Last revised and effective as of December 15, 2020.
Part 4 applies to international residents.
PART 1: THE WEBSITE
What information does GroupBy collect, including on its Website, and from which sources?
Any information you choose to provide on our Website will be stored. For example, if you register on our Website via the “Contact Us” form, we will use the Personal Information you provide (first name, last name, email, company name, phone number, etc.) in order to contact you for business purposes – for example, to contact you regarding our Services or (unless you opt out (to the extent permitted by applicable law)) promotions regarding our Services, respond to your request, question or concern, (unless you opt out (to the extent permitted by applicable law)) to send you newsletters and marketing emails in accordance with your marketing and communication preferences, and/or to improve our web site and marketing efforts.
The Personal Information that you provide directly to us through the Website will be apparent from the context in which you provide the data. For example, our “Contact Us” includes a check box for you to consent to receive emails and other marketing information from us. And, we may directly collect Personal Information (including publicly viewable information in social media profiles as well as corporate biography pages) about you that is publicly available from sources such as LinkedIn and other publicly available websites.
How do you use information collected via the Website?
We use the information we collect to help our Website create a better experience for you. We use the analytics information that we collect for such purposes as: counting and recognizing visitors to the Website; analyzing how visitors use the Website; improving the Website; enhancing users’ experiences with the Website; enabling additional website analytics and research concerning the Website; and managing our business, and to comply with legal and/or regulatory requirements.
Unless you opt out (to the extent permitted by applicable law), we may send you emails and newsletters about our Website. These emails may include other updates, promotions and GroupBy advertisements.
We may link non-personal information gathered using cookies with Personal Information, but we will treat the combined information as Personal Information.
How do you get my consent?
How do I modify information or withdraw my consent?
You are responsible for providing us with accurate information, if you choose to provide it. Please be sure to update your information with us should it change. For example, if you wish to be on our email mailing list, and your email address changes, please let us know.
You may unsubscribe from our email mailing list by using the “unsubscribe” feature located at the bottom of the email you received from us.
The Website may link to third-party websites that incorporate comment and social media features, including, without limitation: Facebook, LinkedIn, Twitter, and Instagram. The Website may also contain a Facebook “like” button and a Facebook “share” button, A LinkedIn “share” button, and a Twitter “tweet” and “follow” button. This may include providing you with the ability to automatically post updates on Facebook, LinkedIn, Twitter, and Instagram.
These features may collect information including your IP address, which pages you visit on our Website, and may set a cookie to enable the feature to function properly. If you choose to use these features, you may disclose your information not just to those third-party websites and services, but also to their users and the public more generally. Because these third-party websites and services are not operated by GroupBy, GroupBy is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your personal and non-personal information will be subject to the privacy policies of the third-party websites or services, and not GroupBy’s policies. We advise you to please read the third-party privacy policies.
Links to 3rd party sites
Neither our Website nor our Services are directed at children. We do not collect Personal Information from any person we actually know is under the age of 13. If a person under 13 submits information through any part of the Website and we learn the person submitting the information is under 13, we will attempt to delete this information as soon as possible. If you are aware of a user under the age of 13, please contact us at: email@example.com
PART 2: THE SERVICES
What are the Services?
Our SaaS eCommerce platform offers several different solutions designed to help our customers. These solutions include: Searchandiser, Enrich, SEO Enhancer and GroupBy Analytics.
Our Searchandiser solution provides highly relevant personalized search using machine learning and merchandising controls.
Our Enrich solution automates product attribution across every retail vertical with our comprehensive taxonomy.
Our SEO Enhancer solution helps maximize site traffic with URL beautification, orphan page elimination, multi-site management and more.
Our analytics tool provides interactive dashboards, real-time monitoring, and regular health checks to allow you to manage your business with real performance data.
What information does GroupBy collect via the Services and how is this information used?
If you use our Services as a representative of one of our Customers or interact with our Services as a visitor to one of our Customers' website, we will not collect or use information except as set forth in our agreement with the applicable Customer. If you have any questions about how we collect or use information in the provision of our Services, please contact the applicable Customer.
What information does GroupBy collect about Customers using the Services and how do you use it?
If you use our Services as a representative of one of our Customers, we will not collect or use information except as set forth in our agreement with the applicable Customer.
Use of or interaction with the Services
To the extent our Services collect or process Personal Information on behalf of a Customer, such Personal Information will be processed in accordance with our agreement with that Customer.
