Last updated on January 13, 2021
SmartBrief, Inc. ("SmartBrief","we" or "us") is a media company offering industry-focused newsletter and content services in partnership with trade associations, professional societies, nonprofits and corporations (in this document we collectively refer to these organizations, our advertisers, social media partners, service providers and certain other parties as our "Business Partners").
If you have any questions about our privacy practices, please contact us at email@example.com.
We collect information about you in a range of forms, including personal data. Personal data includes any information that, either alone or in combination with other information held about you, identifies you as an individual, including, for example, your name, postal address, email address and telephone number. We collect and use your personal data to:
- provide relevant, personalized, targeted news and information;
- help target advertising messages, including in our email newsletters and other communications, so that we are able to continue providing our content to you at no cost;
- operate, maintain, and improve our Services;
- enable our customer service professionals to respond to your questions, concerns and feedback;
- manage your subscriptions to our Services, including communicating with you about your subscriptions; and
- send information, including technical notices, updates, security alerts, and support and administrative messages.
Data We Collect
Information You Provide Us. SmartBrief collects personal data, such as name, email address, postal address, ZIP code and country, from each subscriber to our Services. Personal data can be used to identify or contact you directly. We also collect the name of your company, job title, level in organization, job function, company type, company revenue and number of company employees. We typically collect this information directly when you complete registration forms or when you provide other information through our Website or via email. When we collect this information directly, we let you know if providing the information is optional or if it is required to provide our Services (for example, we must have your email address to provide you with our email newsletter Services).
Information Provided to Us by Our Business Partners. We also collect personal data indirectly when we receive it from our Business Partners. We may combine information we have collected directly from you with information we obtain from Business Partners or other companies.
Information Automatically Collected. We automatically log information about you and your computer or mobile device when you use our Services, including visiting our Website, using one of our Apps, and reading our email newsletters.
For example, when using our Services, we log when you open an email from us, what links in our emails that you select, your IP address, your computer or mobile device operating system name and version, manufacturer and model, browser and email client type, internet browsing and usage habits, your internet service provider, browser language, pages you viewed, how long you spent on a page, access times, the website that referred you to our Services, and information about your use of and actions on our Website. We collect this information about you using cookies (see ’Cookies’ section) and pixel tags (see ’Pixel Tags’ section).
Cookies are small data files stored on the hard drive of your computer or mobile device by a website. Session cookies are generally used to aid navigation on our Website, while persistent cookies allow us to maintain information between visits, such as the number of site visits, and user preferences, such as your username. A persistent cookie remains on your hard drive for a limited time period, after which it expires and is deleted by your browser. For more information about cookies, please visit http://www.allaboutcookies.org/cookies/.
Cookies We Use
We use the following types of cookies for the purposes set out below:
Essential Cookies. These cookies are essential to provide you with our Services and to enable you to use some of the features of our Services. Without these cookies, the Services cannot be provided, and we only use these cookies to provide you with the Services.
Functionality Cookies. These cookies allow our Website to remember choices you make when you use our Website. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Website.
Advertising & Targeting Cookies. These cookies track your browsing habits to enable us to show advertising that is more likely to be of interest to you, both on and off our Services and to measure the effectiveness and reach of ads and services. These cookies use information about the industries you are interested in and your browsing history to group you with other users who have similar interests. Based on that information, and with our permission, third-party advertisers can place cookies to enable them to show advertisements that we think will be relevant to your interests while you are on third-party websites.
Social Media Cookies. These cookies are used when you share information using a social media sharing button or “like” button on our Website or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter, LinkedIn or Google+. The social network will record that you have done this.
You can typically remove or reject cookies via your browser settings. To do this, follow the instructions provided by your browser (usually located within the "settings", "help", "tools" or "edit" menus). Many browsers are set to accept cookies until you change your settings.
If you reject the cookies, you still may use our Services. However, please note that if you disable cookies, the functionality offered by the Services may be limited as a result.
