0
The small print
Use of this website, and all services, as a client, affiliate or survey respondent, are subject to these terms and conditions which reflect and are subject to the Data Protection Act 2018 ("DPA") and the General Data Protection Regulation 2018 (GDPR).
Updated on Friday 5th January 2024.
This privacy policy applies between you, the User of this Website, and Malliavin Ltd of 20-22 Wenlock Road, London, N1 7GU, England (hereinafter "Malliavin", "we", "us" or "our"), the owner and provider of this Website, and any other website or digital property owned and provided by Malliavin Ltd. Malliavin takes the privacy of your information very seriously. This policy covers use of this website and privacy issues pertaining to undertaking of surveys conducted by Malliavin on behalf of clients of Malliavin Ltd. As a result this privacy policy applies to any and all data processed by us or provided by you in relation to your use of this website and business activities, including your taking of surveys, and usage of data tools provided to you by Malliavin during the course of business as a client of Malliavin or a survey respondent. However, this policy does not cover third party contracts between you and third party services providers such as access panels, which may be agreed by the User, and any third party provider.
For the purposes of this privacy policy, the following definitions are used.
We process users' personal information only in compliance with the DPA and the GDPR. As such User data is only processed if the following legal permissions exist:
The above legal bases are set out as follows:
During the course of using our website and services, we process the following types of data from visitors and users:
The Purpose of processing personal information are:
We may collect the following Data, given by specifically by you or collected automatically by the Website or by electronic or telephonic contact, which includes personally identifiable Data.
This data will be collected when you contact us through the Website or by any other means; and when you make payments to us, through this Website or by any other means, in each case, in accordance with this privacy policy. Data is also collected automatically through the use or this website.
We may collect any Personal Information that you choose to send to us or provide to us, for example, on our "Coffee?"", "Reach out", "Ready", "Let's Go", "Go", "Request a Demo" (or similar) online form or if you register for a Malliavin webinar. If you contact us through the Websites, we will keep a record of the correspondence.
Malliavin may gather various types of information within surveys, including information that identifies or may identify you as an individual ("Personal Information"). We may collect Personal Information when you participate in a market research survey from Malliavin. Such information includes a unique respondent identification number we assign to you and the responses you provide when completing the survey. In this context, you may choose to provide sensitive Personal DInformationata about you, such as Personal Information that discloses or reveals health and medical conditions, sexual orientation or sexual life, political opinions/views, race/ethnic origin, religious and philosophical beliefs, and trade-union membership. Where required by law, we obtain your explicit consent to the processing of your sensitive Personal Data. We may also collect content that you submit, upload, or transmit when using the Service, such as photos and videos. Any data that we collect during Malliavin surveys will be used solely for the research purpose agreed with our clients.
Any Personal Information or Sensitive Personal Data collected during Malliavin surveys will be used solely for the research purpose agreed with our clients, but we will obtain consent before collecting and these questions can be refused. In accordance with Art. 9 GDPR.
Based on the information you may give in our survey, we may carry out automated decision making or profiling about you. In most of cases this will not result in any legally significant decisions being made about you and will be used in a market research context only.
Any data that we collect during Malliavin surveys will be used solely for the research purpose agreed with our clients.
Data supplied to us by our clients or a 3rd party will be used solely for the research purpose agreed with our clients.
Any Personal Information or Sensitive Personal Information collected during Malliavin surveys will be used solely for the research purpose agreed with our clients, but we will obtain consent before collecting and these questions can be refused.
For trend monitoring, marketing and advertising. Monitoring the use of the website by third parties in order to optimise marketing both on the site and other third party marketing platforms.
For purposes made clear to you at the time you submit your information - for example, to fulfil your request for a demo, to provide you with access to one of our webinar's or whitepaper's or to provide you with information you have requested about our Services.
As part of our efforts to keep our Website secure, our use of your Personal Information may be based on our legitimate interest to ensure network and information security, and for our direct marketing purposes, or you consenting to it (e.g. when you request a demo). For our customers, the use of Personal Information will be based on the contract we have in place.
This data helps us to make improvements to the Website, content and navigation and validate behaviour, including but not limited to purchasing behaviour, dates, times and frequency with which you access the Website. This Data is stored alongside purchase behaviour.
We may use your data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances.
We may share your Data with the following groups of people and organisations for the following reasons:
We process data within the scope of administrative tasks as well as organisation of our business, financial accounting, and compliance with legal obligations, such as archiving.
