Privacy Policy

Purpose of this policy

At EPICA, we are committed to protecting your data. We also work very hard at being transparent about the information we hold about you and our clients. Using data allows us to develop a better understanding of how you and other users interact with our communications, and in turn to provide you with relevant and timely information about the work that we do. Data also helps us to engage with current and potential customers.

EPICA collects personal data in the course of our business. The definitions of personal data vary depending on the laws where you are located. For example, in the European Union (EU), personal data is defined broadly, and would include data that may used to contact or identify a person (e.g., email, telephone number) as well as pseudonymous data that is generally only able to identify a computer, browser or a mobile device. EPICA will explain the different types of personal data below, and will try to be clear when we’re describing our use of each throughout this Policy.

Epica commits to strong, secure and transparent privacy practices. Our Privacy Policy explains:

1) What information we collect and why we collect it
2) How we use this information
3) The choices we offer, including how to access, update and remove information

Effective as of September 26, 2018

EPICA (“Epica”, “we”, “us”, “our”) provides this “Privacy Policy” to inform our users of our policies and procedures regarding the collection, use and disclosure of personally identifiable information that we receive when they visit and http://www.epica.ai site (collectively, the “Sites”), and when they use any of Epica’s services like the EPICA platform owned by Epica. For ease of reading in this Privacy Policy, the Sites and our services are collectively referred to as the “Service(s).” This Privacy Policy applies only to information that you provide to us when you use the Sites or the Service.

European Union should be sure to read the important information provided HERE.

If you have any questions, please contact our Data Protection Officer using the contact details at the end of this policy.

EPICA Platform’s Service and Client User Data

Customers of our Service (“Clients”) use it to collect information about how their own users use Client websites, applications, services (“Client Services”) and related third-party applications (“Client User Data”); more efficiently route their Client User Data to their own third party applications/services; and control the exchange of the Client User Data between their own third party applications/services.

EPICA allows our Clients to unify your customer data and connect it anywhere to improve marketing performance, enhance analytics, and transform the customer experience.

Client User Data may include, without limitation, information about the identity of Client users (such as name, postal address, e-mail address, and IP address), as well as information about the features that they use, the pages that users visit and the actions that they take while using the Client Services.

This Privacy Policy does not apply to Client User Data or to Client Services, and we are not responsible for our Clients’ handling of Client User Data. Our Clients have their own policies regarding the collection, use and disclosure of your personal information. To learn about how a particular Client handles your personal information, we encourage you to read the Client’s privacy statement. Our use of Client User Data provided by our Clients in connection with our Services is subject to the written agreement between Epica and Client. This Privacy Policy also does not apply to websites, applications or services operated by other parties or that display or link to different privacy statements.

Information We may Collect about you

We collect personal information about you in the following ways:

Information provided by you

When you sign up to our newsletters, request marketing materials, register for an event or sign into the platform, we will store the PII you give to us such:

  1. Identity information, such as your first name, last name, username or similar identifier, title, date of birth and gender;
  2. Contact information, such as your postal address, email address and telephone number;
  3. Profile information, such as your username and password, interests, preferences, feedback and survey responses;
  4. Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Service, receive customer support or otherwise correspond with us;
  5. Usage information, such as information about how you use the Service and interact with us;
  6. Marketing information, such your preferences for receiving marketing communications and details about how you engage with them

Information we get from others

We obtain additional information about you from third party sources to enrich your experience on the Epica website and provide you with more relevant information related to our service offerings.

Information automatically collected

Our site is primarily directed to our clients and prospective clients (our “Clients”) which are generally businesses. We collect personal data via the Sites that can be used to identify or contact a unique person (“PII”). We generally will only collect PII via the Site when you provide it directly to us (we refer to this information as “Log Data”).

You may provide PII such as an email address or a telephone number by sending us an email or filling out a form on the Site. In addition, Log Data may include information such as the Operating System running on your device, Internet Protocol address, access times, browser type and language, and the website you visited before visiting our Site.

Prospective employees may also send their resume that includes their postal address and other employment details. And our Clients may register via the Site with their email address and other contact details.

We automatically collect information using “cookies” and Web beacons. HTTP Cookies are a small piece of data sent from a website and stored onthe user\’s computer by the user\’s web browser that may be used on ourSite or in our emails. Among other things, cookies help us improve ourSite, our marketing activities, and your experience. We use cookies tosee which areas and features are popular and to count visits to ourSite. Once you enter to our website, you can choose to set your browserto remove cookies and / or to reject cookies. If you choose to removecookies or reject cookies, this could affect certain features orservices of our Site. For more information about cookies and webbeacons, please visit www.epica.ai/cookies. In addition, we use thisinformation to administer the Service and we analyze (and may engagethird parties to analyze) this information to improve and enhance theService by expanding its features and functionality and tailoring it toour users’ needs and preferences.

