DemandLab is committed to protecting the privacy of our users and has created this GDPR Compliance Statement in order to describe and explain to users our information collection practice.
If you have any questions or concerns in connection with DemandLab’s information collection practice summarized in this Statement, please send an email to email@example.com stating your questions or concerns. Alternatively, the postal address is:
The Types of Personal Data That We Collect
DemandLab may collect personal data from individuals from the European Economic Area (“EEA”) who visit our public-facing website (“EEA Website Visitors”), and individual representatives of our current and potential corporate customers, suppliers and business partners from the EEA (“EEA Business Contacts”).
From EEA Website Visitors, DemandLab may collect the individual’s name, phone number, email address, mailing address and IP address. From EEA Website Visitors applying for employment, DemandLab may also collect the individual’s driver’s license number, passport number, social security number, marital status, family member information, financial information and professional career/employment information.
From EEA Business Contacts, DemandLab may collect the individual’s name, business phone number, business email address, IP address, company name and company mailing address.
Purposes for the Processing of Personal Data; Legal Basis
DemandLab processes the personal data of EU data subjects for the purposes of:
- Evaluating job candidates for positions for which they have applied;
- Identifying prospective customers, marketing our services, and building our mailing list for information distribution;
- Communicating with corporate business partners about business matters and conducting related tasks for legitimate business purposes;
- Meeting legal or regulatory requirements and DemandLab’s internal policies;
- Other purposes disclosed at the time of collection; and
- Processing client data as a data processor (i.e., at the direction of our clients, who are the data controllers).
We process personal data provided by EEA Website Visitors and those applying for employment with DemandLab on the basis of consent you give to DemandLab when you submit the personal data. For all other data subjects, such processing is in the legitimate interest of DemandLab and the respective data subject in order to promote a business relationship.
Recipients of Personal Data
We do not sell, rent, share, or otherwise dispose of the personal data collected to third parties. We may, however, disclose your personal data when required by law or in the good-faith belief that such disclosure is necessary to comply with law.
In addition, as a service provider (data processor) to its clients (data controllers), DemandLab may be in possession of client data that contains information defined as personal data. In performing these services, DemandLab does not process, store, or handle personal data in any other manner other than that directed by the primary data controller. Accordingly, DemandLab does not share, uniquely identify, or in any way use personal data for any commercial purpose other than that defined by the controller. In some cases, in accordance with our client agreements, we may disclose personal data with a subcontractor contracted to provide services on our behalf, in order to provide service to our clients.
Transfer of Personal Data to a Third Country
DemandLab’s primary business operations are not in the EEA, and as such personal data collected by DemandLab may be stored or processed in the United States or in any other country where DemandLab or its affiliates, subsidiaries, or third-party service providers maintain facilities. EU data subjects who provide personal data to DemandLab consent to the processing and transfer of that data to the United States and other locations outside of the EEA, including to countries with laws that may not provide the same level of protection of personal data.
DemandLab may also execute agreements with third parties for the transfer of personal data outside of the EU using European Commission-approved Standard Contract Clauses.
Personal data is retained by DemandLab no longer than necessary to fulfil the purposes for which it was collected (e.g., to execute obligations to former employees to provide post-employment benefits) or as agreed upon under applicable contracts with clients or business partners.
Access to, Modification and Deletion of Personal Information
Please use the DemandLab Data Subject Access Request page to request information on what applicable data DemandLab has on file for a data subject. For questions about the collection of personal data by DemandLab, or to exercise for legitimate purposes the right to access, correct, update, or delete such, as provided under applicable law, please contact:
Please help us to keep your data accurate by informing us of any personal data change promptly.
There may be cases where restrictions on the amount of information that can be disclosed to data subjects under applicable law (for example, if that would necessarily involve disclosing information about another person). DemandLab is permitted to withhold some types of personal data in certain circumstances, subject to applicable local law requirements. If there is a dispute, please contact the DemandLab privacy officer at the above address. In addition, data subjects have the right to lodge a complaint with a supervisory authority.
Right to Withdraw Consent
Data subjects whose processing is based upon consent may withdraw that consent at any time; however, DemandLab will not be able to provide or continue to provide services or marketing communications to the data subject.
Changes to This Statement
We may update this GDPR Compliance Statement to reflect changes to our practices or applicable laws. If we make any updates, we will notify data subjects by means of a notice on this Statement. We encourage EEA Website Visitors, EEA Business Contacts, and others to periodically review this page for the latest information on our privacy practices.