Privacy Notice

Effective date: December 27, 2019

INTRODUCTION

This website (the “Site”) is operated, hosted and owned by Mapp Digital US, LLC and its affiliates (collectively “Mapp,” “we,” or “us”). The Site, together with any other mobile or web applications, products, or services offered to our clients (“Clients”) may be referred to herein collectively as the “Services.”

We are committed to meeting the digital marketing needs of our Clients, and to helping our Clients better engage with their customers on a personal level. We are also committed to the privacy of those customers, as well as visitors to the Site, and any other end users (collectively, “you” or “user”) who interact with our Services, in line with the European Union (EU) General Data Protection Regulation (GDPR), the Californian Consumer Privacy Act (CCPA) and other applicable data protection laws. We therefore adhere to the following data protection principles:

  • Purpose legitimacy and specification
  • Openness, transparency and notice
  • Consent and choice
  • Collection limitation
  • Data minimization
  • Use, retention and disclosure limitation
  • Accuracy and quality
  • Availability
  • Confidentiality and integrity
  • Individual participation and access

We provide this Privacy Notice to inform you of our policies and procedures regarding the collection, storage, use and disclosure of your Personal Information (or “Information”, “Data”) such as your name, phone number, email address, or mailing address. Please note that your use of the Services may also be subject to Mapp’s Acceptable Use Policy, available here: https://mapp.com/acceptable-use-policy/

PROVISIONING OF THE WEBSITE

Each time this Site and other web-based Services are accessed, our web servers automatically collect Information from the user’s system. This includes Information about the browser type and the version used, the operating system of the user’s terminal device, the Internet Service Provider of the user, the IP address of the user, date and time of access, and the previous website from which the user accesses our Site. Additionally, the following essential cookies may be placed on your computer or device to allow our Site to remember you during your visit, to ensure it’s functioning properly, and for compliance purposes.

Cookie Name Purpose Duration
cookielawinfo-checkbox-google-analytics This cookie is set by our Cookie Consent plugin. The purpose of this cookie is to check whether or not the user has given the consent to the usage of cookies under the category ‘Analytics’.

You can withdraw your consent by deleting this cookie.

12 months
cookielawinfo-checkbox-analytics This cookie is set by our Cookie Consent plugin. The purpose of this cookie is to check whether or not the user has given the consent to the usage of cookies under the category ‘Analytics’.

You can withdraw your consent by deleting this cookie.

12 months
viewed_cookied_policy The cookie is set by our Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

You can withdraw your consent by deleting this cookie.

12 months

 

Processing this Information is necessary for Mapp to be able to provide an Internet presence and to ensure its security, and is therefore based on our “Legitimate Interest” to be “visible” to the market in accordance with Art. 6.1(f) of the GDPR.

The above-mentioned Information will be deleted as soon as it is no longer required for the purpose of its collection. When storing data in the log file for security purposes, this is generally the case after no more than 7 days.

CONTACTING MAPP

If you contact us via contact form, support ticket or e-mail, the Data you provide will be used to process your request. Your Contact Data may be transferred to our CRM system. The Data you provide is necessary for processing and answering your enquiry – we cannot answer your enquiry without providing it, or we can only answer it to a limited extent.

Mapp has the “Legitimate Interest” as per Art. 6.1(f) of the GDPR to provide ways to be contacted and to process the Data transmitted in the course of sending a request. If the purpose of the request is to conclude a service contract or process a technical support request, the additional legal basis of the processing is “Performance of a Contract” in accordance with Art. 6.1(b) of the GDPR.

When you contact us via the website form, request a demo, register for a webinar, contests or promotions, want to download content or register for and attend events, we will ask for your “opt-in” to be contacted by Mapp. Some offerings such as whitepapers or promotions are funded based on marketing use cases, i.e. you get something for “free” in exchange for the Personal Information needed by us to follow-up with you as a potential future Client. The processing of this Information is based on your “Consent” in accordance with Art. 6.1(a) of the GDPR.

Data processed in this context will be deleted when no longer necessary to achieve the original purpose and defined retention periods expired.