We acknowledge that individuals may have a right to access their Personal Information in accordance with applicable laws. Please note that if data is provided by a Customer for use with our Services, that Customer controls the data. If you make a request to us to remove this data, we will notify our Customer, as the Customer is responsible for removing this data. We will also respond to you within a reasonable timeframe, to acknowledge your request. You should also contact the Customer directly. Please note that we are not responsible for how our Customers use the data they store within the Services.
Third Party Service Providers
We may transfer information inputted into our Services to companies that help us provide our Services. Such transfers are addressed in our agreements with our Customers. These service providers are authorized to use information only as necessary to provide the requested services to us, and only as set forth in our agreements with our Customers.
Social Media Login
Data Retention Specific to the Services
With respect to information used to perform Services for our Customers, GroupBy will retain such information only as set forth in our agreement with the applicable Customer, for at least as long as needed to provide Services to the applicable Customer.
If you provide information to a Customer of ours as part of their use of the Services, that Customer decides how long to retain that Personal Information. If the Customer terminates their access to our Services, they may receive access to Personal Information stored within the Services pursuant to our agreement with them.
A cookie is a small file that is placed on your browser or device when you visit a particular website or software application. Cookies can remember you and provide you with the information you’re most likely to need.
For example, site navigational information provided by a cookie may include standard information from your web browser (such as browser type and browser language), your IP address, and the actions you take on our Site (such as pages viewed, and links clicked).
There are both session cookies and persistent cookies.
A session cookie expires when you close your browser. Simply exiting your browser will remove all session cookies.
A persistent cookie remains on your hard drive for an extended period of time. For instance, when you return to our Site, cookies identify you and prompt the site to provide your username (not your password), so you can sign in more quickly. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory.
Some cookies are set by the website owner. Other cookies are set by third parties. These third-party cookies may enable third party features or functionality to be enabled through the website and provide information about your computer to the third party.
• Required Cookies. Required Cookies needed in order to make the Website actually work. These cookies are essential, and the Website would not function properly without them.
• User Experience Cookies. User Experience Cookies tailor the Website experience for you, the user (for example, auto-populating certain fields). These are not required, but they may make your use of the Website more enjoyable.
• Analytics Cookies – Analytics Cookies help us compile statistical information about use of our Website, such as the time users spend at the site and the pages they visit most often. This information helps us analyze trends in the aggregate and improve and administer our Website.
If you would like to understand the specific cookies that GroupBy uses, please click here: https://www.groupbyinc.com/compliance/cookies-policy
Control of Cookies
A web beacon or tracking pixel is a small file that is placed on your browser or device when you visit a particular website, email or software application. Web beacons are used to track whether or not you have accessed certain content.
For example, web beacons may provide information about how many times a web page is accessed, along with the times it was accessed and the IP address of users who accessed it.
Some web beacons are set by the website owner. Other web beacons are set by third parties. These third-party web beacons may enable third party features or functionality to be enabled through the website and provide information about your computer to the third party.
We use web beacons to help provide a better experience for you on our Website.
PART 4: INTERNATIONAL RESIDENTS
IMPORTANT NOTICE: Although our Website can be viewed internationally, many of our computer systems are currently based in the United States and Canada. Therefore, please note that all Personal Information may be processed by us in the United States and/or Canada.
Please also note that our Customers may have executed data processing addendums with us governing the processing of certain types of data via our Services.
For more details regarding how we collect, use, process, and disclose Personal Information from European Economic Area (EEA) visitors or where our processing of Personal Information is otherwise regulated by the GDPR, and the additional rights are available to visitors under the GDPR (to the extent applicable) in respect of this Personal Information, see below:
Under the GDPR, to the extent applicable, and under certain circumstances, you may have the following rights:
• If you wish to correct or update your Personal Information, you can do so at any time by contacting us using the contact details provided under the Contact Us heading below.
• In addition, you can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. Again, you can exercise these rights by contacting us using the contact details provided under the Contact Us heading below.
• Similarly, if we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time, by emailing firstname.lastname@example.org . Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority.
• We respond to all requests we receive from individuals wishing to exercise their data protection rights within a reasonable timeframe and in accordance with applicable data protection laws.
Legal Basis for Processing Personal Information under the GDPR
However, we will normally collect Personal Information from you only where we have your consent to do so, where we need the Personal Information to perform a contract with you, or where the processing is in our legitimate interests (as further described below) and such processing is not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to process your Personal Information.
If we ask you to provide Personal Information to comply with a legal requirement or to perform under an agreement we have in place with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not, as well as of the possible consequences if you do not provide your Personal Information (for example, if you do not provide your email address, you will not be added to our email list).
Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
Here are some examples:
• We process your Personal Information with your consent when you register on our Website; and when you agree to receive online direct marketing from us (via email by signing up on our Website via the Contact Us page).
