Metric.ai Privacy Shield Policy


Last Updated: May 7, 2018

Measured Analytics, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Frameworks (the "Frameworks") as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area ("EEA") and Switzerland to the United States. Measured Analytics, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. Our certification can be found at https://www.privacyshield.gov/list.

This Privacy Shield Privacy Policy supplements the Measured Analytics, Inc. Privacy Policy. Unless specifically defined in this policy, the terms in this Privacy Shield Privacy Policy have the same meaning as in our Privacy Policy. In case of conflict between our Privacy Policy and this Privacy Shield Privacy Policy, this Privacy Shield Privacy Policy prevails. In case of conflict between this Privacy Shield Privacy Policy and the Principles, the Principles will govern.

How we obtain Personal Information

We obtain and process Personal Information in different capacities.

  • As a data controller, we collect and process EEA and Swiss Personal Information directly from individuals, either via our publicly available websites, including www.metric.ai, or in connection with our customer, partner, and vendor relationships.
  • As a data processor, we process and store EEA and Swiss Personal Information obtained from our customers when providing our services to our customers. In that context, we only process Personal Information on behalf of and at the instructions of our customers, which are the data controllers.

We commit to subject to the Principles all Personal Information received from the EEA and Switzerland in reliance on the Privacy Shield (which includes both types of activities).

Personal Information Received from the European Economic Area and Switzerland

We may receive from the EEA and Switzerland some or all of the information listed in our Privacy Policy. Some of that information may qualify as "personal information" or "personal data" (collectively, "Personal Information") as defined in the Frameworks. When we process Personal Information on behalf of our enterprise customers, they determine the categories of data they upload in our systems and the purposes of the processing. Accordingly, customers are responsible for providing notice to individuals.

Data Integrity and Purpose Limitation

We may use any Personal Information we obtain for the purposes indicated in our Privacy Policy or as otherwise notified to you. We will not process Personal Data in a way that is incompatible with these purposes or as subsequently authorized by you. We take reasonable steps to limit the collection and usage of Personal Information to that which is relevant for the intended purposes for which it was collected, and to ensure that such Personal Information is reliable, accurate, complete, and current. We will adhere to the Principles for as long as we retain the Personal Information collected under the Privacy Shield. When we process Personal Information in the context of our Services, we process and retain Personal Information only as necessary to provide our Services, or as required or permitted under applicable law.

Onward Transfers

We use a limited number of third-party service providers to assist us in providing our services to customers. These third-party providers offer customer support to our customers, perform database monitoring and other technical operations, assist with the transmission of data, and provide data storage services. These third-parties may access, process, or store personal data in the course of providing their services. We maintain contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our Privacy Shield obligations.

If we disclose it to a third party acting as a data controller or as an agent, we will comply with, and protect the Personal Information as provided in, the Accountability for Onward Transfer Principle.

In case of disclosure to an agent, we remain responsible for the processing of Personal Information received under the Privacy Shield and subsequently transferred to that agent if it processes such Personal Information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the inconsistent processing.

When we process Personal Information in the context of our Services, we disclose Personal Information as necessary to provide the Services and as authorized in our agreements with customers. We may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Data Security

We use reasonable and appropriate measures to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information.

Choice and Access

Where appropriate, Measured Analytics, Inc. provides you with access to the Personal Information that we maintain about you and the ability to correct, amend or delete that information when it is inaccurate or has been processed in violation of the Principles by sending a written request as indicated in "Contact Information" below. We will review your request in accordance with the Principles, and may limit or deny access to Personal Information where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Principles.

If we intend to use your Personal Information for a purpose that is materially different from the purposes listed in this policy or if we intend to disclose it to a third party acting as a controller not previously identified, we will offer you the opportunity to opt-out of such uses and disclosures where it involves non-sensitive information or opt-in where sensitive information is involved.

When we process Personal Information in the context of our Services, we only process and disclose the data as necessary to provide the Services. Our customers control how the information they upload to the Services is disclosed and used, and how it can be modified. Accordingly, if you wish to request access, to limit use, or to limit disclosure of Personal Information uploaded to the Services by our customer, please contact the customer who submitted your data to our Services. If you provide us with the name of our customer that is processing your Personal Information, we will refer your request to that customer, and will support the customer as needed in responding to your request.

Recourse and Enforcement

We commit to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.

If you have any questions or concerns, please write to us at the address listed below. If you are an EEA or Swiss resident, we will investigate and attempt to resolve reasonable complaints and disputes regarding our use and disclosure of Personal Information in accordance with the Principles. If an issue cannot be resolved via our internal dispute resolution mechanism, EEA and Swiss individuals may contact or submit a complaint, at no cost, to EU Data Protection Authorities (DPAs). For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration before the Privacy Shield Panel as detailed in the Principles.

Measured Analytics, Inc. is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Changes to the Privacy Shield Privacy Policy

This Privacy Shield Privacy Policy may be changed from time to time, consistent with the requirements of the Privacy Shield. You can determine when this Privacy Shield Privacy Policy was last revised by referring to the "Last Updated" legend at the top of this page. Any changes to this Privacy Shield Privacy Policy will become effective when we post the revised version on our website.

Contact Information

If you have any questions, concerns or complaint regarding our privacy practices, or if you'd like to exercise your choices or rights, contact us.

Measured Analytics, Inc.
25 Taylor St, Office 625
San Francisco, CA 94102
United States
917.940.4036
support@metric.ai