2. Personal Data Received by DataGrail or Disclosed or Shared by DataGrail
DataGrail does not sell Personal Data collected through your use of the Platform. Information is collected to facilitate the Services offered, for marketing of our services and products, or for internal analysis relating to product improvements. However, under the California Consumer Privacy Act, some sharing of personal information necessary to provide you with personalized ads may be considered a “sale,” even if no money is exchanged. Please see Section 7 for additional information.
As required by applicable law, including, but not limited to, GDPR & CCPA, DataGrail has in place Data Processing Addendum(s) with those subprocessors that process end-user Personal Data to ensure compliance with DataGrail’s obligations under applicable data protection laws and regulations. Personal Data collected is processed by the following service providers to facilitate provision of the Services on the Platform as follows:
Newsletters & Marketing Campaigns. DataGrail utilizes SendGrid to create and deliver DataGrail’s newsletters. Submission of data is optional and with a User’s consent. DataGrail shares contact information, such as name and email address, to process that data in accordance with our instructions regarding our marketing campaigns. Please see SendGrid’s Privacy Policy for more information on their data collection and processing practices.
Social Plug-Ins: Users may optionally follow DataGrail Twitter and LinkedIn. Users should click on the hyperlinks for each site to review the applicable privacy policies for more detail about information collected and processed by these sites.
Sales & Marketing.
- Sales Team Engagement. DataGrail utilizes the chorus.ai digital communications solution to enable its sales team to capture and summarize customer communications to improve customer engagement. At DataGrail’s election, Chorus.ai may utilize biometric identification, including voiceprint identification, to match a user’s identity with information on file with DataGrail’s sales team. Each user’s consent is expressly obtained prior to collecting such information. Please see the Biometric Data Policy for additional information.
- Prospective Leads Updates. DataGrail utilizes Clearbit to enable it to supplement its existing contact information with information maintained in Clearbit’s professional profile database, including name, job title, email address, mobile number, city, company information, obtained from third party sources such as LinkedIn, to enable our sales team to more effectively identify and communicate with prospective leads. Please see the Clearbit Privacy Policy for additional information.
- Sales Automation & Analytics. DataGrail utilizes Outreach.io to automate its sales processes and generate actionable insights to help manage inbound and outbound sales processes. To the extent DataGrail utilizes Outreach’s call recording (audio/video) functionality, it will first obtain your consent to record calls prior to making such recording in accordance with applicable laws. Contact information shared with Outreach will be used solely for purposes of sales engagement functions made available through the platform. Please see the Outreach Privacy Policy for additional information.
- Marketing Outreach. DataGrail utilizes Sendoso to coordinate personalized marketing outreach efforts to current and prospective customers. Contact information such as name, email and addresses are shared for purposes of sending e-gifts, direct mail, and physical personalized gifts sent directly at DataGrail’s request. Please see the Sendoso Privacy Policy.
Notifications. DataGrail utilizes Slack and Twilio to facilitate customer notifications. Users should review Slack’s Privacy Policy and Twilio Privacy Policy for more information on their data collection and use practices
Customer Relationships Management. DataGrail utilizes services provided by Salesforce.com, inc. to manage its customer relationships and the information and data associated with those customers. Account information, including personal information such as customer’s account name, email, phone, mailing address, etc. with Salesforce.com. Please see the Salesforce.com Privacy Policy for more information on their data collection and use practices.
HubSpot. DataGrail utilizes HubSpot’s marketing software for automated marketing, content strategy and customer outreach. Please see HubSpot’s Privacy Policy for more information on their data collection and use practices.
Drift. DataGrail utilizes Drift for automated chatbot support and conversational marketing purposes. Draft may collect a User’s name, contract information, IP address and cookies when a User opts to provide such information for customer support purposes. Please see the Drift GDPR Policy for more information on their data collection and use practices.
Calendly. DataGrail integrates Calendly to provide seamless demo and meeting scheduling. Calendly will only collect Personal Data optionally provided by Users, such as name and email address, for the purpose of scheduling requested meetings. Please see the Calendly Privacy Policy for more information on their data collection and use practices.
Hosting Services . DataGrail hosts customer and services data through Amazon Web Services and WPEngine. Customers should click on the hyperlinks for more information about their data collection and privacy policies.
Usercentrics. DataGrail utilizes Usercentrics for consent management purposes to facilitate compliance with GDPR and other mandatory consent requirements. DataGrail has entered into European Commission approved standard contractual clauses to ensure sufficient protection of Personal Data transferred internationally. Please also see Usercentrics Privacy Policy. Usercentrics collects consent data (consent yes/no, timestamp, data scope, data attributes, controllerID, processorID, consentID) through JavaScript. Users can permanently prevent the execution of JavaScript at any time by making the appropriate settings in your browser, which would also prevent Usercentrics from executing the JavaScript.
Analytics:
- DataGrail utilizes Datadog, a SaaS based monitoring and analytics platform to obtain analytics, service application and infrastructure logs. Please see the Datadog EEA Data Processing Addendum and Datadog Privacy Policy for additional information.
- Google Analytics. DataGrail utilizes Google Analytics to access anonymised and/or pseudo anonymised data to help us understand how our Services are used. Google Analytics is a web analytics tool that helps us understand how users engage with our Platform, so that we can review and improve our Services. Google Analytics provides a report to us with website trends without identifying the Personal Data of individual users. Please see Google’s Data Privacy and Security Policy. However, if you decide to withdraw your consent to such data collection, you may opt-out by installing Google Analytics Opt-out Browser Add-on.
Payment Processing Information. DataGrail does not itself store debit or credit card information on its servers. DataGrail utilizes a third party payment processor, Bill.com to manage and process payments in order to guarantee the security of your information. Customers should review Bill.com’s Privacy Notice for more information on their data collection practices.
Abuse Prevention. DataGrail utilizes hCaptcha to protect its Platform from spam and abuse. hCaptcha may collect information directly from users for bot verification purposes, as well as additional data to determine whether users are human, such as mouse movements, scroll position, keypress events, touch events, and gyroscope / accelerometer information as applicable. Please see the hCaptcha Privacy Policy for additional information.
Other Potential Third-Party Disclosures. Personal Data may also be disclosed to third parties to serve our legitimate business interests as follows: (1) as required by law, such as to comply with a subpoena, or similar legal process, (2) if DataGrail is involved in a merger, acquisition, or sale of all or a portion of its assets, (3) to investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (4) enforce our agreements with you, and/or (5) investigate and defend ourselves against any third-party claims or allegations. We will use commercially reasonable efforts to notify users about law enforcement or court ordered requests for data unless otherwise prohibited by law.
Please see Section 7 for a more specific disclosure of the applicable categories of personal information collected and processed under the CCPA.