WHY AND HOW WE COLLECT AND USE YOUR PERSONAL INFORMATION

WE MAY COLLECT YOUR PERSONAL INFORMATION AS AN INDIVIDUAL FOR VARIOUS PURPOSES, SUCH AS THE FOLLOWING:

• Access and use of websites or other online services
  When entering one of our websites, or using an online service, we will record information necessary to provide you with access, for the operation of the website and for us to comply with security and legal requirements in relation to operating our site, such as passwords, IP address and browser settings. We also collect information about your activities during your visit in order to personalize your website experience, such as recording your preferences and settings, and to collect statistics to help us improve and further develop our websites, products and services.
• Responding to your request for information, order, or support
  When you contact us (online or offline) in connection with a request for information, to order a product or service, to provide you with support, or to participate in a forum or other social computing tool, we collect information necessary to fulfill your request, to grant you access to the product or service, to provide you with support and to be able to contact you. For instance, we collect your name and contact information, details about your request and your agreement with us and the fulfillment, delivery and invoicing of your order and we may include client satisfaction survey information. We retain such information for administrative purposes, defending our rights, and in connection with our relationship with you.When you provide your name and contact information to register in connection with such a request, the registration may serve to identify you when you visit our websites. For ordering of most services and products we require you to have registered. Registration may also allow you to customize and control your privacy settings.
• Contacting employees of our clients, prospects, partners and suppliers
  In our relationship with clients or prospects, partners and suppliers, they also provide us with business contact information (such as name, business contact details, position or title of their employees, contractors, advisors and authorized users) for purposes such as contract management, fulfillment, delivery of products and services, provision of support, invoicing and management of the services or the relationship.
• Visitor information
  We register individuals visiting our sites and locations (name, identification and business contact information) and use camera supervision for reasons of security and safety of persons and belongings, as well as for regulatory purposes.
• Marketing
  Most information we collect about you comes from our direct interactions with you. When you register for an event we may collect information (online or offline) in relation to the event organization, and during an event, such as participation in sessions and survey results. We combine the personal information we collect to develop aggregate analysis and business intelligence for conducting our business and for marketing purposes. You can choose to receive information by email, telephone or postal mail about our products and services, or sign-up for subscriptions. When visiting our websites or using our services we may provide you with personalized information.

Where we reference that we use your personal information in connection with a request, order, transaction or agreement (or preparing for the same), or to provide you with services that you requested (such as a website), we do this because it is necessary for the performance of an agreement with you.

Where we reference that we use your personal information in relation to marketing, improvement or development of our products or services, for reasons of safety and security, or regulatory requirements other than in connection with your agreement or request, we do this on the basis of our or a third party’s legitimate interests, or with your consent. When we collect and use your personal information subject to the EU Privacy Legislation this may have consequences for Your Rights.

SHARING OF PERSONAL INFORMATION

As a individual organization offering a range of services, with business processes, management structures and technical systems that cross borders, we have implemented global policies, along with standards and procedures, for consistent protection of personal information.

We only grant access to personal information on a need-to-know basis, necessary for the purposes for which such access is granted. In some cases, we uses suppliers located in various countries to collect, use, analyze, and otherwise process personal information on its behalf.

Where appropriate, we may also share your personal information with selected partners to help us provide you, or the company you work for, products or services, or to fulfill your requests, or with your consent. When selecting our suppliers and partners, we take into account their data handling processes.

If we decide to sell, buy, merge or otherwise reorganize businesses in some countries, such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of such information from sellers. It is our practice to require appropriate protection for personal information in these types of transactions.

Please be aware that in certain circumstances, personal information may be subject to disclosure to government agencies pursuant to judicial proceeding, court order, or legal process. We may also share your personal information to protect the rights or property of ours, our business partners, suppliers or clients, and others when we have reasonable grounds to believe that such rights or property have been or could be affected.

THIRD PARTY PROCESSORS

Our carefully selected partners and service providers may process personal information about you on our behalf as described below:

Digital Marketing Service Providers

We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information.  Our appointed data processors include:

• Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here:
  • https://sopro.io.
• Sopro are registered with the ICO Reg: ZA346877 their Data Protection Officer can be emailed at:
  • dpo@sopro.io.

