Privacy Policy

Last updated: 27th November 2023

This privacy policy applies to all information collected through our websites (https://numbereight.ai and https://portal.eu.numbereight.ai), and/or any related services (we refer to them collectively in this privacy policy as the “Sites”).

This policy does not cover the use of our products. Please see our Software Privacy Notice for our product-related privacy policy.

Information we collect

Information provided by you

In short: we collect information when you create an account with us and when you contact us via our contact forms or via email, such as your name and address.

We collect information that you voluntarily provide to us whenever using contact forms or when contacting us via other communication channels such as email. This includes your name, contact details, company details and invoicing information.

Information provided by you
Category	Information Collected
Contact Details	Your name
	Your email address and phone number
	Your company details
Billing Details	Invoice addresses
Billing Details	Billing contact details
Account Information	Account recovery data
Issue Reporting	Screenshots and information written in any bug reports

Information automatically collected

In short: some information – such as IP address, referral source, and/or browser and device characteristics – is collected automatically when you visit our Sites.

We automatically collect certain information when you visit, use or navigate the Sites.

Information automatically collected
Category	Information Collected
Referral Information	Referring URLs (i.e. the link that you clicked to reach our website)
Device Information	Your IP address
Device Information	Browser and device characteristics
Country & Language	Language preferences
Country & Language	Country and locality
Browsing Data	Pages you visit while using the Sites
Other Technical Information	Any technical information not listed above

This information is needed and for our internal analytics and reporting purposes, to understand how website visitors are finding us and to ensure the security of our website services.

Information collected from other sources

In short: we collect data from public databases, marketing partners, and other outside sources.

We obtain information about you from other sources, such as public databases, joint marketing partners, as well as from other third parties.

Examples of the information we receive from other sources include: social media profile information; marketing leads and search results and links, including paid listings (such as sponsored links).

How we use collected information

In short: we process your information to response to contact requests, monitor our promotional campaigns and use of our Sites, improve our site, and enforce our policies.

We use personal information collected via our Sites for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests (“Legitimate Interests”), in order to enter into or perform a contract with you (“Contractual”), with your consent (“Consent”), and/or for compliance with our legal obligations (“Legal Reasons”).

We use collected information in the following ways:

Activity	Information Used	Legal Basis
To respond to contact requests.	Contact Details	Legitimate Interests
To determine the effectiveness of our promotional campaigns – see cookies section below.	Referral Information, Device Information, Country & Language, Information Collected From Other Sources	Consent
To analyse usage trends, and evaluate our Sites, products, services, and marketing – see cookies section below.	Referral Information, Device Information, Browsing Data, Country & Language, Information Collected From Other Sources	Consent
To send you marketing and promotional communications.	Contact Details	Consent
To send administrative information to you, such as updates to your account or our policies.	Contact Details	Contractual
Monitor your experience and usage of our Sites and improve our products.	Device Information, Browsing Data, Issue Reporting	Consent
To facilitate account creation and logon process.	Contact Details, Account Information	Contractual
To protect our Sites. We may use your information as part of our efforts to keep our Sites safe and secure, for example, for fraud monitoring and prevention.	Device Information, Country & Language, Other Technical Information	Legitimate Interests
To enforce our terms, conditions and policies.	Device Information, Country & Language, Other Technical Information	Legitimate Interests
To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.	Any	Legal Reasons

How your information is shared

In short: we only share information with your consent, to comply with laws, or to fulfil business obligations.
Reasons we may share your data:

Legitimate Interest: We may share your data in order to achieve our legitimate business interests, in particular with:

- Marker.io: Issue Reporting information using the issue reporting dialog is used to fix issues with the Sites.

Consent: We may share your data if you have given us explicit consent to use it for a particular purpose, in particular with:

- Google Analytics (Google, LLC): Referral Information, Browsing Data, Country & Language, Device Information, and Other Technical Information is used to track how customers use our website. Your IP address is anonymised to reduce the scope of your personal information.

- Google AdSense (Google, LLC): Referral Information, Browsing Data, Country & Language, Device Information, and Other Technical Information are shared with AdSense for research purposes only – we do not show personalised ads on our Sites.

- HubSpot (HubSpot, Inc): Contact Details, Referral Information, Browsing Data, Country & Language, Device Information, and Other Technical Information is used for commercial prospecting.

- Visitor Queue (Visitor Queue, Inc): Referral Information, Browsing Data, Country & Language, Device Information, and Other Technical Information is used for commercial prospecting.

- Facebook (Meta, Inc): Referral Information, Browsing Data, Country & Language, Device Information, and Other Technical Information is used to track which customers reach our website and to identify which marketing channels are the most effective.

Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

International transfers of data

In short: from time to time we may need to transfer data outside the EEA.

We strive to keep your data inside the EEA where possible, but sometimes our partners may require that some data is transfered to other countries such as the USA. Where this happens, we ensure that appropriate data transfer mechanisms are in place. If our partners are unable to provide appropriate safeguards, we refrain from using their services.

Google LLC: Transfers to the USA use the EU-US Data Privacy Framework (UK extension).
Meta Inc: Transfers to the USA use the EU-US Data Privacy Framework (UK extension).
HubSpot Inc: Transfers to the USA use the EU-US Data Privacy Framework (UK extension).
Marker.io: Transfers to the USA use Standard Contractual Clauses.
Visitor Queue Inc: Transfers to Canada use the equivalent data protection law in Canada and any transfers to the USA use Standard Contractual Clauses.

Use of cookies and other tracking technologies

In short: we use cookies and other tracking technologies to collect and store your information.

Cookies are small files stored inside your web browser by websites which are sent back to the website each time a web page is loaded. Only the website which stores the cookie may read the cookie.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Analytics”.
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category “Functional”.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category “Necessary”.
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category “Performance”.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

We always ask for your consent when using cookies. If you would like to update your preferences, click the link below to show the cookie consent dialog.

Cookie Settings

How long we keep information

In short: we keep your information for a maximum of two years, or as long as is otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this policy will require us keeping your personal information for longer than two years.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

How we keep your information safe

In short: we aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate technical and organisational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Sites is at your own risk. You should only access the services within a secure environment.

Do we collect information from minors?

In short: not knowingly.

We do not knowingly solicit data from or market to children under 13 years of age. By using the Sites, you represent that you are at least 13 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Sites. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 13, please contact us at hi@numbereight.ai.

Your privacy rights

In short: in some regions, such as the UK and European Economic Area, you have rights that allow you greater access to and control over your personal information.

In some regions (such as the UK or European Economic Area), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.

If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal.

If you are resident in a country with such data protection laws and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you would at any time like to review or change the information we hold about you, you can contact us using the contact information provided.

Please note that as of January 2020 the UK is no longer an EEA country.

Specific rights for California residents

In short: yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.

California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year.

If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below. California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.

If you are under 18 years of age, reside in California, and have a registered account with the Sites, you have the right to request removal of unwanted data that you publicly post on the Sites. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Sites, but please be aware that the data may not be completely or comprehensively removed from our systems.

Updates to this policy

We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

Contact information

If you have questions or comments about this policy, you may email us at privacy@numbereight.ai.