EPICA does not take action in response to “Do Not Track” browser signals from users visiting the Sites.

Sensitive personal information

Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise.

If you send or disclose any sensitive personal information to us (such as when you submit user generated content to the Site), you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not provide it.

However, If you fail to provide PII required…

Where we need to collect PII by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with more information about an event). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

Children under 13

We do not knowingly contact or collect information from children under 13. If you believe we have inadvertently collected such information, please contact us so we can promptly obtain parental consent or remove the information. If you are under 16, or the age of majority in the jurisdiction in which you reside, you may only use the EPICA Site and EPICA Services with the consent of your parent or legal guardian.

Changes to your personal information

It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at privacy@epica.ai.

How We Use Your Personal Information

We will only use your information when the law allows us to. Most commonly, we will use your information in the following circumstances:

  1. Where we need to perform the contract we are about to enter into or have entered into with you (e.g., where we process your email address in order to access our systems or for billing purposes);
  2. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  3. Where we need to comply with a legal or regulatory obligation;
  4. Where we have your explicit consent before using information. However, generally we do not rely on consent as a legal basis for processing personal data and you have the right to withdraw consent to marketing at any time by contacting us. You will find the relevant contact details at the end of this policy.

Use of PI to provide the Service

We use the information we collect primarily to provide, maintain, protect and improve our current services, to develop new ones and to manage Client accounts and human resources functions.

We use PI for the general purpose it was provided.

For example, if you ask a question about our products and services, we may send you an email in response, and might even have a salesperson contact you to gauge your interest in learning more about our services.

In general, we may use your information to:

  1. Improve our services, Site and how we operate our business;
  2. Understand and enhance your experience using our Site, products and services;
  3. Provide and deliver products and services you request;
  4. Link or combine it with other information we get from third parties, to help understand your needs and provide you with better service;
  5. Send you related information, including confirmations, invoices, technical notices, updates, security alerts and support and administrative messages;
  6. Communicate with you about promotions, upcoming events and news about products and services offered by EPICA and our selected partners;
  7. Protect, investigate and deter against fraudulent, unauthorized or illegal activity.

Epica may store and process PI in the United States and other countries. By using our Platform as a Client, you consent to this transfer of your information into the U.S.

To communicate with you

If you request information from us, register for the Service or participate in our surveys, promotions or events, we may send you Epica-related marketing communications if permitted by law but will provide you with the ability to opt out. In general, we may use information to:

  1. Respond to your comments or questions and allow our Services team to provide service;
  2. Send you related information, including confirmations, invoices, technical notices, updates, security alerts and support and administrative messages;
  3. Communicate with you about promotions, upcoming events and news about products and services offered by Epica and our selected partners;

We use data that we have stored about you, such as contact preferences you may have told us about.

We use our legitimate organizational interest as the legal basis for communications by email and for the collection of PII in the context of our sales and marketing activities where we have evaluated that our interests are not overridden by your fundamental rights. We will give you an opportunity to opt out of receiving electronic communications. If you do not opt out, we will provide you with an option to unsubscribe or manage your preferences in every email that we send you subsequently. Alternatively, you can use the contact details at the end of this policy to update your contact preferences.

To comply with law

We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

We may use or share your personal information with your consent, such as when you consent to let us post your testimonials or endorsements on our Site, you instruct us to take a specific action with respect to your personal information or you opt into third party marketing communications.

To create anonymous data for analytics

We may create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes.

For compliance, fraud prevention and safety

We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Service; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. In general, we may use information to:

  1. Protect, investigate and deter against fraudulent, unauthorized or illegal activity.

Platform data collection and how EPICA processes that information

Our Platform is designed to allow our Clients to better understand how their customers, prospective customer and other individuals (their “Users”) utilize the products and services offered by our Clients. The platform provides our Clients with the ability to collect information based on User interaction with their mobile application(s), mobile website(s) or other digital properties where Clients have integrated with the Platform (collectively, “Client Digital Properties”) and send communications to such Users.

