Privacy Policy

Last updated: January 20, 2021

We recognize the importance of privacy and are committed to protecting the personal data of our clients and prospective clients, as well as other users of our websites and services. This privacy policy (“Policy”) explains how Perceptyx, Inc. and our subsidiaries and affiliates (“Perceptyx”, “we”, “our”) handle the personal data that we collect and process about clients, prospective clients and users of our websites, products and services (collectively referred to as the “Services”), as well as other individuals who otherwise engage or communicate with us about our Services. Unless specified otherwise, Perceptyx is the controller of your personal data subject to this Policy.

California Consumer Privacy Act (“CCPA”). If you are a California resident, please review Section 13a, Additional Information for California Residents, below for important information about how we collect, use and disclose personal data about California residents and your rights under the CCPA.

Table of Contents

  1. Scope
  2. Personal data we collect
  3. Purposes and legal bases of use
  4. Disclosures of Personal Data
  5. Cookies
  6. How long does Perceptyx store your personal data?
  7. How do we secure your personal data?
  8. Your choices and rights
  9. International Transfers
  10. Children
  11. Contact Us
  12. Additional Information for Individuals in Certain Jurisdictions

1. Scope

This Policy applies to the personal data that we collect and process on our own behalf, as a “controller” or a “business” under applicable privacy laws.

Personal data. In this Policy, our use of the term “personal data” includes other similar terms under applicable privacy laws—such as “personal information” and “personally identifiable information.” In general, personal data includes any information that identifies, relates to, describes, or is reasonably capable of being associated, or reasonably linked or linkable with a particular individual.

Client Personal Data. When Perceptyx collects and processes personal data on behalf of a client in order to provide our Services to such client, we refer to this data as “Client Personal Data.” We are a ‘processer’ or ‘service provider’ with respect to our collection and processing of Client Personal Data and will only process such Client Personal Data on behalf of the particular client. Our clients’ respective privacy policies apply to and govern the processing of Client Personal Data.

Controller and responsible party. For the purposes of the EU General Data Protection Regulation (the “GDPR”) and other relevant applicable laws (such as the UK Data Protection Act 2018 (“UK DPA”) and the Brazilian General Data Protection Law (the “LGPD”)), Perceptyx, Inc. is the controller of your personal data collected pursuant to this Policy. With respect to any Client Personal Data, our clients are the data ‘controllers’ or ‘businesses’ for their respective Client Personal Data, and we are a ‘processor’ or ‘service provider’ as defined under applicable privacy laws.

2. Personal data we collect

We may collect personal data about you directly, as well as automatically related to the use of our website and other Services or from third parties. The personal data that we collect and process, varies depending on the Services you use and your interactions with us. You do not have to provide us with your personal data to access most of our website. However, if you choose not to provide certain information, you may be unable to access certain areas, or use our Services, and we may be unable to fully respond to your inquiries.

Information we collect directly. We may collect personal data about you directly from you or from your company. For example, when you fill out a ‘Contact Us’ form, signup for our mailing lists, register for events we host or sponsor, or otherwise provide us information through our websites, we may collect personal data such as:

Automatically collected information. We use cookies, log files, pixel tags, local storage objects, and other tracking technologies to automatically collect information when users access or use the Services or visit our websites, such as IP address, general location information, domain name, page views, a date/time stamp, browser type, device type, device ID, Internet service provider, referring/exit URLs, operating system, language, clickstream data, and other information about the links clicked, features used, size of files uploaded, streamed or deleted, and similar device and usage information. For more information, see the Cookies and Similar Devices section below.

Information collected from third parties. We may collect personal data about you from third party sources, such as business partners, social media platforms, public sources, joint marketing partners (so that we can deliver our client and related services) and third parties to whom you have expressed interest in our products and services, as well as information that you shared on social media platforms (subject to the respective platform terms and applicable laws).

3. Purposes and legal bases of use

In this section, we explain the purposes for which we process your personal data, as well as the legal bases for doing so under certain applicable laws.

Legal bases. Certain laws, including the GDPR, require that we inform you of the legal bases for our processing of your personal data. Pursuant to these laws, we process personal data for the following legal bases:

Purposes for which we collect and process your personal data. The purposes for which we may process personal data vary depending upon the circumstances. Generally, we use personal data for the business and commercial purposes listed below:

Aggregate and anonymous data. We also create and use aggregate, anonymous and de-identified data to derive benchmark information which is made available to our enterprise clients, and to improve and develop our business and Services, and for similar research and analytics purposes.

Client Personal Data. Our clients, not Perceptyx, determine the purpose and means of processing for their respective Client Personal Data, including personal data collected and processed related to launching, analyzing and reporting on surveys. In general, (subject to applicable client instructions) Perceptyx processes the Client Personal Data to provide our Services to clients, including to operate and improve the platform and our services, to provision platform user accounts, to carry out the transactions platform users request via the platform, and to respond to platform User requests, to launch and track surveys, polls and other platform service content. Our clients are the data controllers with respect to their Client Personal Data. Please review the client’s respective privacy policies for more information about how they collect, use and share the personal data collected via the platform.

