Privacy Policy

BLUECONIC EXPERIENCES BY JEBBIT GDPR & CCPA

BlueConic Privacy Policy

Effective October 1, 2023

This privacy policy (“Policy”) describes how the personally identifiable information (“Personal Information”) you may provide on the blueconic.com website (“Website” ) and any of its related offerings and services (collectively, “Services”) is collected, protected and used. It also describes the choices available to you regarding our use of your Personal Information and how you can access and update this information. This Policy is a legally binding agreement between you (“User”, “you” or “your”) and BlueConic and its affiliated entities (“BlueConic”, “we”, “us” or “our”). By accessing and using the Website and Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy and to comply with all applicable laws and regulations. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

Collection of Personal Information

You may choose to provide us with Personal Information directly in a variety of situations. For example, you may choose to give us your name and contact information while on our Website so that we may communicate with you, process an order, provide you with certain documentation or service information, or do business with you as a customer, supplier, or other form of business partner. BlueConic is authorized to use your Personal Information only as necessary to provide these services to you. We collect and process Personal Information concerning clients and visitors to this Website and the BlueConic Services for the benefit of the business operations of BlueConic.

This collection of Personal Information is used by BlueConic to inform you about available information, documentation, services, and other products that may be relevant to you, and to develop and update website statistics further. We receive and store any Personal Information you knowingly provide to us when you publish content or complete any online forms on the Website. You can choose not to provide us with your Personal Information when using the Website, but then you may not be able to take advantage of some of the features on the Website.

Some of the information we collect is directly from you via the Website and Services. However, we may also collect Personal Information about you from other sources such as public databases and our joint marketing partners. We also gather certain Personal Information automatically and store it in log files. This information includes Internet Protocol (“IP”) addresses, browser type and language, internet service provider (“ISP”), referring and exit pages, operating system information, date/time stamps, and other similar data. We do not automatically link collected data stored in our log files to other information we collect about you.

For details regarding the required technical collection and processing of Personal Information, including which technologies we employ for such collection and processing, see the section below titled “Cookies”.

Use and Processing of Collected Information

In order to make the Website and Services available to you, or to meet a legal obligation, we may need to collect and use certain Personal Information. Any of the Personal Information we collect from you may be used for the following purposes:

Send marketing and promotional communications.
Respond to inquiries and offer support.
Improve the user experience.
Post customer testimonials.
Run and operate the Website and Services.

Processing your Personal Information depends on how you interact with the Website and Services, where you are located in the world, and if one of the following applies: (i) you have given your consent for one or more specific purposes; (ii) provision of Personal Information is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof; (iii) processing is necessary for compliance with a legal obligation to which you are subject; (iv) processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.

We will not use this website to collect information regarding political views, race, religious beliefs, health, criminal-law data, or other similar matters. We may share or publish aggregate information that does not specifically identify you, such as statistical information about visitors to our websites or statistical information about how customers use our applications. We will share your Personal Information with third parties only in the ways that are described in this Policy, unless we obtain prior written permission from you, or unless otherwise required or permitted by law, such as to comply with a subpoena, or similar legal process, or when we reasonably believe that the disclosure is necessary to prevent or respond to fraud, defend our Website or applications against attacks, or protect the property and security of BlueConic, our customers and users, and/or the public.

Note that under certain law(s) and/or regulation(s), we may be allowed to process Personal Information until you object to such processing (by opting out), without having to rely on consent or any other of the legal bases above. In any case, we will be happy to clarify the specific legal basis that applies to the processing.

If BlueConic is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Website of any change in ownership or changes in usage of your Personal Information, as well as any choices you may have regarding your Personal Information.

Retention and Security of Personal Information

The security of your Personal Information is important to us. We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once it is received, to protect your Personal Information from unauthorized access, use, and disclosure. Upon request, BlueConic will provide you with information about whether we hold any of your Personal Information. You may access, correct, or request deletion of your Personal Information by contacting us at info@blueconic.com. We will respond to your request within a reasonable timeframe.

We will retain and use your Personal Information for the period necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, unless a longer retention period is required or permitted by law. Once the retention period expires, Personal Information shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification, and the right to data portability cannot be enforced after the expiration of the retention period.

