Welcome to DataTempo, a leading data tech company. We understand that your
data is not just an asset—it's the lifeblood of your business. And we are committed to
safeguarding the privacy of our users and clients. That's why we've invested in state-ofthe-
art security protocols to ensure that your data is handled with the utmost integrity,
confidentiality, and availability. Below is an overview of how we're committed to keeping
your data safe, secure, and accessible only by you.
This Privacy Policy provides comprehensive details about the information we collect,
how we use it, and your rights and choices. This policy applies to all personal
information collected by DataTempo via our website located at https://datatempo.ai
As per the Privacy Act 1988 (Cth), "personal information" is defined as information or an
opinion about an identified individual or an individual who is reasonably identifiable:
a. Whether the information or opinion is true or not.
b. Whether the information or opinion is recorded in a material form or not.
If the information does not disclose your identity or enable your identity to be
ascertained, it will in most cases not be classified as "personal information" and will not
be subject to this privacy policy.
The personal information which we collect and hold about you may include:
a. Personal Information: Such as name, address, email address, phone number,
and other identifiers.
b. Usage Data: Information about how you use our services and website.
c. Technical Data: IP address, login data, browser type and version, time zone
setting and location, browser plug-in types and versions, operating system, and
platform.
d. Cookie ID: A unique device ID generated for every new device which interacts
with our advertisements or website tracking.
e. Mobile Advertising ID: Technical ID in Mobile App Environments.
f. Cross-Device IDs: User ID generated by DataTempo using algorithms to
link devices and identifiers belonging to the same user.
g. Partner IDs: Pseudonymous IDs exchanged with partners to enable our
Services.
The personal information which we collect and hold about you may include:
a. Personal Information: Such as name, address, email address, phone number,
and other identifiers.
b. Usage Data: Information about how you use our services and website.
c. Technical Data: IP address, login data, browser type and version, time zone
setting and location, browser plug-in types and versions, operating system, and
platform.
d. Cookie ID: A unique device ID generated for every new device which interacts
with our advertisements or website tracking.
e. Mobile Advertising ID: Technical ID in Mobile App Environments.
f. Cross-Device IDs: User ID generated by DataTempo using algorithms to
link devices and identifiers belonging to the same user.
g. Partner IDs: Pseudonymous IDs exchanged with partners to enable our
services.
h. Detect traffic that is not "real" traffic, and prevent fraudulent activities.
We use the information we collect to:
a. Provide, maintain, and improve our services.
b. Respond to your requests, comments, or questions.
c. Send you technical notices, updates, and support messages.
d. Monitor and analyse trends, usage, and activities in connection with our services.
e. Detect, investigate, and prevent fraudulent transactions and other illegal
activities.
f. Analyse and report on advertising performance.
g. Improve online advertising experience and efficiency.
h. Detect traffic that is not "real" traffic, and prevent fraudulent activities.
i. Facilitate the process of buying and selling online advertising.
For support, additional requests, or any privacy-related concerns, you can reach out to
our Data Protection Officer at info@datatempo.ai
Australian Privacy Principle 12 permits you to obtain access to the personal information
we hold about you in certain circumstances, and Australian Privacy Principle 13 allows you to correct inaccurate personal information subject to certain exceptions. If you would like to obtain such access, please contact us as set out above.
If you have a complaint concerning the manner in which we maintain the privacy of your
personal information, please contact us as set out above. All complaints will be
considered, and we may seek further information from you to clarify your concerns. If
we agree that your complaint is well-founded, we will, in consultation with you, take
appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you
may refer the matter to the Office of the Australian Information Commissioner.
Your personal information may be transferred to recipients located in other parts of the
world. This may include one of our partners like LiveRamp or platform partners like
Adform or Microsoft Azure’s data centres. We adhere to all of the required data
protection laws which protect personal information in a way which is at least
substantially similar to the Australian Privacy Principles. In these circumstances, we do
require these overseas recipients to comply with the privacy principles relevant to their
Jurisdiction.
