Last Modified: 28 June 2021
We encourage you to read the whole notice but if you wish to jump to a certain subject, please use the table below.
- Privacy commitment and scope
- Personal Data we Process
- How we use Personal Data and lawful basis
- Social media
- Content sharing features
- How long do we keep Personal Data?
- Links to third-party websites
- Your Rights
- International transfers
- Information sharing
- Contact Us
We care about your privacy and we want you to understand how we process Personal Data and what choices you have with regards to it. We have taken steps to provide you with this information as clear and easy as possible, but if you have any questions you can always contact us.
Epsilon collects the following categories of Personal Data:
Contact information such as name, email address, telephone number, company you work for, business title, postal address and other similar types of information. You must be 18 years of age or older to submit this type of information to us. This type of Personal Data is collected when:
- You provide it us, for example through your participation in surveys, our sign-up forms.
- You attend or register for our marketing events, trade shows and webinars. We sometimes arrange these types of activities together with third parties.
- You use functionalities and features of our Websites and Services. In some cases, we will also collect and retain your username and password.
- You correspond with us through email. In these cases, we will also retain the content of your email messages together with the resulting correspondence.
- You choose to disclose this type of Personal Data on message boards, chats, profile pages, social media posts or comments, blogs and other features on our Websites or our Services which allows you to this. Please note that any information you post or disclose through these features will become public and may be available to visitors to our Websites and to the general public. We urge you to be very careful when deciding to disclose your Personal Data, or any other information.
We may also collect this type of Personal Data from publicly available sources, such as LinkedIn, or receive it from our partners who have collected it therefrom.
We ask that you not send or disclose any sensitive or special categories of Personal Data (for example information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) to us through our Website or otherwise. Also, our Website and Services are not intended for children under the age of 16. We ask that children not provide any Personal Data through our Website or Services.
We use Personal Data for the following purposes:
- Direct marketing in accordance with your preferences via email, phone and other channels. Such marketing could include newsletters, white papers, market research opportunities and similar.
- To fulfil requests you have made to us, including communicate with you, respond to your inquiries and provide updates on our products and Services,
- To analyse and report on trends and activities on our Website and our marketing efforts, such as understand the parts of our Website visited most often.
- To improve our Services, Website and marketing communications, which includes improving the user experience of such.
- Administer our Services and Website.
We rely on legitimate interests for most of the above processing activities, which include providing our Services, operating our business, obtaining new clients, retaining existing clients and responding to questions and inquiries. Further information can be provided upon request.
To administer our Services and Website and to fulfil requests you have made to us, such as to communicate with you, respond to your inquiries and provide updates on our products and Services we process some of your Personal Data to deliver a contractual service to you, or to do something before entering into a contract with you (for example provide you with a quote).
We sometimes engage social media platforms to display direct marketing to you on their platform. We use “list-based” and “look-a-like” tools to do this. Using list-based tools involves the uploading of Personal Data to the social media platform in question (such as a list of email addresses). The platform then matches the uploaded Personal Data with its own user base. Any user that matches the uploaded list is added into a group that will be sent the selected marketing message. Look-a-like tools offer the ability to build other audiences based on the characteristics of an original audience that was created using a list-based tool. These audiences generally comprise of users that have not previously engaged, but who look like the list-based audience (i.e. they are users with similar interests, behaviours, or characteristics). When creating this sort of audience, the social media platform uses Personal Data it has about other users of its platform to find users who match the interests and behaviours of users that are current customers. Examples include Facebook Custom Audiences or LinkedIn Contact Targeting. We have contractual controls in place to ensure that the social media platform can only use the Personal Data we share to enable the provision of the service they are providing to us. We are not responsible for the data practices of social media platforms and recommend you read their own privacy policies.
Our Websites include social media sharing features, such as LinkedIn, Facebook and Twitter buttons. A Cookie might be set to enable such features to function properly. These features may collect information about your browser and your device, including your IP address as well as which part of our Websites you are visiting.
We also have other content sharing features embedded on our Websites, such as YouTube, SoundCloud and Wistia, which lets us share content with you directly (e.g. videos, podcasts, tracks and playlists). The providers of these content sharing features might collect information about you (including Personal Data), such as what part of our Website you visited. They do this to be able to recognise you, and in some cases show you personalised content. We are not responsible for the data practices of these providers and recommend you read their own privacy policies.
Some features might allow you to email useful information from our Website to a friend or colleague. If you choose to do so, we may ask you to provide your full name and email address, as well as your friend’s complete email address. We will send your friend a one-time email inviting them to visit our Website, except where prohibited by law.