You have the possibility to object to the data processing or withdraw your consent at any time. The objection must be sent to our Data Protection Officer, preferably via the following email address: privacy(at)mapp.com. In this case, all Personal Information stored in the course of establishing contact will be deleted unless there are any storage obligations to the contrary.

EMAIL MARKETING

We use our newsletter to keep you up to date on all the latest news connected with our business- but only if you opted in to receive such newsletters. You will have to provide us with a valid email address and basic Personal Information for personalization purposes, including at least your first name, last name, and title. When you register for our newsletters, we will also store your IP address with a time stamp to be able to prove your registration in accordance with the Double Opt-In procedure. We also use so-called pixel tracking to collect certain events when marketing emails are sent (e.g. emails received; emails opened; clicks on links) to create aggregated statistics and reports on the effectiveness of our email marketing campaigns.

For the management of email subscriptions, messaging and performance measurement, we use HubSpot, a tool operated by our service provider HubSpot Inc., 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. HubSpot is subject to the EU-US Privacy Shield.

Legal basis of the processing of your Information for email marketing is your “Consent” in accordance with Art. 6.1(a) of the GDPR. We do not send you newsletters unless you have affirmatively opted in to receive newsletters.

If you are an existing Client, based on our “Legitimate Interest” per Art. 6.1(f) of the GDPR to advertise our products and to maintain a good relationship with you, you may receive marketing emails from us informing you about offerings related to Services you already purchased.

You can unsubscribe from our marketing emails at any time using the link within the newsletter, or object to the data processing. The objection must be sent to our Data Protection Officer, preferably via the following email address: privacy(at)mapp.com.

Marketing and email contacts, including newsletter recipients, are deleted when such users become inactive, click an “unsubscribe” button, or otherwise opt out of communications unless there are any storage obligations to the contrary.

HUBSPOT ANALYTICS

In order to analyze the performance of our efforts, we use campaign analytics functionality on our Landing and Subscription Pages, provided by our service provider HubSpot Inc, 25 First Street, 2nd Floor, Cambridge, MA 02141, USA. Therefore, the following cookies may be set by Hubspot:

Cookie Name Description Duration
__hssrc Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. Session
__hstc The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session). 13 months
hubspotutk This cookie is used to keep track of a visitor’s identity. This cookie is passed to HubSpot on form submission and used when deduplicating contacts. 13 months
_hssc This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. 30min
__cfduid Cloudflare cookie set by Hubspot – Used to speed up page load times and restrict access from malicious IP addresses. 30 days

 

The processing of this Information is based on your “Consent” in accordance with Art. 6.1(a) of the GDPR given when you first visited a Hubspot-enabled section on our Website.

GOOGLE ANALYTICS AND AD MANAGER

We use the tool Google Analytics on our Site to create analyses of the use of our web pages in order to optimize our Site. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, (“Google”). In Google Analytics, interactions between users of our website are primarily recorded and systematically evaluated using cookies. When details of our website are accessed, the following Information is stored: Anonymized IP address, the website accessed, the website from which the user accessed the accessed website, the subpages that are called from the page that is called, the time spent on the website, and the frequency of calling the site.  The Data stored through tracking will be deleted as soon as they are no longer needed for our purposes, in this case, after 14 months.

The following cookies might be set by Google:

Cookie Name Purpose Duration
_ga

 

This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports.

 

24months
_gid This cookie stores and updates a unique value for each page visited. 24 hours

 

On our website we also use the service Google Ad Manager (formerly: DoubleClick For Publishers), an offer from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) (“Google”). This platform enables the placement, control and optimization of advertisements on websites. For this purpose, the listed cookies may be used. Conclusions about your person are generally excluded.

Google LLC is certified according to the Privacy-Shield-Agreement between USA and EU. For more information about Google’s privacy practices, please visit our Privacy Policy: https://policies.google.com/privacy

The legal basis for using Google Analytics and Google Ad Manager is your “Consent” as per Art. 6.1(a) of the General Data Protection Regulation.