Transfer of Personal Information

Depending on your location, data transfers may involve transferring and storing your Personal Information in a country other than your own. When we transfer your Personal Information, we make sure that we take steps to safeguard your information. In particular, BlueConic is committed to following the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), and upholding the rights of individuals in the EU, UK and Switzerland.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your Personal Information, please submit your request to info@blueconic.com.

Additional information regarding transfers of Personal Information can be found below.

Data Privacy Framework Program

BlueConic complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. BlueConic has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of Personal Information received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. BlueConic has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern over this Policy. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

BlueConic is responsible for the processing of Personal Information it receives under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and Swiss-U.S. DPF, and any subsequent transfers to a third party acting as an agent on its behalf. BlueConic complies with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF Principles for all onward transfers of Personal Information from the EU, UK and Switzerland, including the onward transfer liability provisions.

The Federal Trade Commission has jurisdiction over BlueConic's compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. In certain situations, BlueConic may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, BlueConic commits to refer unresolved complaints concerning our handling of Personal Information received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, BlueConic commits to resolve DPF Principles-related complaints about our collection and use of your Personal Information. Individuals in the EU, the UK and Switzerland with inquiries or complaints regarding our handling of Personal Information received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact BlueConic at: info@blueconic.com.

For complaints regarding EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.

The Rights of Users

You may contact us using the contact information below at any time. Queries regarding this Policy, the accuracy of Personal Information that you provided to us via this Website, or requests to have outdated information deleted, may be processed via our Permissions Settings page on the Website. If you do not wish to receive any marketing information from us, you can make your request via the Permissions Settings or via email to info@blueconic.com.

You may exercise certain rights regarding your Personal Information processed by us. In particular, you have the right to do the following:

You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Information;
You have the right to object to the processing of your Personal Information if the processing is carried out on a legal basis other than consent;
You have the right to learn if Personal Information is being processed by us, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Personal Information undergoing processing;
You have the right to verify the accuracy of your Personal Information and ask for it to be updated or corrected;
You have the right, under certain circumstances, to restrict the processing of your Personal Information, in which case, we will not process your information for any purpose other than storing it;
You have the right, under certain circumstances, to obtain the erasure of your Personal Information from us; and
You have the right to receive your Personal Information in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another party without any hindrance. This provision is applicable provided that your Personal Information is processed by automated means and that the processing is based on your consent, on a contract which you are part of, or on pre-contractual obligations thereof.

Right to Object to Processing

If we process your Personal Information for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn whether we are processing Personal Information for direct marketing purposes, you may refer to the relevant sections of this Policy.

Data Protection Rights for the European Economic Area

If you are a resident of the European Economic Area (“EEA”), you have certain data protection rights and BlueConic aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information. If you wish to be informed what Personal Information we hold about you and if you want it to be removed from our systems, please contact us at: info@blueconic.com. In these circumstances, you have the following data protection rights:

You have the right to request access to your Personal Information stored by BlueConic.

You have the right to request that we correct any Personal Information you believe is inaccurate. You also have the right to request us to complete the Personal Information you believe is incomplete.
You have the right to request the erasure of your Personal Information under certain conditions of this Policy.
You have the right to object to our processing of your Personal Information.
You have the right to seek restrictions on the processing of your Personal Information. When you restrict the processing of your Personal Information, we may store it but will not process it further.
You have the right to be provided with a copy of the Personal Information we have on you in a structured, machine-readable and commonly used format. You also have the right to withdraw your consent at any time where BlueConic relied on your consent to process your Personal Information.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).

California Privacy Rights

In addition to the rights as explained in this Policy, California residents who provide Personal Information (as defined in the statute) to obtain products or services for personal, family, or household use are entitled to request and obtain from us, once a calendar year, information about the Personal Information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of Personal Information and the names and addresses of those businesses with which we shared such personal information for the immediately prior calendar year (e.g., requests made in the current year will receive information about the prior year). To obtain this information please contact us at info@blueconic.com.

You may opt out of “sales” of Personal Information and “sharing” of Personal Information for purposes of cross-context behavioral advertising. Where required, we also honor requests to opt out of submitted via privacy preference signals recognized under applicable law, such as the Global Privacy Control (“GPC”). For more information on the GPC and how to use a browser or browser extension incorporating the GPC signal, see https://globalprivacycontrol.org/.