Some information is automatically collected from or about Users when they use Client Digital Properties. The types of information collected via Client Digital Properties for the Platform includes: the date/time for a visit to a Client Digital Property, referrer information such as what search engine and search keywords Users may have used to get to a Client Digital Property, information about the browser or device your User is on such as their Operating System, as well as the city/country location of Users, and any pseudonymous tokens and mobile advertising IDs (e.g., IDFA in iOS). In addition, our Clients can choose what other User data they want to collect and store on the platform such as an IP address, location information, a User’s age, user names, real names, email addresses and other custom data points as determined by each Client.

We contractually prohibit Clients from placing sensitive information (e.g., passwords, authentication credentials, credit cards, social security or driver’s license numbers) or information that is deemed sensitive by applicable law or self-regulatory codes such as the Digital Advertising Alliance. EPICA functions strictly as the data processing agent of our Clients. As a data processor and agent of our Clients, EPICA processes data via the platform as directed by our clients and for no other purposes. Accordingly, other than those aforementioned restrictions, the data stored on the Platform is subject to the privacy policies of each Client.

How We Share your Personal Information

Sharing of information, onward transfer

There are certain circumstances under which we may disclose your information to third parties. These are as follows:

  1. With third-party agents who work on our behalf as sub-processors, provided such third parties agree to adhere to the same privacy principles as EPICA;
  2. To protect the rights and property of EPICA, our agents, Clients and others including enforcement of our agreements, policies and terms of use;
  3. In an emergency, including protection of the personal safety of any person;
  4. For the purposes of a business deal (or negotiation of a business deal) involving sale or transfer of all or a part of our business or assets (business deals may include, for example, any merger, financing, acquisition, divestiture or bankruptcy transaction or proceeding);
  5. As required in response to a lawful request by public authorities, including meeting of national security or law enforcement requirements;

In cases of onward transfer to third parties of data of EU or Swiss resident received pursuant to the standard contractual Clauses, EPICA is potentially liable.

Our privacy policy does not cover any third-party websites services. To learn about those third parties’ privacy practices, please visit their privacy policies.

We do not sell PII collected via the Sites or collected pursuant to our sales and marketing activities to third parties for any purpose.

Your Choices

Access, Update, Correct or Delete Your Information

All Epica account holders may review, update, correct or delete the personal information in the EPICA Platform. Epica’s Clients may also contact us at privacy@epica.ai to accomplish the foregoing or if you have additional requests or questions. If you are a job applicant and have provided this kind of information, you can also contact us via e-mail to request to see the information we have in our systems.

Access to Data Controlled by our Clients

The individuals whose personal information is contained within the Client User Data processed by our Service may review, update, correct or delete the personal information in the EPICA Platform by sending a request from here. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our Clients may also direct their request the Client. You may also contact us at privacy@epica.ai if you have additional questions or concerns.

If you are a California resident, you may ask us to refrain from sharing your personal information with certain of our affiliates and other third parties for their marketing purposes. Please tell us your preference by contacting us as specified below.

Tracking and Targeted Advertising

We may allow service providers and other third parties to use cookies and other tracking technologies to track your browsing activity over time and across our Site and third party websites. We may also partner with a third party ad network to either display advertising on our Site, to manage our advertising on other sites, or to provide you targeted advertisements based upon your interests on our Site or on third party sites. You may opt out of receiving promotional emails from EPICA by following the instructions in those emails. If you opt out, we may still send you non-promotional emails, such as emails about your EPICA projects or our ongoing business relationship. An individual wishing to limit the use or sharing of their data should contact email privacy@epica.ai. EPICA will respond within ninety (90) days to any request to delete your information. Individuals who have provided information directly to one of EPICA’s Clients must send follow-up requests to change or delete such information to that particular EPICA Client.

In some of our communications, we use tracking means, such as a “click-through URL” linked to content on the Site. We track this data to help us measure the effectiveness of our customer communications.

Choosing not to share your personal information

Where we need to collect your personal information by law, or to be able to provide the Service to you and you do not provide that information when requested (or you later ask to delete it), we may not be able to provide you with the Service and may need to cancel your service. We will tell you what information you must provide to receive the Service by designating it as required in the Service or through other appropriate means.

Information Security

The security of your personal information important to us. We take a number of organizational, technical and physical measures designed to protect the personal information we collect, both during transmission and once we receive it.

We will ensure that any third parties we use for processing your information do the same and that they will only process your information on our instructions. The third parties will also be subject to a duty of confidentiality.

We take reasonable steps to help protect your information in an effort to prevent loss, misuse, unauthorized access, disclosure, alteration and destruction.

