Privacy Policy

November 1 2023

Your privacy is important to us and maintaining your trust is our priority. To ensure that your privacy is protected and your privacy choices are respected, we have set out in this privacy policy an explanation of our online information practices as well as the decisions you may make regarding how your information is collected and used when viewing our websites and their sub-domains or any additional service or affiliated service we provide therefrom (including: cheq.ai, clickcease.com, ensighten.com, essentials.cheq-platform.com the “Websites“, and the “Privacy Policy).

CHEQ AI Technologies (2018) Ltd. (“us”, “we” or “Company”) respect the privacy of our users (each, “you” or “User”) and are committed to protect the privacy of Users who access, visit, use or engage with our Websites.

We encourage you to read the Privacy Policy carefully and use it to make informed decisions. By using the Websites, you agree to the terms of this Privacy Policy and your continued use of the Websites constitutes your ongoing agreement to the Privacy Policy.

This Privacy Policy includes the following information:

What Type of Information We Collect, How We Collect It, and Legal Basis for Processing Personal Data
Cookies and Other Tracking Technologies
With Whom We Share the Information and For What Purpose
Third-Party Collection of Information
International Transfer
For How Long We Retain the Information
Your Privacy Rights
Marketing
How We Protect Your Information
Candidates Information
Minors
Updates or Amendments to the Privacy Policy
Controlling Version
Data Protection Officer
EU/UK Representative
How to Contact Us

What Type of Information We Collect, How We Collect It, and Legal Basis for Processing Personal Data

We may collect two types of data and information from our Websites Users.

The first type of information is unidentified and non-identifiable information pertaining to you, which may be made available or gathered via your use of the Websites (“Non-personal Information”). We are not aware of the identity from which the Non-personal Information is collected. Non-personal Information that is collected may include your aggregated usage information and technical information transmitted by your device, including certain software and hardware information about your device (e.g., the device you use, the type of browser and operating system your device uses, language preference, etc.), in order to enhance the functionality of the Websites. We may also collect information about your activity on the Websites (e.g., clicks, actions, etc.).

The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”, or “Personal Data”, as these terms are defined under the applicable privacy laws). For the avoidance of doubt, if we combine Personal Information with Non-personal Information, the combined information will be treated as Personal Information as long as it remains combined.

Subject to the stated below, we do not knowingly collect or process any Personal Data constituting or revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning a person’s health, government identifiers, precise geolocation or data concerning a person’s sex life or sexual orientation (“Special Categories of Personal Data”). The table below details the types of Personal Data we collect, the methods and purpose of such collection, and our lawful basis for processing such Personal Data (where the GDPR applies):

