Privacy Policy

This Privacy Policy applies to Personal Data processed by Spen&B.

This Privacy Policy explains what Personal Data We collect through Our Site and Software, how and why We collect it, how We use and disclose the Personal Data We collect and information on how to exercise privacy rights over this Personal Data.

We have also included a section on the processing of Personal Data sent to Spen&B from visitors to a Spen&B Enabled Site.

We may revise this Privacy Policy from time to time but We will never do so in a manner that compromises Our commitment to respect the privacy of individuals. The most current version of this Privacy Policy governs Our practices for collecting, processing, and disclosing Personal Data. We will provide notice via email to Our Customers and on this page of any material modifications to this Privacy Policy. Continued use of Our Site and/or Software following the effective date of any modifications will constitute acceptance of the modified Agreement (this includes Our Terms of Service,Acceptable Use Policy and this Privacy Policy).

Personal Data Collected by Spen&B

The Personal Data We collect depends on whether the individual is:

  • A visitor to the Spen&B;
  • A Customer or user (the “User”) of the Software.

Personal Data collected from a visitor of the Spen&B

This section applies to Personal Data Spen&B collects from visitors to Our Site or any of Our sub-sites or sub-domains.

Any Personal Data provided by a visitor to Our Site will be used only as described in this Privacy Policy and Spen&B Acceptable Use Policy.

Usage Data

When someone visits the Spen&B, We may store the name of their internet service provider, the website they visited Us from, the parts of Our Site they visit, the date and duration of the visit, and information from the device.

We temporarily store IP addresses of visitors to Our Site for associated performance metrics and to monitor and track application errors. We will never access these IP addresses without any operational or security need. We automatically delete these IP addresses within thirty (30) calendar days.The legal basis for this data processing is Article 6(1)(f) GDPR.

We also process usage Data in an aggregated or de-identified form for statistical purposes and to improve Our Site.

Cookies

Cookies are small data files transferred onto computers or devices. Spen&B uses cookies to process information including standard internet log information and details of the visitor’s behavioral patterns upon visiting Our Site. This is done to:

  • operate Our Site;
  • provide visitors to Our Site with a better experience by providing Us with insights on how visitors use Our Site;
  • for marketing purposes, as detailed below.

For more info about the cookies We make use of, please visit Our Cookie Information page.

Contact with Us via email

Visitors to Our Site have the opportunity to contact Us to ask Us questions, for example via the contact form, where We ask for contact information (e.g. name, email address etc.). We use this data solely in connection with answering the queries We receive.

If a visitor to Our Site receives emails from Us, We may use certain analytics tools, to capture data such as when the email is opened or when any links or banners in the email have been clicked. This data helps Us to gauge the effectiveness of Our communications and marketing campaigns.

Personal Data collected from Spen&B Customers and Users

This section applies to Personal Data Spen&B collects from its Customers and Users of Our Software when making use of Spen&B Services.

When someone signs up for an account with Spen&B, contacts Our customer support for assistance, or subscribes to Our content or special offers, We may ask for additional Personal Data such as their name, email address and additional details about them or the organization they represent.

We temporarily store IP addresses of Our Customers and Users of Our Software for associated performance metrics (i.e. data related to how well Our Software performs) and to monitor and track application errors. We will never access these IP addresses without any operational or security need. We automatically delete these IP addresses within thirty (30) calendar days.The legal basis for this data processing is Article 6(1)(f) GDPR.

A Customer may delete their Spen&B account at any time. After account deletion, We may retain Personal Data (in part or in whole) associated with the Customer in order to meet any regulatory and reporting requirements for the timeframes stipulated by law and in order to be able to address customer service issues. Any other Personal Data We were processing relating to Our Customer and/or Users of that Spen&B account will be deleted permanently within thirty (30) calendar days.

We may use Personal Data and other Data about Our Customers and/or Users (including demographic information, location information, information about the computer or device from which they access Our Software) to create de-identified and aggregated information and analytics. The legal basis for this data processing is Article 6(1)(f) GDPR.

The information We collect from Our Customers and/or Users is disclosed only in accordance with the Agreement and the Applicable Law.