You can generally prevent Google from processing your Data on websites by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout

LINKEDIN ANALYTICS AND MARKETING

Our Website uses LinkedIn Insights Tracking, an analytics service provided by LinkedIn (“LinkedIn”) Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. With your consent, the LinkedIn Insight Tag matches visitors of this Website with registered LinkedIn members in order to provide us with anonymous statistics, for instance about our website users’ demographics. Therefore, LinkedIn may set the following cookies:

Cookie Name Purpose Duration
bscookie Secure LinkedIn Browser ID cookie for share buttons and ad tags. 12 months
bcookie LinkedIn Browser ID cookie for share buttons and ad tags. 12 months
Lang Language changer Session
li_sugr Used by the social networking service, LinkedIn, for tracking the use of embedded services 3 months
Lidc LinkedIn cookie used for routing from share buttons and ad tags 24 hours
UserMatchHistory LinkedIn insights and ads tags used to track visitors so that more relevants ads can be presented based on visitor’s preferences 1 months

 

Legal basis for the use of this tracking technology is your “Consent” as per Art. 6.1(a) of the General Data Protection Regulation.

LinkedIn members have the option to opt out of LinkedIn Conversion Tracking and block and delete cookies at https://www.linkedin.com/psettings/advertising/ or disable demographic features. There is no separate opt-out option in LinkedIn’s settings for third-party impressions or click tracking for campaigns running on LinkedIn, as all underlying campaigns respect LinkedIn member settings. You can find LinkedIn’s privacy policy here: https://www.linkedin.com/legal/privacy-policy

LinkedIn is certified under the EU-US Privacy Shield. More information about the processing of your Data by LinkedIn is available here: http://www.linkedin.com/legal/privacy-policy

 

GOOGLE MAPS

We use Google Maps on our Site to display the locations of our offices and to create route descriptions. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, (“Google”). Google is certified under the EU-US Privacy Shield, which guarantees that the EU’s data protection requirements will also be met when Google processes data in the US.

If you call the Google Maps component integrated in our Site, Google will save a cookie on your device via your Internet browser. Your user settings and data are processed in order to display our location and create a route description. We cannot exclude the possibility that Google may use servers in the USA.

Legal basis for this processing is our “Legitimate Interest” as per Art. 6.1(f) of the GDPR to optimize our Site.

You can find out which data is collected by Google and what this data is used for at https://policies.google.com/privacy

If you do not agree with this processing, you have the possibility to prevent the installation of cookies by the appropriate settings in your Internet browser.

 

GOOGLE FONTS

Our Site uses Google Fonts to present fonts. This is a service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, (“Google”). Google is certified under the EU-US Privacy Shield, which guarantees that the EU’s data protection requirements will also be met when Google processes data in the US. Google Fonts is used without authentication and no cookies are sent to the Google Fonts API. If you have an account with Google, none of your Google Account information will be transmitted to Google while using Google Fonts. Google only records the use of CSS and the fonts used and stores this information securely.

Legal basis for this processing is our “Legitimate Interest” in accordance with Art. 6.1(f) of the GDPR to optimize our Site.

You can find out which data is collected by Google and what this data is used for at https://policies.google.com/privacy

 

YOUTUBE VIDEOS

We use videos from YouTube on our Website. YouTube (“YouTube”) is a service of YouTube LLC, 901 Cherrry Ave. San Bruno, CA, 94066, USA and is provided by them. YouTube is a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, (“Google”).

Each time you access a page that offers one or more YouTube video clips, a direct connection is established between your browser and a Youtube server in the USA. Information about your visit and your IP address may be stored there.

If you are logged in to YouTube at the same time, YouTube will assign the connection information to your YouTube account. If you wish to prevent this, you must either log out of YouTube before visiting our website or make the appropriate settings in your YouTube user account.

YouTube permanently stores cookies on your terminal device via your Internet browser for the purpose of functionality and analysis of user behaviour. If you do not agree with this processing, you have the option of preventing the cookies from being saved by making a setting in your Internet browser.

