Effective since: June 25, 2024
This Privacy Policy (“Policy”) applies between you and Snovio Inc. (“Snovio”, “Company”, “we”, “us”, “our”), the owner and provider of the website https://li-prospect-finder.com/ (“Website”). This Policy applies to our use of any personal data processed by us in relation to the provision of our LI Prospect Finder extension functionality which is provided via the Snovio web application on app.snov.io (“Platform”).
When processing your personal data, we can play different roles under the GDPR and other applicable laws and regulations. When providing our LI Prospect Finder extension functionality, we may act as a data controller, joint controller, or data processor under the GDPR and as a business or service provider under the CCPA as amended and other applicable US data protection laws and regulations, respectively.
Regarding the use of the LI Prospect Finder extension functionality, you can be a client, prospect, or related person:
We use the following definitions in this Policy:
“data controller” means the natural or legal person who (alone or jointly or in common with other persons) determines the purposes for which and how any personal data is processed.
“data processor” means the natural or legal person who processes personal data on behalf of the data controller.
“joint controllers” means two or more controllers jointly determining the purposes and means of processing.
“data subject” is a natural person about whom the Company holds personal data.
“personal data” means any information relating to you and helping identify you (directly or indirectly), such as your name, last name, email, location data, etc.
“processing” means any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“services” means services provided by the Company when the client uses the LI Prospect Finder extension functionality.
In connection with the LI Prospect Finder extension functionality, we may collect and process two types of information: prospect data and business data, which relate to prospects and related persons, respectively. In particular, we collect:
Prospect data:
(a) Prospect Information. We collect and process third-party personal data generated/collected through the LI Prospect Finder extension functionality. Such information can include email address and/or first name, last name, corporate email, location (not precise), industry, current and previous position, place of work, and links to social media.
Business data:
(b) Business Information. Through the LI Prospect Finder extension functionality, we can collect and process business information such as company name, location, website, HQ phone, year of foundation, industry, company size, and company social media. In some cases, this information may include personal data, for example, individual name and/or surname as a company name (such as a partnership), contained in the website URL, or phone number of the related person published as a general business contact.
We use the personal data we collected and the personal data you provided us with or requested us to collect only for the purposes listed in this Policy. We may share personal data with third parties solely for the purposes listed herein.
We DO NOT sell your data. |
We DO NOT use automated decision-making and profiling. |
We DO NOT intentionally collect and process the personal data of children or any sensitive personal data. Please, refrain from sharing your or third-party sensitive personal data. |
We collect and process your personal data or the personal data you provided us with in accordance with the provisions of the GDPR and other applicable data protection laws and regulations.
The GDPR provides an exclusive list of lawful bases allowing us to process personal data. During the personal data processing in connection with the use of the LI Prospect Finder extension functionality, when we act as a data controller, we mainly rely on the legitimate interests of the Company, clients, and third-party data subjects under Article 6.1(f) of the GDPR.
We can process prospect data and business data based on our, our client’s legitimate interests, and the legitimate interests of the client’s potential business partner, namely to:
You may read more about it in Snovio’s Joint Controllership Agreement.
We process only strictly necessary data that was subject to the legitimate interest assessment procedure.
The table below provides details of the type of personal data processed to provide the LI Prospect Finder extension functionality, the legal bases we rely on, the third parties with whom we may share your personal data, and information about the source of such data that we process when acting as a data controller.
