Your data. Your rights.
What kind of data do we access and store?
We are collecting, storing, or using data that could be labeled as “personal data” in the following circumstances:
- Employees of our own customers (in a business to business relationship), accessing our enterprise reporting platform
- Incoming demo requests and white paper downloads
- Sales opportunities
- Newsletter subscribers
- Web analytics
Importantly, although it should be obvious from the very manner in which our tools work, and from the function they perform (merely presenting aggregate data for executive decision-making), our contractual framework expressly forbid the storage and/or processing of personal data that our own customers (b2b) hold about their audience (b2c).
We act as a data controller for all of the purposes here listed.
Why do we collect such data? On which legal basis?
- Employees of our own customers (in a business to business relationship), accessing our enterprise reporting platform: This is necessary for the performance of the very contract guiding our commercial relationship
- Incoming demo requests and white paper downloads: We rely on legitimate interest to approach you regarding the documents you have chosen to download, or as a follow-up to your own request for a product demo. However, turning you into a “sales lead” as a result of a white paper download will require prior consent on your part through the checkbox provided (“I want to know more about your products”).
- Sales opportunities: We rely on legitimate interest to maintain records about our prior conversations with you if we have engaged in a conversation (in-person, over the phone, over email, or through any other messaging service) related to your enterprise reporting needs. These records are stored in Salesforce, a US-based Customer Relationship Management platform which has registered under the Privacy Shield program. We will automatically delete your records after twelve months of inactivity.
- Newsletter subscribers: We equally rely on legitimate interest to store your email address as a means to fulfill your own request.
- Web analytics: Our website fulfills the conditions laid out by some EU Data Protection Authorities for an exception to express consent requirements under the EU ePrivacy Directive. We obfuscate IP addresses, do not integrate your cookie data with separate advertising technology platforms, our cookies expire in twelve months, and no link has been established between such first-party cookies and any other sales automation or lead generation tools.
Under no circumstances whatsoever do we share your data with any third parties. This includes our own advertising practices and technical needs.
We adhere to the strictest security standards available at every level of our interaction with you. This includes but is not limited to SSL encryption and ISO 27001 specifications (a standard for which we are certified and audited on a yearly basis) for the processing and storage of your personal data, as well as the manner in which our own personnel deals with it.
Exercising YOUR rights
You are entitled to the following rights:
- Be informed
- Restrict processing
- Not be subject to profiling or automated decision-making
Should you wish to exercise your rights by inquiring what information we have on you or requesting for it to be modified or deleted, email gdpr[@]sweetspot.com directly. Your request will be answered as soon as possible, with a wait period of no longer than 30 days.