Google’s Privacy Shield certification guarantees an appropriate level of data protection while doing so. You can find YouTube’s privacy policy at https://policies.google.com/privacy

Legal basis for this processing is our “Legitimate Interest” as per Art. 6.1(f) of the GDPR to optimize our Site. By incorporating YouTube videos, we aim to provide you with various videos on our website so that we can make our website even more attractive and informative for you.

 

SOCIAL MEDIA PAGES (“FAN PAGES”)

We maintain publicly accessible profiles on the social media platforms Facebook, Twitter, YouTube, Instagram, Xing and LinkedIn (‘social media pages’ or ‘fan pages’).

If you visit one of our social media pages when you are logged in to the respective social media network, the social media provider can analyze your usage behavior and associate the Information collected with your social media account, where it may also be enriched. Even if you are not logged in or if you do not have an account with the respective social media network, the social media provider may collect your Personal Information, such as your IP address or data generated by a cookie. The operators of social media platforms can use this Data to create user profiles. Your user profile can then be used to show you ads related to your interests on social media sites as well as other websites.

If you visit one of our social media pages, we share responsibility with the social media provider for the collection and processing of your Personal Information that takes place on that platform. With regard to information about the collection and processing of your Data on such platforms, we refer you to the privacy policies published by the respective social media networks. We do not have any additional information available. The privacy policies of the various social media networks can be found on the following pages:

 

We can provide you with information about the appropriate guarantees for Data transfers to third countries in accordance with Art. 46 of the GDPR at any time on request.

You are able to assert your rights under Chapter 3 of the GDPR (right to information, rectification, erasure, restriction of processing, data portability, etc.) both against us and against the relevant social media provider. In this context and with regard to our social media pages, we would like to point out that we can only control the processing of Personal Information and the implementation of Data Subjects’ rights within the scope of the options presented to us by the respective provider.

The legal basis for our use of social media pages is our “Legitimate Interest” according to Art. 6.1(f) of the GDPR to run marketing of our events and Services on the Internet.

  

REGISTERED CLOUD SERVICE USERS

Mapp is a marketing technology provider and offers Cloud Services to its Clients which are the controllers of their own marketing contacts’ Personal Information. Mapp is therefore the Processor of this Personal Information; the processing is governed by a Data Processing Agreement between Mapp and its Client and not within the scope of this Privacy Notice. Mapp however remains Controller of those Personal Information related to the registration, login and usage of our Cloud Services by system users.

During the registration process basic user profile data is collected including the user’s name, business email address (used as user identifier), password (stored in hashed format), and permissions. During login you’ll be required to provide your business email address and your password. While you’re using the system, we create logs of your actions including what you accessed, from which IP address and at which time. To better understand how you use our products and to continuously improve our product offerings, we may use additional analytic tools. Additional Data may be shared when you use technical integrations of Mapp Cloud with other solutions. When you are a registered user of one of our Cloud Services, we may automatically register you in our support system, which simplifies the process for you to contact our technical support team. Furthermore, we use relevant Information for billing purposes. Without a registered user account, you cannot use our Cloud Services.

The legal basis for the processing is the “Performance of a Contract” (Art. 6.1(b) of the GDPR). The processing of any Personal Information serves the provision, maintenance and improvement of our software services, as well as the security.

The above-mentioned Data will be deleted after they are no longer necessary to achieve the purpose for which they were collected, generally upon the expiration of the underlying service contract, considering retention periods under tax and commercial law.

 

APPLYING FOR A JOB AT MAPP

Embedded into this Site, you’ll find our online application tool provided by our service provider ADP LLC, One ADP Boulevard, Roseland, NJ 07068, USA, which allows you to see open positions and to apply for a job at Mapp.

We process the Personal Information you have sent us in connection with your application in order to assess your suitability for the position (or any other open positions in our company) and to complete the application process. Once you received and accepted an offer from Mapp, a background verification process will be initiated, which is necessary due to market requirements. Goals of the background verification check are to verify your identity and criminal record clearance, and to confirm claimed qualifications and employments within the last 5 years (as far as relevant). Candidates for financial roles may also be subject to a credit review.