We may use pixel tags (also known as web beacons and clear GIFs) on our Services to track the actions of users on our Services. A pixel tag is a tiny, opaque graphic image, usually no larger than 1 pixel x 1 pixel, which is placed on a website or in an email that is used to monitor the behavior of the user. Pixel tags measure how relevant our newsletter content is to our subscribers, measure the success of our marketing campaigns, and compile statistics about usage of the Services, so that we can manage our content more effectively and provide our readers with more useful content.
We may share your personal data and other types of data as follows:
Business Partners. Periodically, we may share information, including personal data, collected from you with trade associations and other Business Partners with whom we do business. For example, if you subscribe to a SmartBrief newsletter service sponsored by a trade association, we may provide your information to that trade association, including your name, email address, postal address, company and title. That trade association may contact you or invite you to participate in other association activities. We also share de-identified information and/or aggregated information with our Business Partners.
Advertisers and Advertising Networks. We do not share personal data with advertisers, except in accordance with this policy and where you have given us permission to do so. For example, you may give us permission to share your personal data with a third party in connection with an advertiser’s lead generation campaign. We may also pre-fill a lead generation form with your personal data for you to submit directly to one of our advertisers. We also share de-identified information and/or aggregated information with our advertisers.
Social Networking Sites. We share de-identified information with our social media partners, to enable them to show advertising that is more likely to be of interest to you.
Third Parties. If you supply information directly to SmartBrief, a Business Partner or an advertiser via a registration form in the Service (including our Website and Apps) as part of a promotion, advertiser lead-generation campaign, contest, third-party subscription or similar activity, we may supply both personal data and anonymous data you provide directly to our Business Partner and/or advertiser. In addition, when you provide such information, we may retain this information and use it to augment your subscriber profile for our records and possible later use as provided in this Policy. If SmartBrief, a Business Partner or an advertiser is conducting a promotion or campaign on our Website or App in which your information will be collected by SmartBrief and shared in ways other than as set forth in this Policy, we will disclose such sharing prior to the transfer and you will be given the opportunity to request that your information not be shared. In some cases, you may not be able to participate in a particular promotion or campaign if you have chosen not to share personal data. SMARTBRIEF MAY PROVIDE YOUR PERSONALLY IDENTIFIABLE INFORMATION TO A THIRD-PARTY COMPANY WITH YOUR CONSENT. BECAUSE WE DO NOT CONTROL THE PRIVACY PRACTICES OF THESE THIRD-PARTY COMPANIES, YOU SHOULD READ AND UNDERSTAND THEIR PRIVACY POLICIES.
We also aggregate information about our subscribers and the ways they use our Services. This information does not identify you personally. We use this information for market research purposes and to improve the quality of the Services we offer. We reserve the right to disclose aggregated, anonymous data we have collected to third parties for any purpose.
Third-Party Service Providers. Except in accordance with this policy, SmartBrief does not rent, sell or share your personal data with nonaffiliated third parties without your consent. SmartBrief may, however, share personal data with trusted third-party service providers and contractors. These third-party service providers and contractors are prohibited from using the information for purposes other than performing services for SmartBrief. A list of our service providers can be found at http://smartbrief.com/privacy/data-processors.
Corporate Restructuring. SmartBrief may transfer information, including any personal data, to a successor entity in connection with a corporate merger, consolidation, sale of assets, bankruptcy, or other corporate change. If SmartBrief is involved in a merger, acquisition or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your information, as well as any choices you may have regarding your personal data.
Lawful Basis for Processing
If you are a citizen of the EEA, UK or Switzerland, in order to process your personal data, we must have a lawful reason for doing so. GDPR sets out six lawful bases under which organisations can collect, use and store personal data. We rely on four of the lawful bases:
Necessary for the performance of a contract. If you are a subscriber of a newsletter, for example, we will process your personal data on the basis that it is necessary for us to provide our products and services to you.