Purposes | Type of personal data | Legal grounds | Third parties recipients | Source |
---|---|---|---|---|
Maintenance of a database of contact information of potential customers or business partners to assist our clients in finding prospects according to the set search criteria | (a) Prospect Information (b) Business Information | Legitimate interests of the Company, Сlients, and such third parties (Article 6(1)(f)). | AWS, Contractors | Clients, the LI Prospect Finder extension |
The Company can process certain personal data as a data processor, at the request and pursuant to the instructions given by the Client of the Platform (a data controller in that case):
Purposes | Type of personal data | Legal grounds | Third parties recipients | Source |
---|---|---|---|---|
Providing our clients with the LI Prospect Finder extension functionality for searching the personal data of potential customers or business partners | (a) Prospect Information (b) Business Information | Determined by the respective data controller, namely, the Client. | AWS, Contractors | Clients, the LI Prospect Finder extension |
In some situations, we can act as joint controllers with our Clients. When we act as a joint controller jointly with you, the Joint Controllership Agreement shall be applicable to you. In such a case, we may process the following personal data:
Purposes | Type of personal data | Legal grounds | Third parties recipients | Source |
---|---|---|---|---|
Maintenance of a database of contact information of potential customers or business partners to assist our clients in finding prospects according to the set search criteria | (a) Prospect Information (b) Business Information | Legitimate interests of the Company, Сlients, and such third parties (Article 6(1)(f)). | AWS, Contractors | Clients, the LI Prospect Finder extension |
To use the LI Prospect Finder extension, you need to be registered at and logged into app.snov.io. Upon installation and activation of the extension, the extensions may collect personal information such as email addresses and business profiles from publicly available sources. Handling and storing of this information in your account on your behalf occurs only at your request. At the same time, we may store certain information obtained when you use the LI Prospect Finder extension, such as the business profiles you visited. This data is stored in our database and can be found through a search inside the Platform.
If you do not want your personal data to be included as part of our service, you may opt-out by contacting us at help@snov.io or opt-out from all mailing lists on the Platform through this form. You can read more in the ‘HOW TO DELETE MY DATA’ section of this Policy.
We store and process your personal data until we do not need it for any of the purposes defined in this Policy unless longer storage is required or expressly permitted by law.
We store Prospect Information provided to us by our clients, excluding email addresses, for the entire period when a client uses our services and 3 months after the deletion of the client’s account on the Platform. In any case, such information can be deleted if we obtain a deletion request from a prospect.
We may not delete or anonymize your data if we are compelled to keep it to comply with the law or legal process.
Notwithstanding any of the aforementioned periods of data storage, you may request to delete your personal data by sending us an email at help@snov.io or contacting us in another way convenient for you.
We have implemented appropriate organizational, technical, administrative, and physical security measures that are designed to protect your personal data from unauthorized access, disclosure, use, and modification. We regularly review our security procedures and policies to consider appropriate new technology and methods.
We may share your personal data as a data controller with joint controllers and data processors in accordance with the provisions specified hereafter.
Sharing personal data with joint controllers
The Company can act as a joint controller when providing services to Clients. You can read more about this in the Joint Controllership Agreement.
When we act as a joint controller for a particular processing of personal data, a data subject may exercise his/her rights under the GDPR in respect of and against both joint controllers.
Sharing personal data with data processors
There are many features necessary to provide you with our services that we cannot complete ourselves, thus we seek help from third parties. We may grant some service providers access to your personal data, in whole or in part, to provide the necessary services. We have established supplier assessment procedures to ensure we choose trusted partners who provide appropriate security measures and safeguards.
Therefore, we may share and disclose your personal data to other data processors:
We may transfer your personal data to countries outside the EU and EEA (for example, Ukraine, China, and Brazil) that are not determined to offer an adequate level of data protection on the basis of Article 45 of GDPR (adequacy decision) with appropriate safeguards as determined under the GDPR.
We only transfer your personal data to third parties within requirements under the GDPR. Where possible, we always enter into Data Processing Agreements (DPAs) and Non-Disclosure Agreements (NDAs) with them and treat personal data transfer seriously. Where the Contractor has an appropriate data processing agreement in place, Snovio may adjoin such a data processing agreement. If so, Snovio and the Contractor may regulate the transfer of the personal data to such Contractor by means of this data processing agreement.
For transfers to countries that do not fall under the requirements of Article 45 of the GDPR on the adequacy of the level of protection, we may transfer your personal data to third countries outside the EU and the EEA, including the onward transfers of the personal data from the third countries to other third countries, under Article 46 of the GDPR with the appropriate safeguards, including the SCC.
We disclose your personal data to the countries outside the EU and the EEA, in compliance with our internal International Transfer Procedure in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of natural and legal persons.
We put supplementary technical and organizational measures in place when transferring data outside the EU and the EEA. e.g. prior assessment of the service supplier’s reliability and personal data protection practices, encryption of the transferred personal data, prompt reacting to any threats to confidentiality, integrity and availability of the personal data, conducting transfer impact assessments (TIA) when necessary, etc.
