RetargetSpark- Privacy Statement- GDPR & DPDP Act (Data Subjects/Data Principals)
RetargetSpark (“referred to as “Retarget,” “we,” or “us”) respects and understands the importance of your privacy – and are therefore committed to affording complete protection to the personal information of our customers and our customers’ clients who use our products and services, visitors of our website, prospective customers whose information we may have access to, and those who apply for open positions on our website. It is in recognition of this need for security, our commitment to privacy and secured management of any information received or collected by us that RetargetSpark has established this Privacy Statement (the “Privacy Statement”).
Who We Are
RetargetSpark is a digital advertising company specializing in retargeting services. We help businesses reconnect with users who have previously interacted with their websites or applications.
Data Controller/Data Fiduciary and Processor Roles
RetargetSpark acts as a data processor. Our clients (the businesses using our retargeting services) act as the data controllers/data fiduciary for this information. This means:
- Our clients determine the purposes and means of processing personal data
- RetargetSpark does not collect or retain any personal information
- RetargetSpark processes this data only according to our clients’ instructions
- Our clients are responsible for obtaining appropriate legal bases for data collection and processing
- Why do you collect, and how do you use my information?
2.1. To provide you with our services
| When is this relevant for me? | What information do you collect about me? | What is your legal basis for collecting my information? | Am I obliged to provide this information? | How long do you store information about me? |
| When you are a representative of a company which is our client | Name, surname, position, email address, telephone number, company’s name, company’s website, country, type of ordered services, payment amount, expected monthly ad spend, the way you found out about us, username, password | Contract & Explicit Consent in accordance with DPDPA | No | We do not store or retain any personal information |
2.2. To enable our clients to show you online advertisements that are relevant to you
| When is this relevant for me? | What information do you collect about me? | What is your legal basis for collecting my information? | Am I obliged to provide this information? | How long do you store information about me? |
| When our clients show you online advertisements that are relevant to you. | Mobile advertising ID or Cookie ID (hereinafter collectively referred to as User ID), imprecise location, browser information, operating system, internet service provider, information about your visit on our client’s site, IP address, type of device, data regarding your activities on the website, app or other digitial content source, other data provided by our client, information on gender, year of birth, information on countries / cities that your User ID was seen in, total number of page views, how you are connected to the internet, internet site ID where you were browsing, last time you visited a specific site, first and last time your User ID was seen, number of pages you view per day, your interests categories, information on your consent to receive relevant ads | Legitimate interest in enables our clients to show you relevant online advertisements and Consent in accordance with DPDPA | No | We do not store or retain any personal information |
2.3. To provide you with customer support
| When is this relevant for me? | What information do you collect about me? | What is your legal basis for collecting my information? | Am I obliged to provide this information? | How long do you store information about me? |
| When you contact our customer support | E-mail address, subject of your inquiry, date of your inquiry, content of your inquiry, attachments to your inquiry, your name and (or) surname provided in your inquiry, reply to your inquiry, information provided by you | Consent under GDPR & Consent in accordance with DPDPA | No | As per applicable organization retention policy |
2.5. To provide you with information about our products and services
| When is this relevant for me? | What information do you collect about me? | What is your legal basis for collecting my information? | Am I obliged to provide this information? | How long do you store information about me? |
| When we provide you with information (e.g., via phone or email) about our services and/or products | Your name, surname, e-mail address, your answers to the questions in the customers satisfaction survey, date of the completion of the customer satisfaction survey, information on your LinkedIn profile, workplace, position, country, region, telephone number, whether you opted-out from receiving information from us, record of the call | Consent in accordance with DPDPA & GDPR We have a legitimate interest in asking your opinion about our services/goods Customer relationship between you and us | No | As per applicable organization retention policy |
2.6 To fulfil statutory accounting requirements
| When is this relevant for me? | What information do you collect about me? | What is your legal basis for collecting my information? | Am I obliged to provide this information? | How long do you store information about me? |
| When you use our services | Name, surname, e-mail address, telephone number, address, invoices, reports, accounting documents, payments, paid amounts, and other information we are required to collect | We have a legal obligation & Legitimate Use in accordance with DPDPA | It is a statutory requirement. If you do not provide this information, you will not be able to buy goods or services from us | As per applicable organization retention policy & Statutory requirements |
2.7 To establish, exercise or defend legal claims
| When is this relevant for me? | What information do you collect about me? | What is your legal basis for collecting my information? | Am I obliged to provide this information? | How long do you store information about me? |
| In case we become a party to a legal process to which you are subject, or we are statutorily required to collect or provide information about you | All of the aforementioned information, accounting and legal case files, legal documents, other information you provide us with, additional information that we are statutorily required to collect and/or provide | We have a legal obligation to process this information, in other cases we have a legitimate interest in defending our rights and interests & Legitimate Use in accordance with DPDPA | Provision of information may be a statutory requirement. | As per applicable organization retention policy & Statutory requirements |
Third-party Sharing
We may be required to share information with law enforcement or other third parties when compelled to do so by court order or other legal process, or to comply with statutes or regulations.