Spen&B use of Personal Data

Access and Disclosure to Third Parties

We use a select number of trusted external service providers for certain technical data analysis, processing and/or storage offerings (e.g., IT and related services). These Third Party service providers are carefully selected and meet high data protection and security standards. We only share Data with them that is required for the services offered and We contractually bind them to keep any information We share with them as confidential and to process Personal Data only according to Our instructions.

In addition to services providers, other categories of Third Parties may include:

Vendors/public institutions. To the extent that this is necessary in order to make use of certain services requiring special expertise (such as legal, accounting or auditing services) We may share Personal Data with vendors of such services or public institutions that offer them (e.g. courts).

Disclosure in the Event of Merger, Sale, or Other Asset Transfers. If We are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then Data may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

Communication Purposes

We may occasionally send notification emails about updates to Our product, legal documents, customer support or for marketing purposes.

Except for cases where We are required to do so by law (e.g. notification of a data breach), recipients of Our communication shall have the opportunity to unsubscribe from receiving these messages free of charge. We process requests to be placed on do-not-contact lists as required by Applicable Law.

Marketing Purposes

We use Personal Data given to Us by Spen&B Customers, Users and/or visitors to Our Site to target advertisements to :

Hotjar’s Customers, Users and/or visitors to Our Site to keep them informed about Spen&B and any product changes we make.

We do this by sharing Personal Data with Third Party marketing platforms that have high privacy and confidentiality standards and which have gone through a legal and security review by Spen&B. This ensures that these Third Parties cannot do anything with the Personal Data We provide them other than use it for the express purpose of providing Us with the marketing services We contract them for.

Compliance and Protection

We may use Personal Data to (legal basis for the respective processing in parentheses):

  • protect Our, Our Customers’/Users’, visitors’ to Our Site or Third Parties’ rights, privacy, safety or property including by making and defending legal claims;
  • audit Our internal processes for compliance with legal and contractual requirements and internal policies;
  • protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft;
  • and comply with the Applicable Law, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

Children’s Information

Hotjar’s Software is not directed to children under 13 (or other age as required by local law), and We do not knowingly collect Personal Data from children. If you learn that your child has provided Us with Personal Data without your consent, you may contact Us through Our Contact Details below. If We learn that We have collected a child’s Personal Data in violation of Applicable Law, We will promptly take steps to investigate this, delete such information and terminate the child’s account. We will also make sure to have preventive measures in place for this not to happen again in the future.

Rights over Personal Data

If You’re a visitor to Our Site or a Customer and/or User of Our Software and We have collected Personal Data about You, You have a right to access and to be informed about what Personal Data is processed by Spen&B, a right to rectification/correction, erasure/anonymization and restriction of processing (subject to certain exceptions and other requirements prescribed by law). You also have the right to receive from Spen&B a structured, common and machine-readable format of Personal Data You provided Us.

When You have provided consent, You may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever You withdraw consent, You acknowledge and accept that this may have a negative influence on the quality of Our Site and/or Software. Please be aware that when You withdraw consent, We may delete the Personal Data previously processed on the basis of Your consent and will not be allowed to keep it further which will mean that it cannot be accessed, downloaded or otherwise secured by You.

In addition, You have the right to lodge a complaint with Your respective data protection authority.

To protect Your privacy, We take steps to verify Your identity before fulfilling Your request. We can only identify You via Your email address and We can only adhere to Your request and provide information if We have Personal Data about You through You having made contact with Us directly and/or You are using Our Site and/or Software.

Personal Data collected from a visitor of a Spen&B Enabled Site

When an end-user visits a Spen&B Enabled Site, the Spen&B Enabled Site’s privacy policy will apply to the Personal Data collected and not this Privacy Policy.

When making use of Our Software, Our Customers are bound by Our Privacy Policy, Our Terms of Service, and Our Acceptable Use Policy. You can get more information about Spen&B by visiting Our Site.

Some Spen&B Customers may have the ability to integrate Data they have collected through Our Software with other end-user data they have in their possession (e.g. their customer information).

Depending on the web browser you use, it might be possible for you to disallow Spen&B from collecting Data when visiting a Spen&B. To discover if your web browser offers this functionality visit Our Do Not Track page.

Please note that We cannot respond to any requests from end-users of Spen&B Enabled Sites related to their Personal Data, including requests to provide, rectify or delete any end-user Personal Data. Any requests from end users of Spen&B Enabled Sites related to Customer Personal Data should be sent to the relevant Spen&B Customer.