DATA TYPE	METHODS AND PURPOSE	LAWFUL BASIS
Technical Information; Websites Interaction: When you interact with our Websites, we may collect your online identifiers, such as Internet Protocol (IP) address, Cookie ID, or other unique identifiers (“Online Identifiers”).	Online Identifiers are used in particular to operate the Websites and enable their proper functionality, for example to automatically recognize you by the next time you enter the Websites or to confirm you are a real person.	To the extent we collect your Personal Data through our use of tracking technologies, such collection will be based on your consent which we will obtain through our cookie notice and consent mechanism, unless such tracking technologies are regarded as “strictly necessary” cookies (as described our Cookie Policy) which are required for the proper and basic operation of the Websites.
Account Information: When you register an account with our Websites (including any subsequent login to that account), you will be required to do so using your name, e-mail address, etc. (“Account Information”)	We collect your Account Information in order to provide you with our Websites and to respond to your inquiries.	We collect Account Information based on your consent. Further processing may be subject to our legitimate interests, including for the purpose of maintaining and providing our Websites.
Voluntary Contact Information: If you voluntarily contact us, through any means of communications we make available for support or other general inquiries (e.g., our ‘Get in Touch’ page) you will be required to provide us with certain information such as your name, your organization name (i.e., on behalf of which you contact us), email address, and any additional information you decide to share with us (“Contact Information”).	We process Contact Information to respond to your inquiry, and provide you with the support, materials, and information you have requested. The correspondence and its contents with you may be processed and stored by us in order to improve our customer service and in the event, we believe it is required to continue to store it, for example, in the event of any claims or in order to provide you with any further assistance (if applicable).	We process Contact Information subject to your consent. Further processing may be subject to our legitimate interest, for example for internal documentation and improvement of service purposes.
Marketing Information: When you sign up to our services, or when you subscribe to receive e-mail updates and newsletters, we may contact you through the contact details you provided (“Marketing Information“).	We may use the Marketing Information you provided us with for the purpose of sending you newsletters. You can unsubscribe at any time or inform us at any time if you no longer wish to receive our newsletter (see additional information under the “Marketing” section below).	The legal bases for processing Marketing Information are your consent (for example, when you subscribe to receive newsletters), and our legitimate interests. Our legitimate interests in this case are communicating with our clients and subscribers and notifying them of new products, features and services, as applicable.
Legal Matters	We may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Websites, to enforce our legal terms and conditions, to protect the security or integrity of our databases, and to take precautions against legal liability.	Such processing is based on our legitimate interests, which in this case are protecting our Websites and data, exercising our legal rights, and complying with our legal obligations.

Cookies and Other Tracking Technologies

We may use cookies and other technologies or methods of web and mobile analysis (e.g., Pixels, Google Analytics, etc.) to gather, store, and track certain information related to your access to and activity when you visit our Websites.

To learn more on what are “cookies” and how we use them and other technologies, please visit our cookies policy at: https://cheq.ai/cookie-policy/.

With Whom We Share the Information and For What Purpose

We do not disclose your Personal Information to third parties except as described in this Privacy Policy.

We may share Personal Information with the following recipients:

CATEGORY OF RECIPIENT	DATA THAT WILL BE SHARED	PURPOSE OF SHARING
Service Providers and Business Partners	All types of Personal Data	We may engage selected third-party companies and individuals to perform services complementary to our own (hosting services, data analytics services, data and cyber security services, fraud detection and prevention services, payment processing services, user engagement services, e-mail distribution and monitoring services, and our business, legal, financial and compliance advisors) (collectively, “Service Providers“). In general, these Service Providers may have access to your pseudonymized Personal Data in connection with hosting services, and data analytics services. However, for purposes of data and cyber security services, fraud detection and prevention services, payment processing services, user engagement services, e-mail distribution and monitoring services, as well as with our business, legal, financial and compliance advisors, we will share applicable Personal Data required for each respective purpose, and such Personal Data may only be used for such purposes.
Advertisers	All types of Personal Data	Only in the context of your use of our Websites, we may also use our third-parties and share with them Users’ information to assist us in evaluating the success of our advertising campaigns and help us retargeting our Users. You may opt-out of any third-party ad networks, including thoseoperated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information about this practice by NAI and DAA members, and your choices regarding having this information used by these companies, including how to opt-out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: http://optout.networkadvertising.org/#!/ and http://optout.aboutads.info/#!/.
Third Party Integrations	All types of Personal Data	Our Websites allow you to integrate with certain third-party services, in which case you will be bound by the terms of service and privacy notices of said third parties – so please make sure that you read and accept them in advance. We do not receive or store your passwords for any of these third-party services.
A merger or acquirement of our business	All types of Personal Data	We may share Personal Data in the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, our affiliated companies or acquiring company will assume the rights and obligations as described in this Policy.
Legal and law enforcement	Subject to law enforcement authority request	We may disclose certain data to law enforcement, governmental agencies, or authorized third parties, in response to a verified request relating to terror acts, criminal investigations or alleged illegal activity or any other activity that may expose us, you, or any other user to legal liability, and solely to the extent necessary to comply with such purpose.

