical and administrative aspects of the service (including credit/debit card processing), and for general improvement.
Merger / Acquisition: As with any other company, we could merge with, or be acquired by another company, including in connection with a bankruptcy of Userology. If this occurs, the successor company would acquire the information we maintain, including Personal Data. However, Personal Data would remain subject to this Privacy Policy.
Law Enforcement: We reserve the right to disclose Personal Data as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with administrative or judicial process requesting Personal Data, a judicial proceeding, court order, or other legal process served on us, enforce or apply this Privacy Policy, Terms of Service or other agreements or protect the rights, property or safety of Userology, users of Userology services, or others.
Payments Processors: If and when we provide paid products and/or services on our Website, in such cases, we use third-party services for payment processing. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. While availing any such payment method(s) available, the website will not assume liability, whatsoever, arising out of the transactions or usage of data provided to such payment gateway partner.
Extraordinary Circumstances: We may also disclose information when we believe it’s necessary to prevent imminent and serious bodily harm to a person; to address fraud, security, or spam; or to protect our rights or property.

Links to Other Sites
Our service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services. The presence of the links shall not be construed as our endorsements of the content of such third party’s sites.
​
Data Controller, Data Processor & Data Protection Officer
We process Personal Data both as a Processor as defined in the General Data Protection Regulation (“GDPR”):
a. The Customer will be the Controller for Customer’s End User Data.
b. Userology will be the Data Processor.
Userology has a Data Protection Officer (as defined in the GDPR) who is responsible for matters relating to privacy and data protection. Our Data Protection Officer can be reached as follows:
Email: shrey@userology.in
For Customers and Customer’s End Users located in the European Data Region in the European Economic Area (EEA), all processing of Personal Data is performed in accordance with the GDPR.
All data collected by Userology through Userology services will be stored exclusively in secure hosting facilities. Userology has a data processing agreement in place with its provider, ensuring compliance with the GDPR. All hosting is performed in accordance with the highest security regulations. All transfers of data out of the EEA are done in accordance with the applicable data processing agreement. If you are a Customer located in the EEA, we exclusively store and process Personal Data in the EEA. Customers have the ability to export Personal Data in a manner that transfers such Personal Data to a third country. We will perform such transfers in accordance with Customers’ instructions.

Security
We have policies, procedures, and training in place in respect of data protection, confidentiality, and information security. We regularly review such measures with the objective of ensuring their continuing effectiveness. We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. Among the measures implemented by us for personal data protection are physical security measures, access control, organizational security measures, and incident management procedures. We constantly evaluate and upgrade the security measures implemented to ensure secure and safe personal data processing. 
We have adopted reasonable physical, technical, and organizational safeguards that substantially mirror the GDPR-required safeguards against accidental, unauthorized, or unlawful destruction, loss, alteration, disclosure, access, use, or processing of Personal Data in our possession.



Access to data that the Customer has provided via Userology services is protected with authentication & access controls. We advise against sharing user credentials with anyone. If a Customer accesses their account via a third-party site or service, there may be additional or different sign-in protections via that third-party site or service. Customers must prevent unauthorized access to their account and the Personal Data that they have provided, including without limitation any applicable Customer’s End User Data, by selecting and protecting their passwords and/or other sign-in mechanisms appropriately and limiting access to their computers, browsers, or mobile devices by signing off after finishing accessing their accounts.
Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time. In the event that we believe that the security of a Customer’s login credentials may have been compromised, we may seek to notify the Customer of that development.



In addition, the Personal Data that a Customer has provided, including without limitation Customer’s End User Data, resides on secure servers that only selected personnel and contractors have access to. As a result, while we employ appropriate and commercially reasonable security measures to protect data and seek to partner with companies that do the same, we cannot guarantee the security of any information transmitted over the internet, and we are not responsible for the actions of any third parties that may receive any such information.




Privacy Policies Of Third-Party Websites
This Privacy Policy only addresses the use and disclosure of personal information we collect from Customer’s End Users and Customers via Userology services as well as other personal information collected from Customers. Other websites or services that may be accessible through Userology services may have their own privacy policies and data collection, use, and disclosure practices. If you use, link, or visit any such website, we urge you to review that website’s privacy policy. We are not responsible for the policies or practices of third parties.

Customer Service Contact Information and Complaints
For any questions or comments about this privacy policy and our privacy practices, or to register a complaint or concern please contact us through our Data Protection Officer at:
Email: shrey@userology.in
If you have a complaint about our privacy practices, you may submit a complaint to our Data Protection Officer. Our Data Protection Officer and compliance team will evaluate your complaint and may request additional information. Providing sufficient information to understand the facts and circumstances of a complaint are important and necessary to resolve complaints.

For any questions, comments, or complaints related to Information Security, you may contact:
Email: teams@userology.co