4. Disclosures of Personal Data

In general, we may disclose personal data as explained below:

Aggregate or anonymous data. We may share aggregate, anonymous or de-identified data with third parties for research, analytics and other purposes, provided such information does not identify a particular individual.

5. Cookies

We and our third-party service providers use “cookies,” pixels, java script, log files, and other mechanisms on the Site. Our website uses functional, analytical and tracking cookies to optimize the visitor experience. We use cookies to remember your IP-address, settings and preferences. Click here to see the current list of cookies we use.

Cookies. A “cookie” is a small text file that may be used, for example, to collect information about website activity. Some cookies allow us to make it easier for you to navigate our website and platform, while others are used to enable a faster log-in process or to allow us to track your activities while using the website or platform. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them.

Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities users of our services, help us manage content, and compile statistics about usage of our Services. We and our third-party service providers also use clear GIFs in HTML emails to our clients, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Log files. Most browsers collect certain information, such as your IP address, device type, screen resolution, operating system version, and internet browser type and version. This information is gathered automatically and stored in log files.

Third-party analytics. We also use automated devices and applications, such as Google Analytics (more info here) to evaluate use of our website and collect usage statistics. These analytics providers may use cookies and other technologies to perform their services.

Do-not-track signals. The Site does not respond to do-not-track signals. You may, however, disable certain tracking as discussed above (e.g., by disabling cookies) and set out in our Cookie Policy. You many also use our preference manager to manage your cookie preferences on our websites.

Survey platform. Our survey platform uses necessary and functional cookies to enable respondents to participate in surveys or to enable users to create or review surveys. For example, we use cookies to ensure a respondent can only take a survey once or come back to the survey if you leave the page in the middle of the survey.

6. How long does Perceptyx store your personal data?

As a general rule, we retain your personal data for as long as necessary to fulfill the purposes for which it was collected or as necessary to comply with our legal obligations, resolve disputes, maintain appropriate business records, and enforce our agreements. We may retain personal data for longer where required by our regulatory obligations, professional indemnity obligations, or where we believe necessary to establish, defend, or protect our legal rights and interests or those of others. Our clients instruct us on how long to retain Client Personal Data, which we handle as a data processor.

7. How do we secure your personal data?

We have implemented technical and organizational measures designed to protect your personal data against accidental or unlawful processing. Regardless of the precautions taken by us, we cannot ensure or warrant the security of any information you transmit to us. Further, you are responsible for all actions taken with your user ID and password, if any. Therefore, we recommend that you do not disclose your password to anyone.

8. Your choices and rights.

Access, amend and correct. If you wish to access personal data that you have submitted to us, to request the correction of any inaccurate information you have submitted to us, or to request deletion of your information, please send your request to. We will review your request and make reasonable efforts to respond to it as soon as practicable. We may ask you for additional information so that we can confirm your identity. If you would like to submit a request relating to Client Personal Data, you should contact the relevant client directly; if you submit a request to us related to Client Personal Data, we will forward your request to the relevant Client (where known) so that they may respond to your request.

Direct marketing. You may always opt-out of direct marketing emails. If you would like to unsubscribe from Perceptyx email subscriptions or otherwise change your email preferences with Perceptyx, please click here or follow the instructions in any Perceptyx promotional email that we send to you. We may continue to send you transactional or service-related communications, such as service announcements and administrative messages.

Complaints. We will take steps to try to resolve any complaint you raise regarding our treatment of your personal data. You also have the right to raise a complaint with the privacy regulator in your jurisdiction.

Additional Information for Certain Jurisdictions. In the section “Additional Information for Individuals in Certain Jurisdictions” below, we provide additional information as required under California privacy laws, as well as the GDPR, UK DPA and the LGPD. Users in California, the EEA, the UK, and Brazil should review this section for more information regarding their rights under these respective laws.

To submit a privacy request or exercise your rights regarding your personal data, please send an email to privacy@perceptyx.com. We will respond to your request consistent with applicable law.

9. International Transfers

Perceptyx is a global operating organization with headquarters in the United States, and we have operations, entities and service providers in the United States, European Union and throughout the world. As such, we and our service providers may transfer your personal data to, or access it in, jurisdictions (including the United States and other jurisdictions where we, our affiliates and service providers have operations) that do not include equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms and/or data transfer agreements.

Users in the European Economic Area (EEA) and United Kingdom. If you are in the EEA or the United Kingdom, and we process your personal data in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we will implement measures to adequately protect your personal data, including by putting in place standard contractual clauses as approved by the European Commission (the form for the standard contractual clauses can be found at http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm). To obtain additional details of the mechanism under which your personal data is transferred outside of the EEA; you may request such details by contacting us as set forth in the Contact Us section below.