It is your responsibility to protect your usernames and passwords to help prevent anyone from accessing or abusing your accounts and services. You should not use or reuse the same passwords you use with other accounts as your password for our services. We encrypt transmission of data on pages where you provide payment information or otherwise provide sensitive information. However, no security or encryption method can be guaranteed to protect information from hackers or human error. Information we collect may be stored or processed on computers located in any country where we do business. EPICA may store and process PII in the United States and the European Economic Area. By using our Platform as a Client, you consent to this transfer of your information into the U.S.

International Transfer

Epica is headquartered in the United States and has affiliates and service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.

European Union users should read the important information provided here about transfer of personal information outside of the European Economic Area.

Other Sites and Services

The Service may contain links to other websites and services. These links are not an endorsement, authorization or representation that we are affiliated with that third party. We do not exercise control over third party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.

Social Media Widgets

Our Site may include social media features, such as the Facebook “like” button and widgets, such as the “share this” button. These features may collect your personal information and track your use of the Site. These social media features are either hosted by a third party or hosted directly on our Site. Your interactions with these features are governed by the privacy policy of the company providing such functionality.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy you will be notified via e-mail (if you have an account where we have your contact information) or another manner through the Service that we believe reasonably likely to reach you (which may include posting a new privacy policy on our Site – or a specific announcement on this page or on our blog).

Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting). In all cases, your continued use of the Service after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.

Questions?

If you have any questions or concerns at all about our Privacy Policy, please feel free to email us at privacy@epica.ai.

Or if you are feeling old fashioned, use snail mail:

PODERIO, Inc.
33 Irving Place, 3rd floor
New York, New York, 10003 USA
Attention: Data Protection Officer – General Counsel

If you are located in Latin America, please write to:

PODERIO, SAS.
Cra. 11B Nº 96-54, Suite 201, Bogotá
Attention: Data Protection Officer – General Counsel

If you are located in Europe, please write to:

EPICA
Sepapaja tn 6 15551, Tallinn, Estonia
Attention: Data Protection Officer – General Counsel

Additional information for the European Union

In addition, if you reside in the European Economic Area, you may identify the relevant data controller for your personal information in accordance with the section “Relevant Data Controller” in the EEA Addendum below.

Personal information

References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Epica is the processor of your personal information for purposes of European data protection legislation. Our Data Protection Officer can be reached at privacy@epica.ai

We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at privacy@epica.ai.

Processing purposeLegal Basis
To provide the ServiceProcessing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service
To communicate with you

To create anonymous data for analytics

For compliance, fraud prevention and safety
These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with lawProcessing is necessary to comply with our legal obligations
With your consentProcessing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at privacy@epica.ai.

Use for new purposes

We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Data retention

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

EPICA retains Client data for so long as you remain as a Client and will delete Client’s information within 12 months of either party’s termination of applicable Client agreement upon written request.

We retain User level data on the Platform as directed by our Clients and for a reasonable time thereafter for audit purposes and as otherwise required by law.

Your rights

European data protection laws give you certain rights regarding your personal information. EPICA acknowledges that EU and Swiss individuals have certain legal rights including the right to complain to en EU supervisory authority and the right to access the personal data that we maintain about them. An EU or Swiss individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to mailto:privacy@epica.ai If requested to remove data, we will respond within 30 days. Please note that EPICA is a processor of the data contained on the Platform. If you seek to exercise data subject access rights for data processed via the Platform, we ask that you reach out to EPICA’s Clients.

Under these circumstances, you have rights under data protection laws in relation to your personal data, as follows:

Please note that EPICA is a processor of the data contained on the Platform. If you seek to exercise data subject access rights for data processed via the Platform, we ask that you reach out to EPICA’s Clients.

You can submit these requests by email to privacy@epica.ai or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at privacy@epica.ai or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Access to your personal data

If you are an EPICA Client, you can sign into your account to see any PII we have stored, such as your name, email, address or phone number. You can also contact us by email to request to see this information.

If you are a job applicant and have provided this kind of information, you can also contact us via e-mail to request to see the information we have in our systems.

Cross-Border Data Transfer From EEA

Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation:

  1. Contracts approved by the European Commission, which impose data protection obligations on the parties to the transfer. For further details, see European Commission Model contracts for the transfer of personal information to third countries.
  2. For transfers to third parties in the United States, ensuring they participate in the E.U.-U.S. Privacy Shield Framework

Please Contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.