Privacy Policy

Introduction

This privacy policy (“Policy”) describes how TAMR, Inc. and its affiliates (“TAMR”) collect, use and share personal information that we collect as controllers through our digital properties that link to this Policy, including our website (collectively, the “Service”), as well as through social media, our marketing activities, our live events and other activities described in this Policy We will not sell, share, or rent this information to others in ways different from what is disclosed in this Policy.

If you are located in California, see the Notice to Californian users below. 

Data Collected

Information you provide to us. TAMR allows you to voluntarily provide us with personal information through our Service or otherwise (e.g., when you are purchasing or redeeming offers or registering products you purchased from other authorized retailers). The information we may collect from you may include:

• Contact data, such as your name, email address, and phone number.
• Transactional data, such as information relating to or needed to complete your orders on or through the Service, including order numbers transaction history. and past purchases. We do not collect or store credit card information.
• Communications that we exchange with you, including when you contact us through the Service, e.g., to help solve any issues you might be facing, social media, or otherwise. 
• Research data, that you provide when you agree to participate in our surveys or promotions or similar responsive requests, include contact data and demographic information. 
• Marketing data, such as your preferences for receiving our marketing communications, e.g., news, offers for upgrades, discounts, and details about your engagement with them. 

• User generated content, such as blogs, bulletin board or similar means of communication you make available on or through our Service, as well as associated metadata (please note that any data you submit there can be read, collected, or used by other users of these forums). 
• Job application data, such as professional credentials and skills, educational and work history, LinkedIn profile page, personal website, and other information that may be included on a resume or curriculum vitae as well as in a cover letter. This may also include diversity information/special categories of data that you voluntarily provide.
• Other data not specifically listed here, which we will use as described in this Policy or as otherwise disclosed at the time of collection.

Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:

• Device data, such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings, mobile device carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information such as city, state or geographic area.
• Online activity data, such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our emails or clicked links within them.

Cookies and similar technologies. We use cookies and similar technologies (such as web beacons, pixels, tags and scripts) to improve and personalize your experience, provide the Service, analyze website performance and for marketing purposes. For more information, see our Cookie Notice.

Publicly and commercially available sources. We may receive personal information from publicly and commercially available sources, which we may combine with other information we receive from or about you. We will use the information we collect from third party sources in accordance with this Policy.

Data about others. We may offer features that invite you to provide personal information about others, e.g., our surveys or features that help users invite others to use the Service, and we may collect personal information in these respects, e.g., contact details about invitees so we can deliver their invitations. Please do not share such personal information with us unless you have their permission to do so. 

How we use your personal information

We may use your personal information for the following purposes or as otherwise described at the time of collection:

Service delivery. We may use your personal information to:

• provide, operate and improve the Service and our business;
• enable security features of the Service, such as by sending you security codes via email or SMS, and remembering devices from which you have previously logged in;
• communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
• understand your needs and interests, and personalize your experience with the Service and our communications; and
• provide support for the Service, and respond to your requests, questions and feedback.

Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and our business.  As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the Service and promote our business.

Marketing. We and our service providers may collect and use your personal information for marketing purposes:

• Direct marketing. We may send you direct marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us at privacy@tamr.com. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
• Interest-based advertising. We may engage third party advertising and social media companies to display ads on the Service and on other online services. These companies may use cookies and similar technologies to collect information about you over time across the Service, our communications and other online services, and use that information to serve ads that they think will interest you. This is called interest-based advertising. We may also share information about our users with these companies to facilitate interest-based advertising to those or similar users on other online platforms. 

To manage our recruiting and process job applications. We may use personal information, such as data submitted to us in a job application, to facilitate our recruitment activities and process job applications, such as by evaluating a candidate for a job, and monitoring recruitment statistics.

Compliance and protection. We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
• protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); 
• audit our internal processes for compliance with legal and contractual requirements or our internal policies; 
• enforce the terms and conditions that govern the Service; and 
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.  
  

Information Sharing and Disclosure

We may share your personal information with the following parties and as otherwise described in this Policy or at the time of collection. 

Service providers. TAMR may share personal information with service providers as needed to provide us with services that help us with our business activities and to provide our Service (such as hosting, information technology, email delivery, marketing/advertising). 

Partners. We may sometimes share your personal information with partners or enable partners to collect information directly via our Service. 