Cookies are widely used by website owners in order to make their websites work, operate more efficiently, as well as to provide reporting information and store things like personalisation details or user preferences. Cookies can also be used to improve your experience when seeing web and mobile advertisements and ensure that when you click on an advertisement, you are sent to the correct click-through destination.
Cookies set by the website owner (in this case, Epsilon) are called "first party Cookies". Cookies set by parties other than the website owner are called "third party Cookies". Third party Cookies enable third party features or functionality to be provided on or through the website (e.g. like advertising, interactive content and analytics). The parties that set these third party Cookies can recognise your computer and device both when it visits the website in question and also when it visits certain other websites.
Please note that the specific Cookies served may vary depending on the specific part of the Website you visit.
Essential website Cookies
These Cookies are strictly necessary for our Websites to function properly and to use some of its features, such as access to secure areas. Because these Cookies are strictly necessary to deliver the Website content to you, you cannot refuse them. However, you can block or delete them by changing your browser settings.
Performance and functionality Cookies
These Cookies are used to enhance the performance and functionality of our Website but are non-essential to their use. However, without these Cookies, certain functionality may become unavailable.
Analytics and customisation Cookies
These Cookies collect information that is used either in aggregate form to help us understand how our Website are being used or how effective are marketing campaigns are, or to help us customise our Website for you.
These Cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.
We retain all Personal Data in accordance with our data retention policy which abides by applicable law. The retention period depends on the type of data. For example, we retain Personal Data we collect from our Websites and through our direct marketing efforts and business-to-business relationships for up to four (4) years.
All direct marketing messages will include an opportunity to unsubscribe or opt-out of future messages. For example, via an unsubscribe link in the bottom of an email. You can change your preferences at any time by clicking on that link.
In situations when we rely on consent to process your Personal Data you have the right to withdraw your consent at any time.
If you wish to exercise any other rights you might have under Data Protection Laws (including access, deletion, rectification, portability and restriction), please contact us using the contact details provided below.
In order to provide our Services and make our Websites available, we transfer Personal Data to, and Process Personal Data in, countries outside the European Union (EU), the European Economic Area (EEA) and the United Kingdom. More specifically our servers are located in the United States, and our processors operate around the world including the United States and India.
We have taken appropriate and suitable safeguards to ensure that your Personal Data will remain protected when transferred outside EU/EEA and the UK. This includes implementing Standard Contractual Clauses for transfers of Personal Data adopted by the European Commission. Further information about our international transfers as well as the safeguards in place can be provided upon request.
We share your Personal Data:
- With other companies within the Publicis Groupe for the purposes above,
- With our processors such as email service providers, customer database providers and analytics providers,
- With social media platforms and providers of content sharing features as described above,
- Third parties in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stocks (including in connection with any bankruptcy or similar proceedings); and
- As we believe necessary and appropriate: (a) under applicable law; (b) to comply with legal processes and obligations; (c) to respond to requests from public and governmental authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations; (f) to protect our rights, privacy, safety or property; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
We have implemented appropriate technical and organisational security measures to protect the Personal Data in our care, both during transmission and once we receive it. This includes physical and technical security measures to protect our Personal Data from accidental or unlawful destruction, loss, or alteration, and from unauthorised disclosure or access. Although please note that no method of transmitting information over the Internet or storing information is completely secure.
Our Data Protection Officer is tasked with informing and advising us on the obligations that apply to us under GDPR and other privacy related laws, as well as monitoring our compliance with the same. If you need to contact our Data Protection Officer, please email us here. However, we respectfully ask that you only contact our Data Protection Officer regarding urgent matters relating to data protection.
You have the right to report a concern to your country’s Data Protection Authority. UK residents can report a concern to the Information Commissioner’s Office here: https://ico.org.uk/concerns/.
“Controller”, “Data Subject”, “Personal Data”, and “Processor” has the meaning given to them under Data Protection Laws.
“Data Protection Laws” means (i) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”); (ii) any applicable national legislation in the United Kingdom that replaces or converts in domestic law the GDPR or any other law relating to data and privacy as a consequence of the United Kingdom leaving the European Union; and (iii) the UK Data Protection Act 2018.
“Epsilon” means Epsilon International UK Ltd, registered in England and Wales with company number 03610044, whose registered address 1st Floor 2 Television Centre, 101 Wood Lane, London, United Kingdom, W12 7FR.
“Services” means the Abacus Alliance and other marketing related services that we provide to our clients, in more detail described here.
“Website” means https://abacus.epsilon.com/.