10. Children

We do not knowingly or specifically collect information about minors under the age of 16. If you believe we have unintentionally collected such information, please notify us as set out in the Contact Us section below.

11. Contact Us

If you have any questions or comments about this Policy, the ways in which we collect and use your personal data, your choices and rights regarding such use, or wish to exercise your rights, please do not hesitate to contact us at:

Perceptyx, Inc.
privacy@perceptyx.com

12. Additional Information for Individuals in Certain Jurisdictions

A. EEA (GDPR), UK and Brazil

Subject to the conditions set out in the applicable law, users in in the European Union/European Economic Area, United Kingdom and Brazil (as well as in other jurisdictions where similar rights apply) have the following rights regards our processing of their personal data:

Please note that some of these rights may be limited, such as where we have an overriding interest or legal obligation to continue to process the data. Please contact us using the information set out in the Contact Us section above, if you wish to exercise any of your rights or if you have any enquiries or complaints regarding our processing of your personal data.

B. Additional Information for California Residents

In this section, we provide additional information to California residents about how we handle their personal information, as required under California privacy laws including the California Consumer Privacy Act (“CCPA”). This section does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the CCPA.

While our collection, use and disclosure of personal information varies based upon our relationship and interactions with you, in this section we describe, generally, how we have collected and disclosed personal information about consumers in the prior 12 months (from the Last Updated date above).

Categories of Personal Information Collected and Disclosed. The table below identifies the categories of personal information (as defined by the CCPA) we have collected about consumers, as well as how we have disclosed such information for a business purpose. For more information about the business and commercial purposes for which we collect, use and disclose personal information, please see the Purposes and legal bases of use and Disclosures of personal information sections above.


Personal Information Collected Categories of Third Parties to Whom We May Disclose this Information
Categories Description
Identifiers Includes direct identifiers, such as name, alias user ID, username, account number; email address, phone number, address and other contact information; IP address and other online identifiers; SSN, driver’s license number, passport number, tax ID and other government identifiers; and other similar identifiers.
  • service providers
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • affiliates and subsidiaries
  • advertising networks
  • data analytics providers
  • social networks
  • internet service providers
  • operating systems and platforms
  • business customer/client
Customer Records Includes personal information, such as name, account name, user ID, contact information, employment information, account number, and financial or payment information), that individuals provide us in order to purchase or obtain our products and services. [For example, this may include account registration information, or information collected when an individual purchases or orders our products and services, or enters into an agreement with us related to our products and services.
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • our affiliates and subsidiaries
  • business partners who provide services you request
Commercial Information Includes records of personal property, products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies.
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • affiliates and subsidiaries
  • advertising networks
  • data analytics providers
  • social networks
  • internet service providers
  • operating systems and platforms
  • data brokers
  • business customer/client
Usage Data Includes browsing history, clickstream data, search history, access logs and other usage data and information regarding an individual’s interaction with our websites, mobile apps [and other Services, and our marketing emails and online ads.
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • affiliates and subsidiaries
  • advertising networks
  • data analytics providers
  • social networks
  • internet service providers
  • operating systems and platforms
Audio, Video and Electronic Data Includes audio, electronic, visual, thermal, olfactory, or similar information such as, thermal screenings and CCTV footage (e.g., collected from visitors to our offices/premises, photographs and images (e.g., that you provide us or post to your profile) and call recordings (e.g., of customer support calls).
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • affiliates and subsidiaries
Professional information Includes professional and employment-related information such as business contact information and professional memberships.
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • affiliates and subsidiaries
Education Information Information about an individual’s educational history such as the schools attended, degrees you were awarded, and associated dates.
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • affiliates and subsidiaries
Inferences Includes inferences drawn from other personal information that we collect to create a profile reflecting an individual’s preferences, characteristics, predispositions, behavior, attitudes, intelligence, abilities or aptitudes. For example, we may analyze personal information in order to identify the offers and information that may be most relevant to customers, so that we can better reach them with relevant offers and ads.
  • service providers
  • advisors and agents
  • government entities and law enforcement
  • our affiliates and subsidiaries
  • analytics providers


Sources of Personal Information. As further described in the Collection of Personal Information section above, we may collect personal information from the following sources

California residents’ rights. In general, California residents have the following rights with respect to their personal information:

Submitting CCPA Requests. California residents may submit CCPA requests to know (access) and requests to delete their personal information by email at privacy@perceptyx.com

When you submit a request to know or a request to delete, we will take steps to verify your request by matching the information provided by you with the information we have in our records. You must email us with any requested information (or otherwise provide us with this information to verify your request. In some cases, we may request additional information in order to verify your request or where necessary to process your request. If we are unable to adequately verify a request, we will notify the requestor. Authorized agents may initiate a request on behalf of another individual by contacting us through the above listed method; authorized agents will be required to provide proof of their authorization and we may also require that the relevant consumer directly verify their identity and the authority of the authorized agent.

For more information about our privacy practices, you may contact us as set forth in the Contact Us section above.