Consent. In some instances we rely on your specific consent to process your personal information. This is where you have actively agreed and ‘opted-in’, for example; to receive newsletters and marketing communications from us, and you have the right to withdraw your consent at any time.
Compliance with laws. We may have to process and share your personal data in order to comply with our legal obligations, or to protect our rights or the rights of others.
Legitimate interests. In some situations we rely on our legitimate business interests in order to collect and use your personal data. In these situations, we have conducted a balancing test to carefully consider the impact of the processing on your interests, rights and freedoms. We will only undertake the processing if we are satisfied there is no negative impact on you. We may rely on Legitimate Interests for the following activities:
- providing, maintaining, improving and developing our products and services;
- sending direct marketing communications about our products and services to subscribers;
- sending marketing communications related to the products and services of carefully selected companies in a business-to-business context;
- managing suppression and unsubscribe requests;
- researching publicly available business contact details;
- analysing the use of our products and services;
- using analytics to identify usage trends and determining the effectiveness of campaigns;
- dealing with queries and complaints;
- identifying fraudulent behaviour and ensuring our products and systems are secure.
If you object to our reliance on Legitimate Interests for any purpose please contact our Data Protection Officer at firstname.lastname@example.org.
SmartBrief has security measures in place designed to protect the loss, misuse and alteration of the information under our control. Our hardware infrastructure is housed in a controlled access facility that restricts access to authorized individuals with positive identification. The network infrastructure is protected by a firewall and traffic is monitored and logged both on the firewall and servers. Administrative access is limited not only to authorized employees but also to specific remote administration protocols. All employees with access to personal data are trained in SmartBrief’s security policies and practices. SmartBrief will continue to conduct internal reviews of its security systems and make all necessary enhancements to ensure the safety of the Website and its users. No method of transmission over the Internet or method of electronic storage is 100% secure; therefore, while SmartBrief strives to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
SmartBrief’s products and Services are designed for those ages 18 and older. SmartBrief does not intentionally gather personal data from visitors who are under the age of 13. If a child under 13 submits personal data to us and we learn that the personal data is the information of a child under 13, SmartBrief will delete the information as soon as reasonably practicable. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com.
Advertising Choices and Subscription Preferences
SmartBrief collects data, including de-identified data, via our Services, and via the websites of our Business Partners and other third parties, to help tailor content and advertising. We also enable Business Partners, advertising networks and other third parties to collect and/or use de-identified data from our Services. Cookies and web beacons are typically used to help collect this information. We support the industry self-regulation program established for Online Behavioral Advertising (“OBA”). For more information about these practices, and to learn about the choices available to you regarding how this information is used, please visit www.AboutAds.info. The site provides you with an option to opt out of some or all OBA as you prefer. Please note that preferences are stored separately for each browser and device you use, so you may have to repeat the opt-out process if you wish your preferences to apply universally.
Each email sent through the SmartBrief system contains an easy, automated way for you to stop receiving that newsletter. To unsubscribe, select the "unsubscribe" link in the footer of an email from SmartBrief and follow the directions to communicate your preferences to us. Alternatively, you may reply to your SmartBrief email and type the word "UNSUBSCRIBE" in the subject line.
We also encourage you to participate in our referral program to share SmartBrief with a friend or colleague. When you provide us with a referral’s email address, we store this information for the sole purpose of sending the referral a one-time email inviting that person to register on the Website. We will not send newsletters or any additional emails until your referral has indicated to us that they desire to receive such material..
Under the General Data Protection Regulation (GDPR), you have a number of important rights free of charge where products and/or services are delivered in the European Economic Area. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information;
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you;
- object in certain other situations to our continued processing of your personal information; and
- otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner's Office (ICO) on individuals' rights under GDPR.