We monetise the data we collect through various channels, as per our data reseller
agreements. While we monetise this data, we prioritise the privacy of individuals. The
data we sell is aggregated and anonymised via LiveRamp, ensuring that individual
identities are not disclosed. However, it's essential to understand that the nature of our
business requires the processing of personal data to provide valuable insights.
Given the nature of our business and the vast amounts of data we handle, we have
stringent data protection measures in place. We ensure that all data is stored securely,
and access is restricted to authorised personnel only. Our commitment to data
protection is unwavering, and we continuously update our security protocols to address
emerging threats.
At DataTempo, we take data privacy and compliance very seriously. We have a
dedicated team of approximately 30-40 professionals, including data specialists,
developers, analysts, and tech support personnel, who are well-equipped to handle data
subject rights requests effectively and efficiently.
Furthermore, we make use of LiveRamp to anonymise data, and create RAMP IDs
before pushing the data through to our DSP/DMP. Our data practices are GDPR, CCPA
and ISO 27001 compliant, and our partnerships with some of the biggest tech
corporations in the industry like Microsoft, LiveRamp and Adform speak for our
responsible practices.
We offer you the right to:
a. Right to Be Informed: We ensure that data subjects are informed about the
processing of their data through transparent privacy policies and
communications.
b. Right of Access: We have the ability to provide data subjects with access to
their personal data upon request. Our systems enable us to retrieve individual
customer profiles promptly.
c. Right to Rectification: We have processes in place to rectify inaccuracies or
incomplete personal data promptly upon receiving a request from a data subject.
d. Right to Erasure: Our team can facilitate the erasure of personal data in
accordance with legal requirements, ensuring compliance with the right to be
forgotten.
e. Right to Restrict Processing: We are capable of restricting the processing of
personal data when requested, ensuring that it is not used for further processing.
f. Right to Data Portability: Data subjects can request the transfer of their
personal data to another organisation, and we have mechanisms in place to
facilitate such transfers securely.
g. Right to Object: We respect data subjects' right to object to the processing of
their personal data for specific purposes.
Moreover, our commitment to compliance means that we can complete the above
actions within a timeframe of 48 hours, as required by data protection regulations.
We understand the importance of data subject rights and remain dedicated to upholding
the highest standards of data privacy and security.
Commitment to Purpose-Limited Data Utilization
In our unwavering commitment to the trust and privacy of our clients, DataTempo
strictly adheres to the principle of purpose-limited data utilization. We hereby affirm that:
a. Exclusive Use for Intended Purposes: All client data collected, processed, or
handled by DataTempo is used exclusively for the purposes for which it was
originally intended, as explicitly communicated to and agreed upon by our clients.
This includes, but is not limited to, the provision of our services, improvement of
user experience, and compliance with legal obligations.
b. Prohibition of Secondary Use: Under no circumstances will client data be
utilized for secondary or unrelated purposes without the explicit and informed
consent of the client. This encompasses a prohibition on the sale, transfer, or use
of client data for external marketing, research, or any commercial activities not
directly related to the agreed-upon services.
c. Safeguards and Compliance: We implement rigorous safeguards and
compliance measures to ensure that all team members, processes, and
technologies align with this commitment. Regular audits and reviews are
conducted to verify adherence to this principle.
d. Transparency and Accountability: DataTempo maintains a policy of
transparency with our clients regarding data utilization practices. Any changes to
the purpose of data usage will be communicated promptly and will require explicit
client consent.
e. Client Empowerment: Clients reserve the right to inquire about the specific uses
of their data, request limitations on data utilization, or withdraw consent for
certain uses, in accordance with applicable data protection laws and regulations.
By integrating this clause into our Privacy Policy, we reinforce our dedication to ethical
data practices and the protection of our clients' privacy and trust.
ISO 27001: Best Practices in Data Security
We have been maintaining strict ISO 27001 security standards since we got officially
certified in 2020. While we are currently renewing the certification, we continue to
adhere to the rigorous standards set by this internationally recognised system for
managing information security. Our compliance ensures that we have robust processes
in place to assess and minimise risks.