If we merge with or are acquired by another company, and if all of our assets are acquired by another company, this information will most likely be one of the assets to be transferred. However, we will not transfer any personal information of our customers until necessary to provide you with a continuity of service and only when the new owner maintains and provides the same level of data privacy standards as we do. In such cases, we will provide you with notice and an opportunity to opt out of the transfer of identifiable data where such right is required by law.
Where do we store this data?
We adhere strictly to the principles of the General Data Protection Regulation (GDPR). We do not collect or store any personal data, ensuring full compliance with GDPR’s and Digital Personal Data Protection Act data minimization and privacy protection guidelines.
Do we sell personal information collected?
We do not share, sell, or lease any kind of personal information collected to any third party.
How do we secure information collected?
We understand that the security of your information is vital and have in place strong administrative, technical, and physical security controls and measures to keep data safe and secure. Our privacy practices are designed to provide protection for your personal information, all over the world.
We would like to caution our visitors about phishing attacks, wherein unscrupulous third parties seek to extract sensitive and confidential information from you by posing as a genuine website or by sending an email misrepresenting it to be from a genuine source. Please be aware that we never seek sensitive or confidential information such as regarding your financial or health record. If you receive such a message claiming to be from RetargetSpark, then please do not reply to it and immediately bring it to our attention by contacting us on
DPO@ RetargetSpark.com.
RetargetSpark also recognizes the receipt, transmission, or distribution of spam emails (unsolicited bulk emails) as a major concern and has taken reasonable measures, to minimize the transmission and effect of spam emails in its computing environment.
Can this information be reviewed?
RetargetSpark strives to comply with all applicable laws around the globe that are designed to protect your privacy and information, no matter where that information is collected, transferred, or retained. Although legal requirements may vary from country to country, we intend to adhere to the principles set forth in this Privacy Statement even if information is transferred from your country to other countries that may not require an adequate level of protection for your information.
Data Subjects/ Data Principal Rights Regarding Personal Data
Some data protection laws, including the India Digital Personal Data Protection and European Union’s General Data Protection Regulation (“GDPR”), provide you with rights in connection with Personal Data you have shared with us when we are the data controller/fiduciary.
- The right to be informed: You are entitled to be informed of the use of your Personal Data. This Privacy Policy provides such information to you.
- The right of access: You have the right to request a copy of the Personal Data we hold about you.
- Right to correction and erasure of personal data- You may direct us to correct any inaccuracies in your personal information, update incomplete, irrelevant or inaccurate data in our systems, and also request complete erasure of your personal data from our records which is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose.
- Grievance Resolution Rights- We maintain a robust grievance redressal framework focused on protecting your privacy interests.
- Right to Nominate- You retain the right to designate a nominee who shall exercise these rights on your behalf, ensuring continuity of data protection in the event of incapacity or death.
- The right of correction: You have the right to request corrections or changes to your Personal Data if it is inaccurate.
- The right to be deletion: You have the right to request that we delete records of your Personal Data. We will delete your Personal Data as long as there is no legal obligation or prevailing right for us to keep it. Please note that deletion of your Personal Data will likely impact your ability to use our services.
- The right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
- The right to data portability: You have the right to a portable copy of your Personal Data that you have submitted to us. This is subjected to technical feasibility.