• We process your Personal Information as required by applicable law. Applicable law may require us to process your information: for tax purposes, to prevent/detect fraud, and in disclosures to law enforcement and other regulatory or government agencies as required by law.
• We also process your Personal Information when it is in our legitimate interest to do so, and the legitimate interest is not overridden by your data protection rights. Here are some examples of our legitimate business interests:
– Developing and maintaining relationships with our customers and partners;
– Understanding how our visitors use our Website;
– Improving our Website;
– Understanding and responding to customer feedback;
– Researching and analyzing the products and services our customers want; and
– Securing our business and services.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, or regarding our legitimate interests, please contact us using the contact details provided under the Contact Us heading below.
Under the GDPR, to the extent applicable, and under certain circumstances, you may have the right to:
• Ask us for a copy of your Personal Information
• Correct Personal Information, erase Personal Information or to transfer it to other organizations (when technically feasible) at your request.
• Object to some processing and, where we have asked for your consent to process your Personal Information, to withdraw this consent.
• Object to some processing where we have a legitimate interest in processing (as explained in the Legal Basis for Processing Personal Information under the GDPR section above)
• To restrict processing in certain circumstances (for example, where we can demonstrate that we have a legal requirement to process your Personal Information, it is possible that we may continue to do so).
• Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your Personal Information, please do contact us using the contact details provided under the Contact Us heading below. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.
We may ask you to verify your identity and to provide other details to help us to respond to your request.
If you would like to: access, correct, amend or delete any Personal Information we have about you, register a complaint, or simply want more information, please contact our Privacy Compliance Officer using the contact details provided under the Contact Us heading below.
PART 5: GENERAL
What if I have questions about consent or your use of my information?
To the extent required by applicable law, upon request and upon reasonable verification of your identity in accordance with applicable law, GroupBy will provide you with information about whether we hold any of your Personal Information. Please note that we cannot provide details or information regarding whether any of our Customers hold any of your Personal Information. You will need to seek this information directly from our Customers.
If you would like us to delete, update, or modify any of your Personal Information that we currently hold, or if you have questions at any time regarding the continued collection, use, storage or disclosure of your Personal Information, please contact us using the details provided under the Contact Us heading below.
Where the processing of your Personal Information is based on your previously given consent, you have the right to withdraw your consent at any time. You may also have the right to object to the processing of your Personal Information on grounds relating to your particular situation.
Disclosures to Third Parties
We may disclose your Personal Information:
• in response to lawful requests by public authorities, including to meet national security or law enforcement requirements or as required by law, such as to comply with a subpoena, or similar legal process;
• when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, to protect our rights and property, or the legal rights or property of others, investigate fraud, or respond to a government request;
• to a third party in connection with a sale, merger or other transfer of all or substantially all of the assets of GroupBy or any of its Corporate Affiliates (as defined below), or any portion of GroupBy or any of its Corporate Affiliates, or in connection with a strategic investment by a third party in GroupBy, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding;
• when it would potentially mitigate our liability in an actual or potential lawsuit.
In addition to the above, when individuals use our Website, third-party analytics service providers may directly collect Personal Information and non-personal information about our users’ online activities over time and across different websites.
We retain Personal Information where we have an ongoing legitimate business need to do so (for example, to provide you the Website, to respond to questions you may have, to enforce our agreements, and to resolve disputes). We will stop using the Personal Information when we no longer have a legitimate business need to do so. If you request that we remove your Personal Information at an earlier date, to the extent required by applicable law and upon reasonable verification of your identity in accordance with applicable law, we will do so provided we do not have a separate legal obligation to keep it (for example, a lawsuit involving the information).
If you have consented to receiving marketing communications (emails, etc.) from us, we will retain your Personal Information for a reasonable period of time from the date you last provided consent, unless you request that we remove it.
If we receive information derived from cookies or other tracking technologies, we will retain that information for a reasonable period of time from the date it was collected.
When we have no longer have legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
We take the security of information that we collect very seriously and therefore implement commercially reasonable technical and organizational measures designed to protect it. Your Personal Information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems. We follow commercially reasonable standards designed to protect the Personal Information submitted to us. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our Web site, you can contact us at email@example.com.
DO NOT TRACK
The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to automated Do Not Track requests. However, if you wish to stop such tracking, please contact us with your request, using our contact details provided below.
Any questions, complaints or general comments should be directed to firstname.lastname@example.org.
You may also reach us at:
Phone: +1 (855) 210-6513
Mailing address: GroupBy 2 Berkeley Street, Suite 210 Toronto, Ontario M5A 4J5 Canada
ATTN: Privacy Officer