Business and marketing partners. We may sometimes share your personal information with third parties with whom we co-sponsor events or promotions, with whom we jointly offer products or services, or whose products or services may be of interest to you.

Authorities and others. Where required by applicable law, we may also need to transfer your personal information to law enforcement, government authorities, and private parties for the compliance and protection purposes described above. 

Business transferees. Acquirers and other relevant participants in business transactions (or negotiations of or due diligence for such transactions) involving a corporate divestiture, mergers, acquisition or asset sale, consolidation, reorganization, or other disposition of all or any portion of the business or assets of, or equity interests in, Tamr or our affiliates (including, in connection with a bankruptcy or similar proceedings).

Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Data Integrity and Security:

TAMR uses industry standard security measures to protect against the loss, misuse and/or alteration of data located on our systems. We implement appropriate measures and processes, such as using encryption when transmitting certain sensitive information, to help us to keep your information secure. We regularly review our security and related policies to adapt the technology as new threats evolve, and monitor our systems to help ensure the highest level of availability. However, security risk is inherent in all internet and information technologies and while we try to use reasonably acceptable means to protect your personal information, we cannot guarantee its absolute security or confidentiality. If you have any questions about the security at our Service, you can contact us at privacy@tamr.com.

International Transfers

TAMR, Inc. is an entity which is based in the United States of America and many of our service providers operate in other countries. Your personal information may be transferred to the United States or other locations where privacy laws may not be as protective as those in your state, province, or country.

If you are located in the European Economic Area (EEA), Switzerland, and/or the United Kingdom (UK) your Personal Data will be accessed by Tamr staff or suppliers, transferred, and/or stored outside the EEA, Switzerland and/or the UK.

We take appropriate safeguards to require that your Personal Data will remain protected in accordance with this Data Privacy Notice and as required by applicable data protection law, including: (i) requiring that our third-party service providers and partners employ an adequate method of transfer, such as the European Commission’s Standard Contractual Clauses (further details of which can be provided upon request). Additionally, Tamr complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.

Tamr has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.

Tamr has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. Tamr is subject to the investigation and enforcement powers of the U.S. Federal Trade Commission. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/. In compliance with the EU- U.S. DPF (and the UK Extension to the EU- U.S. DPF) and the Swiss- U.S. DPF, Tamr commits to resolve DPF Principles-related complaints about our collection and use of your personal data. Individuals from the EU, Switzerland and the UK with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact TAMR at: privacy@tamr.com.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Tamr commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit  https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. 

An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. Please access the following link for more information: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2 .

Please note that Tamr might have to disclose personal information in response to lawful requests by public authorities or in order to meet national security or law enforcement requirements.

In accordance with the Recourse, Enforcement and Liability Principle, in the context of an onward transfer, we have the responsibility for the processing of personal information Tamr receives under the DPF Principles and subsequently transfers to a third party acting as an agent on its behalf.  Tamr remains liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the DPF Principles, unless Tamr proves that it is not responsible for the event giving rise to the damage.

Rights

Your rights according to the EU GDPR, and relevant regulations in the UK and Switzerland include:

• Right of access
• Right to correction or deletion
• Right to limit processing
• Right to object to the processing
• Right to data transferability
• Right to revoke a given consent at any time

Data subjects also have the right to complain to a data protection supervisory authority about the processing of their personal data. You can find more information about contacting your supervisory authority at  https://www.dataprivacyframework.gov/s/article/How-to-Submit-a-Complaint-Relating-to-a-Participating-Organization-s-Compliance-with-the-DPF-Principles-dpf   

Other Sites

The Service  may contain links to other sites on the Web, mobile applications, and other online services operated by third parties.  In addition, our content may be integrated into web pages or other online services that are not associated with us.  These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. TAMR has no control over these external sites, mobile applications or online services and is not responsible for the privacy practices or content of these sites. We do not control websites, operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites, mobile applications and online services you use. We advise you to read the privacy policies of those websites thoroughly so that you are aware of the manner in which those websites will use your personal data.

TAMR reserves the right to remove content that does not comply with the conduct stated above or is otherwise deemed objectionable. TAMR reserves the right, in its sole discretion, to terminate your access to any part or this entire site without notice.

How Long Will We Keep Your Personal Information For?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, and beyond such time to the extent legally permitted and based on our legal obligations (e.g., in relation to invoice retention) or legitimate interests (e.g., in retaining data for the purposes of responding to possible disputes or complaints). 