In doing so, we process the same data that we process in the context of providing our contractual services. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services.
The deletion of data with regard to contractual services and contractual communication corresponds to the information mentioned in these processing activities.
In this context, we disclose or transmit data to the tax authorities, consultants such as tax advisors or auditors as well as other fee offices and payment service providers.
Furthermore, we store information on suppliers and other business partners on the basis of our business interests, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is stored permanently.
If, in the course of our processing, we disclose data to other persons and companies, transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract, you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called "order processing agreement", this is done on the basis of Art. 28 GDPR.
If we process data in a third country (i.e. outside the United Kingdom (UK) or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done in order to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or allow the processing of data in a third country if the special requirements of Art. 44 ff. GDPR are met. This means, for example, that the processing is carried out on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to that of the UK or the European Union or compliance with officially recognised special contractual obligations (so-called "standard contractual clauses").
We will use technical and organisation measures to safeguard your Data for example: we store your Data on secure servers.
Technical and organisation measures include measures to deal with any suspected data breach. If you suspect misuse or loss or an authorised access to your Data, it is incumbent on you to let us know immediately by contacting us via phone number or e-mail address:
If you want detailed information from Get Safe Online on how to protect your information and your devices against fraud, identity theft and viruses, please visit www.getsafeonline.org. Get Safe Online is supported by Her Majesty's Government and leading businesses.
Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the time necessary to fulfil the purposes outlined in this privacy policy or until you request the Data be delete
Even if we delete data, it may persist on backup or archival media for legal, tax or regulatory purposes.
These rights are standardised in both the DPA and GDPR. This includes:
Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.
The Information Commissioner`s Office (ICO) is the relevant data protection supervisory authority in the UK. The ICO is located at Wycliffe House, Water Ln, Wilmslow SK9 5AF, UK (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO.
Should this Website link to other websites, this policy does not extend to such websites.
Malliavin may from time to time, expand or refuse our business and this may involve the sale and/or the transfer of control of all or part of Malliavin. Data provided by Users, will, where it is relevant to any part of our business, be in receipt of the Data. The new owner or new controlling party will be permitted to use the Data for the purposes for this it was originally supplied to us, under the terms of this privacy policy.
We have a commitment to taking reasonable steps to ensure the security of your information. To prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of information, we use appropriate technical, organizational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction.
We do not collect or hold any this information on children below the age of 16.
We reserve the right to withhold our services from sectors such as Tobacco and Arms, all services provided on the sole discretion of Malliavin Ltd.
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information to third parties for their direct marketing purposes.
Cookies can be used in the administering of surveys.
We utilise Google Analytics, a web analysis service provided by Google, to better understand your use of our Websites and Services. Google Analytics collects information such as how often users visit the Websites, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Websites, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the Websites to contextualize and personalize the ads of its own advertising network. Google's ability to use and share information collected by Google Analytics about your visits to the Websites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.
Please note that no data transmission over the Internet is 100% secure. As a result, we cannot guarantee the security of the information that you transmit via our online services. Please note that we reserve the right to access and/or disclose the user information discussed herein (including personal information) as required by courts and/or administrative agencies and to the extent required to permit us to investigate suspected fraud, harassment or other violations of law.
Databases or data sets that include Personal Information may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Information may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
Our services are restricted to users who are 18 years of age or older. We do not knowingly collect personal information from anyone under the age of 18. If you suspect that a user is under the age of 18, please contact us.
Because we're always looking for new and innovative ways to improve our website and services, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.
The following statement applies if you are using “Fusion Freed” our Software as a Service (SaaS) service. We operate Fusion Freed and the provided dataset analysis software, its underlying machine learning optimisation suite and the auxiliary functions and features accessible to you depending on your selected plan (our “Services”). This statement sits in line with our Privacy Policy, is supplemental and applies to all users of our Services.
We process various data in the context of permitting you access to our services and for the initiation and execution of the contractual relationship existing between you and us. If you have contracted us to provide our Service, we process your data (if provided: name, contact details (email address and telephone number), address, and all information required in the context of the performance of the Services, exclusively for the purpose of processing and handling the contractual relationship. The legal basis of the data processing is our obligation to fulfil the contract between you and us.
For optimal data management and customer support, we store the data related to your contract with us in our proprietary customer relationship management system. This data processing is based on our legitimate interest in providing our customer service.