We undertake the best possible efforts to secure the processing of personal data belonging to the underage. Therefore, the Platform does not knowingly collect personal data from persons under the age of 13.
By registering on the Platform and entering into the contract with the Company, you acknowledge that you have reached the age of 13, and under the laws of your country of residence, you have all rights to provide us with your personal data for processing.
If you have any reason to believe that a child under the age of 13 has provided his/her personal data to us, please contact us at help@snov.io.
We kindly invite you to share your concerns with us in the first place regarding any issue related to your personal data processing. You may use the following channels to address your inquiries: help@snov.io.
When we act as a joint controller with regard to particular processing of prospect data and business data, you may exercise your rights under the GDPR in respect of and against both our clients and us.
If we receive any complaint, claim or request from the data subject, which shall be completed by our joint controller, we immediately notify the joint controller of such request and inform the data subject of the applied measures and further performance steps regarding serving such complaint/claim/request.
Please, note that we may need to confirm your identity to process your requests to exercise your rights under the GDPR. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
Right under the GDPR | Description | How to exercise it |
---|---|---|
Right to withdraw consent (Art. 7) | You can withdraw your consent for data processing at any time. | You can submit a request. |
Right to be informed (Art. 13, 14) | You have the right to be informed about the collection and use of your personal data. | All information about our collection and use of your personal data is described in this Privacy Policy, the Cookies Policy, and the Terms of Use. |
Right of access (Art. 15) | You have the right to confirm whether your personal data is being processed by us and access such data, along with specific information. | You can submit a request. |
Right to rectification (Art. 16) | You have the right to correct inaccurate personal data about you and to have incomplete personal data completed. | You can submit a request. |
Right to erasure (“right to be forgotten”) (Art.17) | You have the right to have your personal data deleted without undue delay where one of the following grounds applies:
| You can submit a request. |
Right to restriction of processing (Art. 18) | You can limit the way in which we use your data where one of the following applies:
| You can submit a request. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it:
|
Right to data portability (Art. 20) | You have the right to receive your personal data in a structured, commonly accepted, and machine-readable format and have the right to request that we transmit this data directly to another controller to the extent that the legal basis for our processing of your personal data is your consent or performance of a contract and the processing is carried out by automated means. | You can submit a request. |
Right to object (Art. 21) | You have the right to object to our processing of your personal data at any time to the extent that the processing is based on point (e) or (f) of Article 6(1), including profiling based on those provisions. Also, you have the right to object to our processing of your personal data for direct marketing purposes (including profiling). | You can submit a request. |
Right not to be subject to a decision based solely on automated processing, including profiling (Art. 22) | This right restricts us from making solely automated decisions, including those based on profiling, which produce legal or other significant effects for data subjects. | We DO NOT use automated decision-making and profiling. |
Right to lodge a complaint (Art. 77) | You have the right to lodge a complaint with the supervisory authority if you believe that the processing of your personal data violates the requirements of the GDPR. | You can submit the complaint in the EU member state of your place of habitual residence or to the data protection authority stated in this Privacy Policy. |
Right to compensation (Art. 82) | Any person who has suffered material or moral damage as a result of a violation of GDPR requirements has the right to receive compensation from the controller or processor for the caused damage. | Court proceedings for exercising the right to receive compensation shall be brought before the courts competent under the law of the EU Member State referred to in Article 79(2). |
Supervisory Authority under GDPR:
In case of any questions regarding data protection, you can apply to the supervisory authority. We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between you and us. You can find the full list of EU supervisory authorities through the link.
California residents’ rights
Under the California Consumer Privacy Act (the “CCPA”) amended with the California Privacy Rights Act (the “CPRA”), California residents have certain rights regarding our collection, use, and sharing of their personal information.
We may collect various categories of personal information when you use our LI Prospect Finder extension functionality, including personal information of related persons and third-party prospects.
In particular, depending on actual circumstances, we may collect the following categories of personal information specified in the CCPA when you use and/or access our Platform:
You can find a detailed description of the personal information that we may collect from you above in the ‘TYPES OF PERSONAL DATA WE COLLECT’ section of this Policy. The purposes of the collection and/or use of personal information are stated in the 'HOW WE USE YOUR DATA' section of this Policy. Note that in the ‘SHARING YOUR DATA WITH OTHER ENTITIES’ section of this Policy, you can review the categories of third parties with whom we may share your personal information. The terms used within those sections of this Policy are taken from the GDPR in consideration of the definitions established in the CCPA.