INTERNATIONAL TRANSFERS

The international footprint of ours involves a large number of transfers of personal information between different subsidiaries, as well as to third parties located in the countries where we do business. Some countries have implemented transfer restrictions for personal information, in connection with which we take various measures, including:

• Where required, we implement Standard Contractual Clauses approved by the EU Commission, or similar contractual clauses in other jurisdictions. This includes transfers to suppliers or other third parties. You can request a copy of the EU Standard Contractual Clauses.

INFORMATION SECURITY AND ACCURACY

We intend to protect your personal information and to maintain its accuracy. We implement reasonable physical, administrative and technical safeguards to help us protect your personal information from unauthorized access, use and disclosure. For example, we encrypt certain sensitive personal information such as credit card information when we transmit such information over the Internet. We also require that our suppliers protect such information from unauthorized access, use and disclosure.

RETENTION PERIOD

We will not retain personal information longer than necessary to fulfill the purposes for which it is processed, including the security of our processing complying with legal and regulatory obligations (e.g. audit, accounting and statutory retention terms), handling disputes, and for the establishment, exercise or defense of legal claims in the countries where we do business.

HOW TO CONTACT US

If you have a question related to this Privacy Statement, please contact us. Your message will be forwarded to the appropriate person.

For the purposes of the EU General Data Protection Regulation (GDPR), the controller of your personal information is our DPO.

The DPO. is not the controller in situations such as:

• Personal information processed in connection with a contractual relationship, or with entering into a contractual relationship with a specific subsidiary. In this case the controller of personal information is the contracting company, which is the legal entity with which you or your employer have, or will have, the contract.
• Personal information collected on the physical site or location of a subsidiary. In this case that subsidiary is the controller of the personal information.

YOUR RIGHTS

You can request to access, update or correct your personal information. You also have the right to object to direct marketing.

You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation (“GDPR”), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation. Under GDPR you may also have the right to request to have your personal information deleted or restricted and ask for portability of your personal information.

Your California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information. These rights include:

• The Right to Know: You have the right to request that we disclose the following information for the 12 months preceding your request:

  • The categories of personal information we collected about you.
  • The categories of sources from which the personal information was collected.
  • The business or commercial purpose for collecting or selling your personal information.
  • The categories of third parties with whom we shared your personal information.
  • The specific pieces of personal information we collected about you.

• The Right to Delete: You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions.

• The Right to Opt-Out of Sale: You have the right to opt-out of the sale of your personal information. Please note: We do not sell your information.

• The Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we cannot:

  • Deny you goods or services
  • Charge you different prices or rates for goods or services
  • Provide you a different level or quality of goods or services
  • Suggest that you will receive a different price, rate, level, or quality of goods or services

Exercising Your CCPA Rights

To exercise any of your CCPA rights, please submit a verifiable consumer request by:

• [Method 1]
  Contacting us via our email: contact@blankstate.ai
• [Method 2]
  Filling out the online request form available at: Request

We will only use the personal information provided in this request form to verify your identity and complete your request. We will aim to respond to your verifiable consumer request within 45 days of receipt. If we require more time, we will inform you of the reasons and the extension period in writing.

Authorized Agent

You can designate an authorized agent to submit requests on your behalf. However, we will require written proof of the agent’s authorization to do so and to verify your identity directly.

RIGHT TO LODGE A COMPLAINT

In the event you consider our processing of your personal information not to be compliant with the applicable data protection laws, you can lodge a complaint:

• Directly with DPO.
• With the competent data protection authority. The name and contact details of the Data Protection Authorities in the European Union can be found here.

CHANGES TO OUR PRIVACY STATEMENTS

From time to time we may update this Privacy Statement, as well as any other specific privacy statement. When making changes to this Privacy Statement, we will add a new date at the top of this Privacy Statement.

Trading as blankstate.ai and registered at Company House UK.