The processing of your Personal Information in this application procedure is necessary for the establishment of an employment relationship, i.e. we can only hire you when you provide the Personal Information we need. Legal basis for the processing of Applicant Data is therefore “Performance of a Contract” as per Art. 6.1(b) of the GDPR. Should the Data be necessary for legal prosecution after completion of the application procedure, further processing will be based on our “Legitimate Interest” in the assertion or defense of claims as per Art. 6.1(f) of the GDPR.

In the event of rejection, your Applicant Data will be deleted 6 months after the assignment of the respective position unless you agreed on further storage in our applicant data pool and consideration for open positions in the future. These Data will be checked annually to see whether there is a need for further storage; otherwise the Data will be deleted. If you have been awarded a position as part of the application process, the data will be transferred from the applicant data system to our personnel information system.

Your Applicant Data will be viewed by the Human Resources department after receipt of your application. Suitable applications will then be forwarded internally to the department managers responsible for the respective open position. The rest of the process is then coordinated. Within Mapp, only those persons have access to your Personal Information who need it for the proper course of our application procedure. Furthermore, we use specialized service providers for the application process which may involve the processing of your Personal Information outside of the European Economic Area (“EEA”).

 

MARKETING EVENTS

Mapp regularly runs or sponsors Marketing Events, where we might collect, use and store the following kinds of Data about you:

Data Categories Type of Data Source of the Data
Registration data  First name, last name, job title, employer name, work address, work email, and work phone number We collect this data directly from you through your registration for a Mapp marketing event
Business card data First name, last name, job title, employer name, work address, work email, and work phone number We collect this data directly from you when you intentionally give us your business card.
Feedback information First name, last name, job title, employer name, work email, work phone number, your personal satisfaction from the event and your preferences for future Mapp events We collect this data directly from you when you fill in a feedback from at a Mapp event.
Photographs and video recordings Your image alone or with other people in the context of the Mapp marketing event, taken during the official part as well as the networking/informal part of the event. We either take photographs and make videos ourselves or engage a third party – professional service provider who will process the data under our instructions and only for our purposes.

 

Mapp will process your Registration Data to administer your participation at Mapp events, for security purposes, and, upon your request – to issue an invoice, based on the Legal Ground “Performance of a Contract” in accordance with Art. 6.1(b) of the GDPR.

We will use your business card data to reach out to you and establish a professional contact with a view to cooperate in the future and will send to your email address a proposal to join our data base and receive marketing communication from us (also see section “Contacting Mapp”). You are free to accept or decline this proposal. Once subscribed you can always unsubscribe from the emails you receive from us at any time by clicking the unsubscribe link located at the bottom of the email (also see section “Email Marketing”).

We will process your data in relation to the feedback that you have provided to us for the purposes of measuring your satisfaction and improving the quality of Mapp events. If, in the feedback form, you have specifically requested Mapp to contact, we will use your data to reach out to you to discuss our services and how Mapp can support your organization (also see section “Contacting Mapp”).

We will publish the photographs and video recordings from Mapp marketing events (on which you might appear on the front line or in the background) on the Mapp Website, Social Media or on other electronic or paper media based on our “Legitimate Interest” to promote our services and strengthen our market presence in accordance with Art. 6.1(f) of the GDPR. We will inform you already at the invitation for the event, with the registration form as well as by placing explicit signs at the event location that photographs and videos, with intention to making them public, will be taken. If you would not want to be photographed or video recorded at the Mapp event, or if you do not want us to publish any picture or other visual media on which you may appear, please let us know (at the event registration or by sending an email to us) before the event, and we will conform.

If you are a speaker on the stage at a Mapp marketing event, we will publish the pictures and videos on which you appear after obtaining your consent to do that. You can withdraw this consent at any time by sending an email to us.

Data processed in this context will be deleted when no longer necessary to achieve the original purpose and defined retention periods expired.