If you are a California resident, to the extent provided for by the CCPA and subject to applicable exceptions, you have the following rights in relation to the personal information we have about you:
The CPRA amended the CCPA and added new additional privacy protection rights for California residents, as follows:
We take the protection of your privacy seriously, so in no way will we discriminate against you for exercising any of your rights granted by the CCPA, as amended.
You can exercise your rights under the CCPA, as amended by sending us an email by any other means of communication convenient for you, including those listed in the ‘CONTACT INFORMATION’ section of this Policy.
Please note that we may need to confirm your identity to process your requests to exercise your rights under the CCPA, as amended. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
Virginia, Colorado, Connecticut residents’ rights
Under the Virginia Consumer Data Protection Act (the “VCDPA”), Colorado Privacy Act (the “CPA”), and Connecticut Data Privacy Act (the “CTDPA”), residents have certain rights regarding the collection, use, and sharing of their personal information.
You can find a detailed description of the personal information that we may collect from you above in the ‘TYPES OF PERSONAL DATA WE COLLECT’ section of this Policy. The purposes of the collection and/or use of personal information are stated in the 'HOW WE USE YOUR DATA' section of this Policy. Note that in the ‘SHARING YOUR DATA WITH OTHER ENTITIES’ section of this Policy, you can review the categories of third parties with whom we may share your personal information. The terms used within those sections of this Policy are taken from the GDPR in consideration of the definitions established in the VCDPA, CPA and CTDPA.
We may collect various categories of personal information when you use our LI Prospect Finder extension functionality, including personal information of related persons and third-party prospects. Under the jurisdiction of applicable state laws, you may possess certain rights. Subject to the laws of your particular jurisdiction, you may have the following rights:
We take the protection of your privacy seriously, so we will not discriminate against you for exercising any of your rights granted by the VCDPA, CPA, and CTDPA.
You can exercise your rights under the VCDPA, CPA, and CTDPA by sending us an email or using any other means of communication convenient for you, including those listed in the ‘CONTACT INFORMATION’ section of this Policy.
Please, note that we may need to confirm your identity to process your requests to exercise your rights under the VCDPA, CPA, and CTDPA. Thus, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.
This section will help you understand your rights under the LGPD and the way how we ensure them. If you are a user located in Brazil, you are able to exercise the following rights with respect to your personal data that we process:
Please note! We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm the personal data relates to you. We will only use such personal data to verify your identity
You may exercise the aforementioned rights by submitting your request at help@snov.io or in any other way convenient for you.
We kindly ask you to contact us directly so that we can quickly satisfy your deletion request or you can use a dedicated tool to delete your personal data from our Platform by yourself as described below.
You may request the Company to delete all of your personal data using the following options of your choice:
In any case, please let us know if you have any difficulties in deleting your personal data. We will be happy to help you.
This Policy may be changed from time to time due to the implementation of new technologies, laws’ requirements or for other purposes. If the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change. Also, we encourage you to regularly review this Policy to check for any changes.
Such notification may be provided via your email address, posted on our social media accounts or announcement on the Website and/or by other means consistent with applicable law.
If possible, we always give advance notice of upcoming changes by indicating when the new version Privacy Policy will take effect. If you continue to use our service or otherwise provide us with your personal information after the new version of the Privacy Policy goes into effect, we assume that you agree to the changes.
If you have a question related to this Privacy Policy, our processing activities, or your data subject rights under GDPR, CCPA, LGPD, and other applicable laws, you can contact our Data Protection Officer directly using the following details:
External Data Protection Officer
Privacity GmbH
Germany, Hamburg,
Neuer Wall 50, 20354
Email: snovio_dpo@snov.io.
You may also contact us directly, including by post, using the following details:
Snovio Inc. has appointed Privacity GmbH as its EU/EEA representative pursuant to Article 27 GDPR. You can contact the representative at:
Privacity GmbH
Germany, Hamburg,
Neuer Wall 50, 20354
Email: representative@privacity.de