How to Exercise Your Rights

Any requests to exercise your rights can be directed to BlueConic through the contact details provided in this Policy. Please note that we may ask you to verify your identity before responding to such requests. Your request must provide sufficient information that allows us to verify that you are the person you are claiming to be or that you are the authorized representative of such person. You must include sufficient details to allow us to properly understand the request and respond to it. We cannot respond to your request or provide you with Personal Information unless we first verify your identity or authority to make such a request and confirm that the Personal Information relates to you.

Privacy of Children

We do not knowingly collect any Personal Information from children under the age of 18. If you are under the age of 18, please do not submit any Personal Information through the Website and Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide Personal Information through the Website and Services without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Information to us through the Website and Services, please contact us.

The Website and Services use “cookies” to help personalize your online experience. A cookie is a text file that is placed on your hard disk by a web server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. We may use cookies to collect, store, and track information for statistical purposes to operate the Website and Services. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.

Cookies and Third Parties

BlueConic also uses or allows third parties to serve cookies to help us with market research, improving website functionality, and monitoring compliance. Similarly, when you use one of the share buttons on the BlueConic website, a cookie may be set by the service you have chosen to share content through.

The Website and its applications may include buttons, widgets, tools or content that link to other company services, for example, a Facebook “Like” button or the share button. We may collect information about your use of these features.

The permission for the use of these third party cookies is also controlled by the permission settings dialog that is provided on the Website. Once the permission has been granted, BlueConic does not control the dissemination of these third party cookies. You should check the relevant third party website for more information about these cookies.

Information Security

We secure Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use, or disclosure. We maintain administrative, technical, and physical safeguards in an effort to protect against unauthorized access, use, modification, and disclosure of Personal Information in our control and custody. However, no data transmission over the Internet or wireless network can be guaranteed.

Therefore, while we strive to protect your Personal Information, you acknowledge that:

(i) There are security and privacy limitations of the Internet which are beyond our control;

(ii) The security, integrity, and privacy of any and all information and data exchanged between you and the Website cannot be guaranteed; and

(iii) Any such Personal Information and data may be viewed or tampered with in transit by a third party, despite best efforts.

Data Breach

In the event we become aware that the security of the Website and Services has been compromised or users’ Personal Information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website, or send you an email.

Changes and Amendments

We reserve the right to modify this Policy or its terms relating to the Website and Services from time to time at our discretion and will notify you of any material changes to the way in which we treat Personal Information. When we do, we will revise the updated date on this page. We may also provide notice to you in other ways at our discretion, such as through the contact information you have provided. Any updated version of this Policy will be effective immediately upon the posting of the revised Policy unless otherwise specified. Your continued use of the Website and Services after the effective date of the revised Policy (or such other act specified at that time) will constitute your consent to those changes. However, we will not, without your consent, use your Personal Information in a manner materially different from what was stated at the time your Personal Information was collected.

Acceptance of this Policy

You acknowledge that you have read this Policy and agree to all its terms and conditions. By accessing and using the Website and Services you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to access or use the Website and Services.

Enforcement of Policy

BlueConic undertakes to verify compliance with this Policy not less than once per year and in connection with BlueConic’s annual review and internal compliance measures. BlueConic will use its best commercial efforts to ensure that compliance with this Policy is maintained and that this Policy is accurate, comprehensive, and continues to conform to applicable law. We encourage you to raise and discuss any issues or concerns with BlueConic’s Data Privacy Officer directly via info@blueconic.com. Our DPO will address and resolve such complaints regarding the use of data and noncompliance with our Policy.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, BlueConic commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of Personal Information received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.

BlueConic provides information regarding the following through policies and trainings:

BlueConic is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
The possibility, under certain conditions, for the individual to invoke binding arbitration.
The requirement for BlueConic to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
BlueConic’s liability in cases of onward transfers to third parties.

With respect to complaints related to this Policy that cannot be resolved through our internal process, we agree to abide by the dispute resolution procedures established by the Data Privacy Framework.

Contacting BlueConic

If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Information, you may do so via info@blueconic.com.

Experiences by Jebbit Privacy Policy

Effective Date: 10/19/2023

Introduction

Welcome to Jebbit's Privacy Policy. We take the privacy and security of your data seriously, and we have developed this policy to explain how we collect and use your information when you visit or interact with our site, www.jebbit.com, and when you interact with brands, organizations, institutions, or websites that are using our technology, services, analytics, and any other linked pages, features, content, or any other services we offer (collectively, the “Services”).