 

RECIPIENTS OF YOUR PERSONAL INFORMATION

Where appropriate, we may share your Personal Information with various recipients, including the following categories:

  • Our third-party service providers who process Personal Information on our behalf for IT and system administration and hosting, billing, research and analysis, marketing, customer support and other purposes (e.g. data centers, SaaS applications)
  • Affiliates within our group of companies that process Personal Information for, amongst others, customer service, marketing purposes, technical operations and account management
  • Sponsors of events, webinars and contests for which you have registered
  • Public and regulatory authorities, where we are required to disclose Personal Data in order to comply with our legal obligations

 

PROTECTING YOUR PERSONAL INFORMATION

Mapp applies effective security safeguards to protect your Personal Information and therefore complies with and is partly certified against ISO 27001.

ISO 27001 is the international standard for information security management and defines the requirements for the introduction, operation, monitoring, and continual improvement of an effective information security management system (ISMS). It systematically ensures that an organization implements and maintains commercially reasonable and industry standard technical and organizational safeguards to preserve the security of (Personal) Information.

Though we do everything we can to prevent a security breach from happening, there are no guarantees. In the case we learn of a security breach, we may attempt to notify you electronically so that you can take appropriate protective steps, by posting a notice on the Site if a security and/or sending an email to you at the email address you have previously provided to us. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. To receive a free written notice of a security breach, or to withdraw your consent from receiving electronic notice, you should notify us.

 

INTERNATIONAL DATA TRANSFER AND PRIVACY SHIELD

Mapp is registered under the EU-U.S. Privacy Shield Framework (“Privacy Shield”), and accordingly is committed to the EU-U.S. Privacy Shield Principles. For a list of all companies participating in Privacy Shield, see here: www.privacyshield.gov/list. Mapp is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).

Mapp shall remain liable under the EU-U.S. Privacy Shield Principle of Accountability for Onward Transfer if its sub-processors process your Personal Information in a manner inconsistent with the Privacy Shield Principles, unless we prove we are not responsible for the event giving rise to the damage.

If you are visiting this website from a country other than the country in which our servers are located, your communications with us will result in the transfer of information across international boundaries. By visiting this website and communicating electronically with us, you consent to such cross-border transfers. In the case of data transfers from the European Economic Area (“EEA”) the EU-U.S. Privacy Shield Framework applies.

Your Information may be transferred to and maintained on servers located outside of your country where the privacy/data protection laws may not provide the same protection level as those in your jurisdiction. If you are located outside the United States and choose to provide Information to us, we might transfer Personal Information to the United States and process it there. To ensure the safety of this transfer and the compliance with the applicable European data law, we utilize Standard Contractual Clauses, the EU-U.S. Privacy Shield (if applicable) and express consents (Data Transfer Agreements) in relation to Personal Information originating the European Union or the United States.

Details about the Standard Contractual Clauses issued by the European Commission are available here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en

 

YOUR RIGHTS AND HANDLING OF COMPLAINTS

If Personal Information about you is processed, you are the Data Subject in the sense of the GDPR. Therefore, you are entitled to the following rights against us as Controller: Right to information, right to rectification, right to limitation of processing, right to deletion, right to data transferability, right of appeal, right to revoke the declaration of consent under data protection law. Some data processing procedures are only possible with your express consent. You can withdraw your consent under data protection law at any time, but this does not affect the legality of the consent until revocation.

Additionally, you have the right to object data processing. To the extent that your personal data is processed to protect the predominant “Legitimate Interests” of the Controller per Art. 6.1(f) of the GDPR as laid out in this Privacy Notice, you may object to such processing with effect for the future. For this purpose, please contact the Controller. As a rule, the right to object is only available to you for reasons arising from your particular situation (Art. 21.1 GDPR). Once you have exercised your right to object, your personal data will no longer be processed for these purposes unless the Controller is able to demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or if such processing serves to lodge, action or defend a legal claim. If the processing is carried out for the purposes of direct marketing, you may exercise the right to object to this at any time (Art. 21.2 GDPR), and your Personal Information will then no longer be processed for direct marketing purposes.