Microsoft Azure Cloud: A Secure Foundation
Our platform is hosted on Microsoft's Azure cloud services—a trusted name in cloud
computing. Azure comes with a plethora of built-in security features that help safeguard
your data, such as advanced threat detection, multi-factor authentication, and stringent
access controls.
a. Azure Databricks: For big data analytics and processing, we rely on Azure
Databricks which offers an enterprise-level security model.
b. Data Residency: All data is stored exclusively in Azure data centers located in
Australia, ensuring that it complies with data sovereignty laws.
a. Role-Based Access Control (RBAC): We employ RBAC to ensure that only
authorised individuals have access to specific information within the platform.
b. Regular Audits: We conduct regular security audits to ensure the ongoing
integrity of our system and to make sure we are consistently aligned with industry
best practices.
c. Data Backups: We perform regular backups to ensure data integrity and
availability. In the event of a system failure, we can quickly restore your data.
d. Compliance Updates: Our team is consistently updated on new laws and
regulations affecting data security to make sure we're always in compliance.
GDPR and CCPA: Committed to Global Standards
The general data protection regulation (GDPR) is a new data protection regulation in the
European Economic Area (EEA) replacing data protection directive 95/46/EC (data
protection directive) which was designed to harmonise data compliance requirements
across the EEA and protect all EU citizens' data privacy, effective from May 25, 2018.
The GDPR applies to all organisations established in the EEA and to organisations,
whether or not established in the EEA, that process the personal data of EEA data
subjects in connection with either the offering of goods or services to EEA data subjects
or the monitoring of behavior that takes place within the EEA.
The GDPR lays out responsibilities for organisations to ensure the privacy and
protection of personal data, as well as providing certain rights to data subjects.
Some of the key privacy and data protection requirements of the GDPR include:
a. Incorporating organisational and technical mechanisms to protect personal data
in the design of new systems and processes
b. Requiring the consent of subjects for data processing where user consent is the
lawful basis for certain business practices
c. Requiring certain companies to appoint a data protection officer (DPO) to
oversee GDPR compliance
d. Providing data breach notifications
e. Safely handling the transfer of data across borders
In preparation for GDPR, we closely analysed the requirements of the GDPR and
implemented enhancements to its products, processes, and policies on an on-going
basis. In the lead up to, and the period after GDPR went into effect, we have worked to
support our clients and partners in their own GDPR compliance initiatives.
We are in an a-typical position as we as a company have always had the policy of only
processing pseudonymous data which means that no directly identifiable data is allowed
onto the platform. We use LiveRamp to anonymize data like names, emails, phone
numbers and similar data. However, if opted into our CDP services, we offer you a
unified view of all your first-party customer data exclusive to you. The database is
scanned daily for violation by algorithms as well as manually. Furthermore, several
measures like IP truncation are also enforced automatically and through violation scans.
We have actively enforced policies to avoid sensitive data. We fully support opt-out
frameworks and provide full disclosure of our activities to clients and data subjects.
This means we adhere to stringent data protection requirements and are committed to
respecting the privacy and rights of our users, no matter where they are located.
In some circumstances, the European union general data protection regulation (GDPR)
provides additional protection to individuals located in Europe. However, our website
does not specifically target customers located in the European union, and we do not
monitor the behavior of individuals in the European union. Accordingly, the GDPR does
not apply.
When it comes to securing your data, we at DataTempo believe in a no-compromise
approach. With a foundation built on best practices and the robust Azure
cloud infrastructure, your data is in safe hands. Rest easy, focus on what you do best,
and let us handle the security of your data.
For further questions and consultations, please don't hesitate to reach out to our
security team.
We may update our Privacy Policy from time to time. We will notify you of any changes
by posting the new Privacy Policy on this page and updating the "Last Updated" date at
the top.
For any questions, concerns, or clarifications about this Privacy Policy, or if you wish to
exercise any of your rights, please contact our Data Protection Officer at
info@datatempo.ai.