Subject Matter of Data Collected

The term “personally identifiable information” or PII as used in this Privacy Policy refers to information that specifically identifies an individual (such as an individual’s first and last name, address, telephone number, e-mail address, credit card or other account number), and information about that individual or such individual’s activities or preferences when such information is directly linked to information that specifically identifies the individual. Jebbit collects personal information when you interact with its services.

Personal information does not include aggregate, anonymized information, which is data we collect about the use of the sites or categories of site users, from which any personal information has been removed. We collect aggregate data for a number of purposes, including improving the Service, to diagnose technical issues, to help identify user needs so that we can better consider new products and services, and to tailor existing products and services to better serve our users. This Privacy Policy in no way limits or restricts our collection, use or disclosure of aggregate information. Jebbit collects the following types of information:

Information you choose to collect from a Jebbit experience. This can include PII. Possible PII requested of users provided by them: Name, Email, Phone, Address.

Log information. When you access Jebbit services via a browser, application or other client, our servers automatically record information. Information includes the data and time of web requests, interactions within Jebbit, Internet Protocol address, and browser type and language.Cookies. When you visit a Jebbit-enabled webpage, we send one or more cookies to your computer or other device. We use cookies to improve the quality of our service, including for storing user preferences, improving products and ad selection, and tracking user trends, such as how people use our services.

How We Collect and Use Your Data

Jebbit acts as the Data Importer and Processor of your data. You are the Data Exporter and Controller of your data. The main uses of the data we collect from you are:

to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
to pursue Jebbit’s interests of improving your service experience and developing new products and features that would be of interest to you.
Jebbit also engages in general profiling based on the personal information we process on behalf of the brands who use our services and use automated decision-making or profiling to help tailor the offers that you receive from them. However, this processing does not result in legal or other significant effects.
Third Party Applications. Jebbit will make available third party applications, such as mobile applications, gadgets or extensions, through its services. The information collected by Jebbit when you enable a third party application is processed under this Privacy Policy. Information collected by the third party application provider is governed by their privacy policies.
Location data. Jebbit will offer location-enabled services, sometimes part of another provider, to its brands. If you use those services, Jebbit will receive information about your actual location (such as GPS signals sent by a mobile device) or information that can be used to approximate a location (such as a cell ID).

Disclosure of Your Data

Jebbit will not sell your content or personal information.Like many businesses, Jebbit uses third party vendors/sub-processors to perform certain business-related functions on our behalf, such as hosting specific portions of the service, database maintenance, delivering content, sending emails, administering content, mailing information, and processing payments. When we employ a third party vendor to perform these functions, that third party vendor will only be provided with the particular personal information or aggregate information it needs to perform its function, and is required to protect such Personal Data and/or Aggregate Data.

We may share data that has been anonymized or aggregated without limitation.

Support for GDPR & CCPA

This section applies to those that visit the Services from the European Economic Area, Switzerland and the UK (Covered under GDPR) or California (Covered under CCPA)

As described in this Privacy Policy, we may obtain personal information collected through the Services from, or on behalf of, brands who use our Services. In this respect, we act as a processor for those brands, which have their own privacy policies that describe how they use information. To the extent that Jebbit is processing your personal Information on behalf of a brand in our role as a processor, please reach out to that brand directly to exercise any of your rights under local data protection laws.

Jebbit is a data controller with regard to personal information collected from individuals using our site from the above mentioned regions. This section applies to our processing of such site user personal information under GDPR and CCPA.

Lawful Basis for Processing

Jebbit processes personal information with your consent (e.g., when you agree that Jebbit may place cookies, or when Jebbit processes personal information submitted to our services for specified purposes).

On other occasions, Jebbit may process personal information when it needs to do this to fulfill a contract (for example, for billing purposes) or where required to do this by law.

If necessary, Jebbit may also process personal information when it is in Jebbit’s legitimate interests to do this (e.g., for customer service or fraud detection) and when these interests are not overridden by your data protection rights.

Transfers of Personal Information

The personal information we collect may be transferred to and maintained on servers or databases located outside your state, province, country, or other jurisdiction, where the privacy laws may not be as protective as those in your location. If you are located outside of the United States, please be advised that we process and store personal information in the United States and your consent to this privacy notice represents your agreement to this processing.