In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Children’s Privacy

We do not allow such children under the age of 13 to register as users and will not knowingly collect or solicit Personal Information from anyone under the age of 13. No one under the age of 13 should provide any Personal Information on or through this Site or otherwise. In the event we learn that we have collected Personal Information from a child under age 13, we will terminate any account and communications, and delete such information. If you believe that we might have any information from or about a child under 13, please contact us at privacy@tamr.com. Minors aged 13 and over should not use this site or post any information or other content without adult supervision.

Changes to this Policy

We reserve the right to modify this Policy at any time . If we make material changes  to our Policy, we will notify you by updating the date of this Policy and posting it on the Service or other appropriate means. Any modifications to this Policy will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). 

How to contact us

• Email: privacy@tamr.com  
• Mail: 66 Church St, Cambridge, MA 02138, USA, ATTN: TAMR, Inc. 
• DPO: datenschutz@heydata.eu 

Notice to Californian users

Scope. This section applies only to California residents. It describes how we collect, use and share Personal Information of California residents when we act as a “business” as defined under the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”), and their rights with respect to their Personal Information. For purposes of this section, “Personal Information” has the meaning given in the CCPA/CPRA but does not include information exempted from the scope of the CCPA/CPRA. In some cases, we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section. 

Your California privacy rights. As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.

• Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months or since January 1, 2022, whichever timeframe is greater (unless producing information beyond the preceding 12 months proves impossible or would involve a disproportionate effort):

1. The categories of Personal Information that we have collected.
2. The categories of sources from which we collected Personal Information.
3. The business or commercial purpose for collecting and/or selling Personal Information.
4. The categories of third parties with whom we share Personal Information.
5. The categories of Personal Information that we sold or disclosed for a business purpose.
6. The categories of third parties to who the Personal Information was sold or disclosed for a business purpose. 

• Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months or since January 1, 2022, whichever timeframe is greater (unless producing information beyond the preceding 12 months proves impossible or would involve a disproportionate effort).
• Correction. You can ask us to correct inaccurate Personal Information that we have collected about you.
• Deletion. You can ask us to delete the Personal Information that we have collected from you.;
• Opt-out of sales and sharing. If we “sell” or “share” (as those terms are defined in CCPA/CPRA) your Personal Information, you can opt-out.  
• Opt-in. If we know that you are 13-15 years of age, we will ask for your affirmative authorization to sell your Personal Information or share your Personal Information for targeted advertising purposes before we do so.
• Nondiscrimination. You are entitled to exercise the rights described above free from discrimination in the form of legally prohibited increases in the price or decreases in the quality of our Service.  

How to exercise your rights

You may exercise your California privacy rights described above as follows:

• Right to information, access, correction and deletion. You may exercise your right to information, access, correction or deletion by contacting us at privacy@tamr.com. 

Right to opt-out of the “sale” or “sharing” of your Personal Information. Like many companies, we use services that help deliver interest-based ads to you as described above. Our use of some of these services may be classified under CCPA/CPRA as “selling” or “sharing” your Personal Information to the companies that provide the services. You can request to opt-out out of the “sale” or “sharing” of your personal information here: Do Not Sell My Personal Information.

Verification of Identity; Authorized agents. We may need to verify your identity to process your information, access, correction, or deletion requests and reserve the right to confirm your residency. To verify your identity, we may require government identification, a declaration under penalty of perjury, or other information, where permitted by law.  

Under CCPA/CPRA, you may enable an authorized agent to make a request on your behalf.  However, we may need to verify your authorized agent’s identity and authority to act on your behalf.  We may require a copy of a valid power of attorney given to your authorized agent pursuant to applicable law. If you have not provided your agent with such a power of attorney, we may ask you to take additional steps permitted by law to verify that your request is authorized, such as by providing your agent with written and signed permission to exercise your CCPA/CPRA rights on your behalf, the information we request to verify your identity, and confirmation that you have given the authorized agent permission to submit the request. 

Personal information that we collect, use and disclose. We have summarized the Personal Information we collect by reference below to both the categories defined in the “Data Collected” section of this Policy above and the categories of Personal Information specified in the CCPA/CPRA and the table below describes our practices currently and during the 12 months preceding the effective date of this Privacy Policy. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below.

‍