We process data in the context of administrative tasks and the organisation of our business and compliance with legal obligations, such as archiving. In this context, we process the same data that we process in the provision of our contractual services. The processing bases are our legal obligations and our legitimate interest.
If you make a purchase your payment will be processed via our payment service provider. Payment data will solely be processed through our payment service provider (354 Oyster Point Blvd South San Francisco, CA 94080, USA) and we have no access to any Payment Data you may submit. The legal basis for the provision of a payment system is the establishment and implementation of the contract.
If you create a support ticket, we will request Personal Data and, where applicable, non-Personal Data in accordance with your request, this may include your name, email address and other order related data you voluntarily provide. The data provided is not shared with third parties and cannot read your data when it is entered. If you submit a support ticket, we process the data for the purpose of processing and handling your ticket.
Our employees will also have access to data that you knowingly share with us for technical support or to import data into our services. We communicate our privacy and security guidelines to our employees and enforce privacy safeguards strictly. The legal basis of the data processing is our obligation to fulfil the contract and/or our legitimate interest in processing your support ticket.
We recognize that you own your service data. We provide you complete control of your service data by providing you the ability to (i) access your service data, (ii) share your service data through supported third-party integrations, and (iii) request export or deletion of your service data.
We process various service data in the context of the provision of Fusion Freed. In principle, you become the data controller and we become the data processor in accordance with Chapter 3 of the DPA and Chapter 4 of the GDPR. Where we process Personal Data as data processor or in other words on behalf of you, we will process the Personal Data including Special Category Data involved in your use of our services in accordance with your instructions and shall use it only for the purposes agreed between you and us.
We ensure that access by our employees to your data is only available on a need-to-know basis, restricted to specific individuals, and is logged and audited. We communicate our privacy and security guidelines to our employees and enforce privacy and protection safeguards strictly.
Some jurisdictions may require you to disclose your use of our Services as your processor in your privacy policy and/or data processing agreement as applicable. For this purpose all Personal Data processed by us will be processed using the following sub processors. We would like to ask you to review their privacy policies, which contain further information on the processing of Personal Data.
Google Cloud Platform (GCP), Google Cloud Storage (London and Belgium), Google Secrets Managers provided by (1600 Amphitheatre Parkway Mountain View, CA 94043, US, und Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland);
CloudFlare Hosting provided by Cloudflare, Inc (101 Townsend St, San Francisco, United States);
Mailing services by Mailgun (Lindhagensgatan 112, 112 51 Stockholm, Sweden) and Klavio by (125 Summer St Floor 6. Boston, MA 02111, United States and 49 Southwark Bridge Rd London SE1 9HH, UK); and
Analytics by MixPanel (1 Front St Fl 28, San Francisco, California, 94111, United States), Heap (225 Bush St, San Francisco, California, US), and SmartLook (2030/20 Lidicka, Brno 602 00, CZ)
Customer Support Tools by ProProfs (929 Colorado Ave, Santa Monica, California 90401, US.
If we use processors to provide our services, we take appropriate legal precautions and corresponding technical and organisational measures to ensure the protection of personal data in accordance with the DPA and GDPR.
Further and if you are providing us with Personal Data relating to a third party, you agree a) that you have in place all necessary appropriate consents and b) that such third party has read this Privacy Policy. You agree to indemnify us in relation to all and any liabilities, penalties, fines, awards, or costs arising from your non-compliance with these requirements.
We undertake to protect your privacy and to treat your personal data confidentiality. In order to prevent manipulation or loss or misuse of your data stored with us, we take extensive technical and organisational security precautions which are regularly reviewed and adapted to technological progress. These include, among other things, the use of recognised encryption procedures (SSL or TLS).
We hold the service data in your account as long as you choose to use our Services. Once you terminate your account, your data will eventually get deleted from the active database during the next clean-up that occurs once in 6 months. The data deleted from the active database will be deleted from backups after 3 months.
If you believe that we store, use or process your information on behalf of one of our customers, please contact the customer if you would like to access, rectify, erase, restrict or object to processing, or export your personal data. We will extend our support to our customer in responding to your request within a reasonable timeframe.
This statement was last updated on January, 5th 2024, and is the current and valid version. However, from time to time changes or a revision to this statement may be necessary. If you have any questions about this statement or about our data protection practices in general, you can reach us via email using hello@malliavin.com, or call +44 (0)1892 71 1111.