In compliance with the EU-U.S. Privacy Shield Principles, Mapp commits to resolve complaints about your privacy and our collection or use of your Personal Information. European Union individuals with inquiries or complaints regarding this Privacy Notice should first contact our Data Protection Officer, preferably via the following email address: privacy(at)mapp.com.

Please note that in the event of such a request, we are required to collect additional personal information that will enable us (a) to verify your identity before providing you with information and (b) to retain evidence of your request and how we have responded to it.

Mapp has further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield Principles to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit JAMS’s Privacy Shield website for more information and to file a complaint. These dispute resolution services are provided at no cost to you.

If your complaint is not resolved after following the recourse mechanisms described above, you may have the ability to invoke binding arbitration. Additional information is available here: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Please note that, in addition, you also have the right to lodge a complaint with the supervisory authority in the relevant EU Member State. Mapp commits to cooperate with the EU supervisory authorities and comply with the advice given by such authorities. For instance, you can contact:

Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach

Non-EU Citizens

Mapp commits to resolve complaints about your privacy and our collection or use of your personal information. Non-EU citizens with inquiries or complaints regarding this Privacy Notice should first contact our Data Protection Officer, preferably via the following email address: privacy(at)mapp.com.

 

AUTOMATED DECISION MAKING

We do not carry out automated decision-making using profiling methods.

 

DISPUTE RESOLUTION

All disputes arising under this Privacy Notice shall be governed by and interpreted in accordance with the laws of California, without regard to principles of conflict of laws. Except as otherwise provided in the Privacy Shield section above, the parties to this Privacy Notice will submit all disputes arising under this agreement to arbitration in San Diego, California, before a single arbitrator of JAMS. The arbitrator shall be selected by application of the rules of JAMS, or by mutual agreement of the parties, except that such arbitrator shall be an attorney admitted to practice law California. No party to this Privacy Notice will challenge the jurisdiction or venue provisions as provided in this section. Nothing contained herein shall prevent the party from obtaining an injunction.

 

CLASS ACTION WAIVER

Any arbitration or court trial, whether before a judge or jury or pursuant to judicial reference, related to any claim under this Privacy Notice will take place on an individual basis, without resort to any form of class or representative action (“Class Action Waiver”). THIS CLASS ACTION WAIVER PRECLUDES ANY PARTY FROM PARTICIPATING IN OR BEING REPRESENTED IN ANY CLASS OR REPRESENTATIVE ACTION REGARDING A CLAIM UNDER THIS NOTICE. Regardless of anything else herein, the validity and effect of the Class Action Waiver may be determined only by a court and not by an arbitrator.

 

CALIFORNIAN CONSUMER DATA PROTECTION ACT (CCPA)

Mapp is a B2B business and therefore does not directly interact with Consumers directly. We also do not sell any Consumer Data. If you want to notify us about a potential violation, please contact us via one of the means provided below.

 

CONTACT OF THE CONTROLLER AND ITS EU REPRESENTATIVE

We are the Controller of Personal Information related to our Services within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations. Comprehensive information about our company can be found in the imprint.

Controller:

Mapp Digital US, LLC
3655 Nobel Drive
Suite 500
San Diego, CA 92122, United States of America

European Union (EU) representative:

Mapp Digital Germany GmbH
Dachauer Str. 63, Nymphenburger Hoefe NY II
80335 Munich, Germany

 

DATA PROTECTION OFFICER

Our data protection officer can be reached by post to the Controller or its EU representative (Attn: Privacy) or via email to privacy(at)mapp.com

 

CHANGES TO THIS NOTICE

We reserve the right to modify this Privacy Notice at any time. If we decide to change our Privacy Notice, we will prominently post those changes here and any other place we deem appropriate, so you are always aware of what Information we collect, how we use it, and under what circumstances, if any, we disclose it. If we make any material changes, we will notify you either by way of an email or by a notice on this Site. We will use information in accordance with the Privacy Notice as it was in effect at the time Information was collected.