- The right to refuse to be subjected to automated decision making, including profiling: You have the right not to be subject to automated decision making and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- EU Data Subjects- The right to lodge a complaint with a supervisory authority
You can make these requests by emailing us at privacy@retargetspark.com . We will consider your request in accordance with the applicable laws.
If you want to be excluded from targeted advertising, you can always do so by opting out from further data processing for purposes of delivering ads to you. Click to Opt-Out of targeted advertising
What is my right to know about the personal information collected, disclosed, or sold?
You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive and verify your request, we will disclose to you the categories of information we collected about you, the categories of sources for the information we collected about you, our business or commercial purposes for collecting that personal information, the categories of third parties with whom we share that information, the specific pieces of information we collected about you and other information that we are obliged to provide under the applicable laws.
Please note that we may be required to ask you for further information to confirm your identity before we provide the information requested. We may ask you to fill in a special Data Subject/Principal Access Request Form to facilitate the process of providing access to your data.
7. What is my right to request deletion of the information?
You have the right to request the deletion of your information collected and maintained by us in the cases where (i) information is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) you withdraw consent on which the processing is based, and there is no other legal ground for the processing; (iii) when you object to the processing, and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes; (iv) the information have been unlawfully processed; (v) where the information has to be erased for compliance with a legal obligation; (vi) the information have been collected in relation to the offer of information society services directly to a child and subject to consent. Once we receive and verify your request, we will delete (and direct our service providers to delete) your information from our records unless applicable laws do not provide for the deletion of the information in a particular case (for instance, retaining the information is necessary for us or our service provider(s) to complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, comply with a legal obligation, make other internal and lawful uses of that information that are compatible with the context in which you provided it).
8. What is my right not to receive discriminatory treatment while exercising my rights?
When you exercise your rights enshrined in applicable laws, you also have the right to non-discrimination. For example, because you exercised your rights under applicable laws, you will not be denied any goods or services, charged with a different price, provided a different quality of goods and services etc.
Retention of Your Personal Data
We may retain your Personal Data during the period of time needed for us to conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
Do you engage in automated individual decision-making, including profiling?
No, we do not make decisions based solely on automated processing, including profiling, which would produce legal effects concerning you.
10. Does your website use cookies or similar tracking technologies?
Yes. Cookies are small textual files containing an identifier that is sent by a web server to your web browser and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
International Transfer
We adhere to all applicable laws and regulations regarding personal data protection. As a global organization, personal data may be utilized and transferred worldwide for business purposes within RetargetSpark, always in line with this Privacy Policy and local legal requirements.
The data protection laws in the countries where we process data may differ and potentially offer less protection than your home country’s laws. To ensure the protection of your personal data when transferred outside your jurisdiction, we implement suitable safeguards and rely on legally provided mechanisms.
Right to Complain to the Supervisory Authority
You can contact the Supervisory Authority if you have any concerns about how RetargetSpark has handled your personal data.
Right to submit a Request to the Data Protection Board
If you have any concerns about our processing of your personal data, you are entitled to lodge a complaint with the Data Protection Board of India. You can find the contact details for the board in your jurisdiction here.
Notification of Changes
If we decide to change our Privacy Statement, we will post those changes on this page, so our users are always aware of the information we collect and how we use it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not, we use their information in this different manner. We will use information in accordance with the Privacy Statement under which the information was collected.
Where links are provided to other websites it should be noted that they are not and cannot be governed by our Privacy Statement. We cannot guarantee your privacy when you access other websites through any link provided on this website
Disclaimer
Our sites are not intended for use by children. We do not knowingly collect personal data from visitors under the age of 16 or minors as defined by the jurisdiction from which you are accessing our sites or services. If a child has provided us with personal data, a parent or guardian may contact us to request deletion of this information from our records.
If you believe we may have inadvertently collected information from a child under 16 or a minor in the relevant jurisdiction, please contact us at privacy@retargetspark.com. Upon learning that we have collected such data, we will promptly take steps to delete it.
How to Contact Us
If you have any specific questions about this Privacy Policy, you can contact us via email, by writing to us at the address below or by filling in the webform.
Send an email to privacy@retargetspark.com
Send mail to our address:
RetargetSpark
Attn:DPO
Address: 128, City Road, London, EC1V 2NX, UNITED KINGDOM
Fill in a request online using Data Principal Rights Page