Your Rights

You have a right to the following:

To request access to the personal information we hold about you;
To request that we rectify or erase your personal information;
To request that we restrict or block the processing of your personal information;
Under certain circumstances, to receive personal information about you that we store and transmit to another without hindrance from us, including requesting that we provide your personal information directly to another, i.e., a right to data portability; and
Where we previously obtained your consent, to withdraw consent to processing your personal information.

To exercise these rights, please refer to the “Contact Us” section below. Please be aware that Jebbit may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so.

Additionally, you have the right to lodge a complaint against us. To do so, contact the supervisory authority in your country of residence.

For additional information about Jebbit’s support for GDPR and CCPA – Please visit our FAQ section.

Links to Other Sites

Please note that, while using the Services, you could be directed to other sites that are developed and administered by people or companies not affiliated with or controlled by Jebbit. These other sites may place their own cookies on your computer, collect data or solicit personal information.

We suggest that when you link to another site you review that site’s privacy policy, as it may be different from this Privacy Policy. Jebbit is not responsible for the actions of those people or companies, the content of their sites, the use of information you provide to them, or any products or services they may offer. Our link to those sites does not constitute our sponsorship of, or affiliation with, those people or companies.

GDPR & CCPA

GDPR

What is the General Data Protection Regulation or GDPR?

GDPR stands for the General Data Protection Regulation. The GDPR is a new European Union (“EU”) law that regulates the personal data of individuals in the EU. The GDPR harmonizes data privacy and security rules across Europe and introduces changes that require companies to update their privacy and security policies and practices.

Does the GDPR cover Jebbit’s data?

Jebbit has evaluated its services, and some of them are likely subject to the GDPR. The GDPR applies to the personal data of individuals in the EU, which is defined as any type of information that identifies or can be linked to an individual. In addition to the usual types of personal data (i.e., name, address, phone number, email), this definition can also include information such as online identifiers and any data tied to those identifiers.

What efforts has Jebbit taken to prepare for the GDPR?

We have made GDPR a priority, and have reviewed and adjusted specific practices in ways intended to meet relevant GDPR requirements. For much of the data we process, we serve as a service provider (known as a “processor” under the GDPR) and we abide by the contractual commitments we have with our customers in this capacity.

For more information on our privacy practices, please review our updated privacy policy, found above on this page.

What are Jebbit’s customers’ responsibilities under the GDPR?

Our brand, publisher, and agency customers with EU end users who offer goods or services in the EU may be required to comply with the regulation. If they fall under the Regulation, these customers must have a lawful basis for processing data, have in place measures to carry out EU data subjects’ rights requests, and provide adequate data security, among other requirements. Unfortunately, we cannot advise you as to whether you need to comply with the GDPR.

Will Jebbit’s services change for the GDPR?

Our services will not fundamentally change due to the GDPR. However, we continuously look to improve our services and, as we make updates to our services as offered in the EU, we will do so with GDPR in mind.

CCPA FAQ

What is The California Consumer Privacy Act or “CCPA” ?

The California Consumer Privacy Act (“CCPA”) of 2018 has fundamentally changed the way brands are approaching consumer consent and its importance to doing business seamlessly across the USA. Like the EU’s General Data Protection Regulation (GDPR), CCPA necessitates changes to how brands treat consumers’ data privacy. The CCPA’s requirements will go into effect on July 1st, 2020.

In simplest terms, CCPA requires brands to enable three critical functions:

The right to knowledge. Consumers have the right to know:
What information a company is collecting about them
How that information will be used
If and with whom that information will be shared
The right to be forgotten – With some exceptions, companies must delete all the information they have about a consumer at the consumer’s request
The right to control who has access to their information – Consumers must be able to opt out of the sale of their information to third parties.

How personal information is defined

The CCPA interprets personal information broadly to include any information that “identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.” Crucially for marketers, this includes behavioral data from digital interactions between consumers and the brand, as well as any inferences the company draws from that data, such as a consumer’s preferences or buyer persona.

It’s also important to note that personal information does not need to be matched up with a person’s name—as long as that information can be identified as belonging to a unique individual, it doesn’t matter if the company can identify that individual by name or by another unique identifier, such as an IP address.

GDPR, CCPA and Jebbit’s compliance

Below is a summary table for the key requirements in GDPR and CCPA and the measures that Jebbit has taken to comply with both.