We reserve the right to use, disclose or transfer (for business purposes or otherwise) aggregated and processed Non-Personal Data to third parties, including, inter alia, affiliates, for various purposes including commercial use.

When we share information with services providers, we ensure they only have access to such information that is strictly necessary for us to maintain the Websites. These parties are required to secure the Data they receive and to use the Data for pre-agreed purposes only while ensuring compliance with all applicable data protection regulations (such service providers may use other Non-Personal Data for their own benefit).

Third-Party Collection of Information

Our policy only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties via the Websites (e.g., by clicking on a link to any other website or location) or via other sites throughout the Internet, different rules may apply to their use or disclosure of the information you disclose to them.

You acknowledge that we are not responsible for the products, services, or descriptions of products or services that you receive from third-party sites or to the content or privacy practices of those sites, and that this Privacy Policy does not apply to any such third-party products and services. You are knowingly and voluntarily assuming all risks of using third-party sites to purchase products and services. You agree that we shall have no liability whatsoever with respect to such third-party sites and your usage of them.

International Transfer

We operate globally, and any information that we collect, disclose or share, including (but not limited to) your Personal Data, can be stored and processed in the European Economic Area, United Kingdom and United States, for the purposes detailed in this Policy. To the extent that the GDPR or UK GDPR are applicable, we will only transfer or share your Personal Data to data recipients:

located in the EEA or in the UK;
located outside the EEA or UK, in countries which have been approved as providing adequate level of data protection by the European Committee; or
with whom we have entered into a legal agreement ensuring an adequate level of data protection, such as the Standard Contractual Clauses approved by the European Committee or another legal data transfer mechanism.

For How Long We Retain the Information

Please note that unless you instruct us otherwise or as required by applicable law, we retain the information we collect for as long as needed to maintain the Websites and to comply with our legal obligations, resolve disputes and enforce our agreements. Information regarding a specific device is retained for the duration of the session in which such information was collected.

The retention periods are determined according to the following criteria:

where we have a valid business reason to process your Personal Data, such as the maintenance of our Websites or the provision of other services to you.
where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements.
where such information is required by us in order to defend ourselves from legal claims or exercise our legal rights.

Your Privacy Rights

Certain jurisdictions provide users with certain statutory rights to their Personal Information. Subject to exemptions provided by law, and with proper identification, you may have the right to request us to take certain actions with respect to your Personal Information, such as:

Right to know what Personal Information about you we have.
Right to access, change or update any Personal Information relating to you.
Right to request that we erase Personal Information about you.
Right to object or restrict us from processing Personal Information pertaining to you (for example, you may request that we will stop using or sharing your Personal Information with third parties); and
Right to receive a copy of your Personal Information processed by us, in a machine-readable format.

However, please note that these rights are not absolute, and may be subject to regulatory requirements.

If you wish to exercise any of these rights, contact us via the Data Subject Request form; When handling your request, we may ask for additional information to confirm your identity (which may include Personal Information). Please note that if you choose not to allow us to process your Personal Information, we may not be able to provide with our Websites or other services, as applicable, or their functionality may be adversely affected.

If you wish to raise a complaint on how we have handled your Personal Information, please contact us directly at: dataprivacy@cheq.ai.

If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with the laws, you can complain to the applicable data protection authority.

If the EU GDPR applies: The Data Protection Commissioner in Ireland at Canal House, Station Road, Portarlington R32 AP23 Co. Laois R32 AP23, Ireland.
If the UK GDPR applies: The Information Commissioner’s Office’s Data Protection and Personal Information Complaints Tool.

Marketing

You can opt out of receiving marketing communications and newsletters from us at any time, by contacting us at info@cheq.ai. Please note that even if you unsubscribe from our marketing mailing list, we may continue to send you service-related updates and notifications.