If you wish to exercise any of these rights, please contact us at firstname.lastname@example.org. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the above rights you would like to exercise. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and, in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
International Data Transfer
We are headquartered in the United States and may use service providers that operate in other countries. If we transfer your personal information from the United Kingdom or European Economic Area to a country such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so. These steps include implementing the European Commission's Standard Contractual Clauses for transfers of personal information to our service providers and business partners. To the extent applicable, SmartBrief may rely on derogations as set forth in Article 49 of the GDPR for the transfer and onward transfer of personal information collected from individuals in Europe to the United States, and other countries that the EU views as not providing adequate data protection. Specifically, we may transfer such information to another party in accordance with our lawful basis for processing. Please contact us for further information about any such transfers or the specific safeguards applied.
We will only retain your personal data as long as reasonably required for you to use the Services, unless a longer retention period is required or permitted by law (for example for regulatory purposes).
Sensitive Personal Data
Subject to the following paragraph, we ask that you not send us, and you not disclose, any sensitive personal data (for example, social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise to us.
How to complain
We hope to resolve any complaint brought to our attention, however, the General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in a European Economic Area state or in the United Kingdom if you work, normally live or if any alleged infringement of data protection laws occurred in the relevant state. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: +44 (0)303 123 1113.
Copyright © 1999-2018 SmartBrief, Inc. All rights reserved. Protected by copyright laws of the United States and international treaties. Reproduction, copying or redistribution for commercial purposes is strictly prohibited without the express written permission of SmartBrief. SmartBrief contains links to third-party websites. The linked sites are not under the control of SmartBrief, and SmartBrief is not responsible for the contents, advertising, products, or any other materials or links contained in those linked sites. SmartBrief provides these links only as a convenience, and inclusion of a link does not imply endorsement of the linked site by SmartBrief, its Business Partners or its affiliates. Information, documents, and links included in SmartBrief are provided "as is" without any warranty. While SmartBrief uses reasonable efforts to include accurate information, it does not make any representation as to its accuracy or completeness. The material is available to users at their own risk and SmartBrief is not liable for any damages arising from the use of the SmartBrief products and Services.
NOTICE TO CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS
(AS PROVIDED BY CALIFORNIA CIVIL CODE SECTION 1798.83)
A CALIFORNIA RESIDENT WHO HAS PROVIDED PERSONAL DATA TO A BUSINESS WITH WHOM HE/SHE HAS ESTABLISHED A BUSINESS RELATIONSHIP FOR PERSONAL, FAMILY, OR HOUSEHOLD PURPOSES (A “CALIFORNIA CUSTOMER”) MAY REQUEST INFORMATION ABOUT WHETHER THE BUSINESS HAS DISCLOSED PERSONAL INFORMATION TO ANY THIRD PARTIES FOR THE THIRD PARTIES’ DIRECT MARKETING PURPOSES. IN GENERAL, IF THE BUSINESS HAS MADE SUCH A DISCLOSURE OF PERSONAL DATA, UPON RECEIPT OF A REQUEST BY A CALIFORNIA CUSTOMER, THE BUSINESS IS REQUIRED TO PROVIDE A LIST OF ALL THIRD PARTIES TO WHOM PERSONAL DATA WAS DISCLOSED IN THE PRECEDING CALENDAR YEAR, AS WELL AS A LIST OF THE CATEGORIES OF PERSONAL DATA THAT WERE DISCLOSED. CALIFORNIA CUSTOMERS MAY REQUEST FURTHER INFORMATION ABOUT OUR COMPLIANCE WITH THIS LAW BY EMAILING email@example.com. PLEASE NOTE THAT WE ARE REQUIRED TO RESPOND TO ONE REQUEST PER CALIFORNIA CUSTOMER EACH YEAR AND WE ARE NOT REQUIRED TO RESPOND TO REQUESTS MADE BY MEANS OTHER THAN THROUGH THIS EMAIL ADDRESS.
Important Information for California Residents
This section applies only to California residents. It describes how we collect, use and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA.
Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.
- Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months: the categories of Personal Information that we have collected; the categories of sources from which we collected Personal Information; the business or commercial purpose for collecting and/or selling Personal Information; the categories of third parties with whom we share Personal Information; whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient; or whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.
- Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
- Deletion. You can ask us to delete the Personal Information that we have collected from you.
- Opt-out of sales. If we sell your Personal Information, you can opt-out.] [In addition, if you direct us not to sell your Personal Information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
- Opt-in. If we know that you are younger than 16 years old, we will ask for your permission (or if you are younger than 13 years old, your parent’s or guardian’s permission) to sell your Personal Information before we do so.
- Nondiscrimination. You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.
How to exercise your rights
You may exercise your California privacy rights described above as follows:
- Right to information, access and deletion. You can request to exercise your information, access and deletion rights by: visiting https://www2.smartbrief.com/subscribertools/login.jsp or emailing firstname.lastname@example.org
- Right to opt-out of the “sale” of your Personal Information. We do not sell your Personal Information in the conventional sense (i.e., for money). However, like many companies, we use services that help deliver interest-based ads to you. California law classifies our use of these services as a “sale” of your Personal Information to the companies that provide the services. This is because we allow them to collect information from our website users (e.g., online identifiers and browsing activity) so they can help serve ads more likely to interest you. You can request to opt-out out of this “sale” of your personal information here: Do Not Sell My Personal Information.
We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
Personal information that we collect, use and share
|Statutory category of personal information (PI)||Source of the PI||Purpose for collection||Categories of third parties to whom we “disclose” the PI for a business purpose||Categories of third parties to whom we “sell” the PI|
|Identifiers||You, Public sources, Business partners, Our clients||Service delivery, Research & development, Marketing, Compliance & Operations||Affiliates, Advertising partners, Service-related third parties, Professional advisors, Authorities and others, Business transferees||Business Partners (for business and commercial purposes as defined in the section above entitled Information Sharing and Disclosure)|
|Commercial Information||You, Our client||Service delivery, Research & development, Marketing, Compliance & Operations||Affiliates, Service-related third parties, Professional advisors, Authorities and others, Business transferees||None|
|Online Identifiers||You, Our client||Service delivery, Research & development, Marketing, Compliance & Operations||Affiliates, Service-related third parties, Professional advisors, Authorities and others, Business transferees||Advertising partners (to facilitate online advertising), Business Partners (for business and commercial purposes as defined in the section above entitled Information Sharing and Disclosure)|
|Internet or Network Information||You, Our client||Service delivery, Research & development, Marketing, Compliance & Operations||Affiliates, Service-related third parties, Professional advisors, Authorities and others, Business transferees||Business Partners (for business and commercial purposes as defined in the section above entitled Information Sharing and Disclosure)|
|Geolocation Data||You, Public sources, Business partners, Automatic collection, Our clients||Service delivery, Research & development, Marketing, Compliance & Operations||Business Partners (for business and commercial purposes as defined in the section above entitled Information Sharing and Disclosure)|
We describe: the sources from which we collect this information in the section above entitled Information We Collect and Use; and the business and commercial purposes for which we collect this information in the section above entitled Information Sharing and Disclosure.
|Statutory category||Definition (categories may overlap)||What we collect|
|Commercial Information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||Contact data, Identity data, Transaction data, Communications, Marketing data|
|Geolocation Data||Precise location, e.g., derived from GPS coordinates or telemetry data.|
|Identifiers||Real name, alias, postal address, unique personal identifier, customer number, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.||Contact data, Identity data, Data about others|
|Inferences||The derivation of information, data, assumptions, or conclusions from any other category of Personal Information to create a profile about a person reflecting the person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.||May be derived from your: Device data, Online activity data|
|Internet or Network Information||Browsing history, search history, and information regarding a person’s interaction with an Internet website, application, or advertisement.||Device data, Online activity data|
|Online Identifiers||An online identifier or other persistent identifier that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device.||Device data, Identity data|