How We Protect Your Information

We take great care in implementing and maintaining the security of our Websites and your information. We employ industry standard procedures and policies to ensure the safety of your information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse the Websites, and we make no warranty, express, implied, or otherwise, that we will prevent such access. If you feel that your privacy was treated not in accordance with our policy, or if any person attempted to abuse the Websites or acted in an inappropriate manner, please contact us directly at: dataprivacy@cheq.ai.

Candidates Information

This Privacy Policy also applies to job applicants who apply for open positions through our Websites, and the information we process during the recruitment process. In this section we provide you with details outlining our processing of Candidate Information (as defined below). We provide these details separately to make it clear for job candidates to understand our privacy practices, however, please note that unless stated otherwise, this entire Policy is applicable to you as a Candidate and to our processing of your Candidate Information, and we encourage you to read it in its entirety to better understand how we process it.

What type of Personal Data we collect from candidates: In the event you apply for a position posted on our Website and submit your CV we will process the information included in the CV and the application form, including name, email address and phone number, employment history and education.

Additionally, as part of the recruitment process, we may collect information about your criminal convictions if it is appropriate, given the nature of the role and only where we are legally able to do so (“Candidate Information”).

How we collect Candidate Information and for what purpose: We will use Candidate Information to process your job application and for recruitment purposes.

Further, we may process Candidate Information in order to comply with corporate governance, legal and regulatory requirements (including the retention of such information).

The legal basis for processing Candidate Information: We collect Candidate Information through the application and recruitment process, either directly from candidates or sometimes from an employment agency or background check provider. To the extent permitted by applicable law, we may also collect additional information from third parties including former employers, credit reference agencies or other background check agencies or publicly available resources (such as social networks).

We process Candidate Information subject to your consent. We may also process it under our legitimate interest, which is performing a proper recruitment process for our candidates, record keeping and protection from potential legal claims.

With whom we share Candidate Information and for what purpose: We may share Candidate Information with other entities or personnel in our group, for example the company management and HR teams, or certain IT functions, consisting of a limited number of individuals who have a need-to-know such Candidate Information. In addition, we may share Candidate Information with recruiters working with us, hiring managers and other interviewers, as well as with talent acquisition systems provider.

Minors

The Websites are not designated to individuals under the age of majority, as defined in the applicable law in such individual’s jurisdiction of residence (“Minor”). If you are under 16 years old, you should not use the Websites or provide any Personal Information to us. We do not knowingly process Minor’s information and will discard any data we receive from a user that we find or reasonably suspect to be a Minor immediately upon discovery.

We reserve the right to access and verify any Personal Information collected from you. In the event that we become aware that a Minor has shared any information, we will discard such information. If you have any reason to believe that a Minor has shared any information with us, please contact us at: dataprivacy@cheq.ai.

Updates or Amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on our Websites (as reflected in the “Last Updated” section at the bottom). In the event of a material change to the Privacy Policy, we will notify you through the Websites or via email. We encourage you to review this Privacy Policy regularly for any changes. Your continued use of the Websites, following the notification of such amendments, constitutes your acknowledgment and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.

Controlling Version

This Policy has been drafted in the English language, which is the original and controlling version of this Policy. All translations of this Policy into other languages shall be solely for convenience and shall not control the meaning or application of this Policy. In the event of any discrepancy between the meanings of any translated versions of the Policy and the English language version, the meaning of the English language version shall prevail.

Data Protection Officer

The Company has a Data Protection Officer who is responsible for matters relating to privacy and data protection. If you have any questions about this Policy, please contact our Data Protection Officer, at: DPO@cheq.ai.

EU/UK Representative

We also have representatives in the EU and the UK responsible for matters relating to data subjects in their respective jurisdictions. Our representatives are:

EU Representative: European Data Protection Office (EDPO), Link
UK Representative: EDPO UK LTD, Link

How to Contact Us

If you have any general questions regarding the Websites or the information that we collect about you and how we use it, please contact us at dataprivacy@cheq.ai.

Last Updated November 1 2023