Privacy Policy

Distill Intelligence AB. Löjtnantsgatan 4, 115 50 Stockholm, Sweden. Email: support@distillintelligence.com.

We are the data controller responsible for the processing of personal information described in this Privacy Policy. For inquiries regarding your personal information, please contact us at the email address above.

Information you provide to us.

Personal information you may provide to us through the Service or otherwise includes:

• Contact data:

  such as your first and last name, professional title, organizational affiliation, email address, and phone number.

• Profile data:

  such as the username and password that you may set to establish an online account on the Service, your profile picture, and any other information that you add to your account profile.

• User-generated content:

  such as comments, questions, feedback, messages, and other content or information that you generate or submit while using the Services (please note our separate Service Agreement regarding rights and responsibilities for content submitted to the service).

• Communications:

  that we exchange with you, including when you contact us through the Service, social media, or otherwise for support or inquiries.

• Marketing data:

  such as your preferences for receiving our marketing communications and details about your engagement with them.

• Other data:

  not specifically listed here, which we will use as described in this Privacy Policy or as otherwise described at the time of collection.

Third party sources.

We may combine personal information we receive from you with personal information we obtain from other sources, such as:

• Public sources:

  such as government agencies, public records, social media platforms, and other publicly available sources relevant to our market intelligence services.

• Data providers:

  such as information services and data licensors that provide demographic and other information.

• Marketing partners:

  such as joint marketing partners and event co-sponsors.

• Third party services:

  such as social media services, that you may use to log into, or otherwise link to, your Service account (if applicable). This data may include your username, profile picture and other information associated with your account on that third party service that is made available to us based on your account settings on that service.

Automatic data collection.

We and our service providers may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:

• Device data:

  such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g., phone, tablet), IP address, unique identifiers (which may be generated by our systems or service providers for analytics or operational purposes), language settings, and general location information such as city, state or geographic area derived from your IP address.

• Online activity data:

  such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to our website, navigation paths between pages or screens, information about your activity on a page or screen, access times and duration of access, and whether you have opened our marketing emails or clicked links within them.

Cookies and similar technologies.

We use different approaches regarding cookies and similar technologies on our public website versus our Cloud Service:

• Public website:

  We aim to respect your privacy. Our public website, including the analytics solution we use for it, does not use cookies to track you. Automatic data collection on the website occurs through cookieless methods provided by our analytics service provider or via server logs, focusing on aggregate user behavior without persistent tracking via cookies stored on your device.

• Cloud Service:

  When you log in and use the core Distill Cloud Service, we use strictly necessary (essential) cookies required for the functionality and security of the service. These may include cookies to: Maintain your login session; Remember essential UI preferences or settings (e.g., time zone for displaying dates correctly, OS detection for relevant key commands); Ensure security and prevent fraudulent access; and Enable core features to operate correctly. Because these cookies are essential for the operation of the application Service you have subscribed to, they do not require consent under GDPR/ePrivacy Directive, typically relying on legitimate interests or contract necessity as the legal basis. You can usually manage or delete cookies via your browser settings, but disabling essential cookies may impair the functionality of the Cloud Service. We do not use non-essential tracking or advertising cookies within the Cloud Service environment.

• Local Storage:

  We may use local storage technologies (like HTML5) within the Cloud Service, which provide cookie-equivalent functionality for storing data (like UI settings) on your device outside of your browser for performance or preference reasons.

Data about invitees.

We may offer features that help users invite their colleagues or contacts to use the Service, and may collect contact details (like email addresses) about these invitees solely to deliver their invitations. Please do not refer someone to us or share their contact details with us unless you have their permission to do so.

Service delivery.

We may use your personal information to:

• provide, operate and improve the Service and our business;
• establish and maintain your user profile on the Service;
• facilitate your invitations to colleagues or contacts who you want to invite to join the Service (if applicable);
• communicate with you about the Service, including by sending announcements, updates, security alerts, and support and administrative messages;
• understand your needs and interests, and personalize your experience with the Service and our communications; and
• provide support for the Service, and respond to your requests, questions, and feedback.

Research and development.

We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze, improve, and promote the Service and our business.

Marketing and advertising.

We may collect and use your personal information (such as your email address and marketing preferences) to send you direct marketing communications related to our services, such as newsletters or information about new features or offers. You may opt-out of our marketing communications as described in the “Your choices and rights” section below.

Compliance and protection.

We may use your personal information to:

• comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
• protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims);
• audit our internal processes for compliance with legal and contractual requirements or our internal policies;
• enforce the terms and conditions that govern the Service (including our Service Agreement); and
• prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

Performance of a contract.

Much of our processing of personal information (such as your Contact data, Profile data, essential Communications, and associated automatic data collection necessary for the Cloud Service) is necessary to provide the Service to you and perform our obligations under our Service Agreement with you or your organization.

Legitimate interests.

We process some personal information based on our legitimate interests in operating and improving our business and the Service, conducting research and development, ensuring security, protecting our rights and interests, and for certain non-intrusive marketing activities (where permitted). When we rely on legitimate interests, we balance our interests against your rights and freedoms. We only use essential cookies in our Cloud Service based on our legitimate interest to provide core functionality.

Consent.

For certain activities, such as sending direct marketing communications via email to prospective customers or using non-essential cookies/tracking technologies (which we currently do not use on our website), we would rely on your consent. Where we rely on consent, you have the right to withdraw it at any time.

Compliance with legal obligations.

We may process personal information as necessary to comply with our legal obligations under applicable laws (e.g., responding to lawful requests from authorities, tax obligations).

Affiliates.

Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.

Service providers.

Third parties that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology, database management, customer support, email delivery, marketing, payment processing, website analytics, and research). These providers are typically bound by contractual obligations to protect your personal information.

Linked third party services.

If you log into the Service with, or otherwise link your Service account to, a social media or other third party service (if applicable), we may share your personal information with that third party service according to your settings on that service. The third party’s use of the shared information will be governed by its privacy policy.

Professional advisors.

Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.

Authorities and others.

Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees.

Acquirers and other relevant participants in business transactions (or negotiations of or due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Distill Intelligence AB or our affiliates (including in connection with a bankruptcy or similar proceedings).

Other users and the public.

If you use features that allow you to share content publicly or with other users (e.g., comments, forum posts, if applicable), your profile information and the content you share may be visible to other users of the Service and potentially the public. We are not responsible for how other users or the public may use information you make publicly available.

Access or update your information.

If you have registered for an account with us through the Service, you may review and update certain account information (such as your contact details or profile information) by logging into your account.

Opt-out of marketing communications.

You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the emails you receive from us. You may continue to receive service-related and other non-marketing emails necessary for the provision of the Service or required by law.

Linked third party platforms.

If you choose to connect to the Service via a third-party platform (if applicable), you may be able to limit the information we receive from that platform using your account settings for that platform. Revoking our access on the third-party platform will not affect information already received.

Cookies.

As described above, we do not use cookies on our public website. For the essential cookies used within the Cloud Service, you can typically manage or delete these through your browser settings, although disabling them may affect Service functionality.

Right of access.

You have the right to request access to the personal information we hold about you, along with information about how we process it.

Right to rectification.

If the personal information we hold about you is inaccurate or incomplete, you have the right to have it corrected.

Right to erasure (right to be forgotten).

You have the right to request that we delete your personal information under certain circumstances (e.g., if the data is no longer necessary for the purpose it was collected, if you withdraw consent and there’s no other legal basis, if you object and there are no overriding legitimate grounds, or if the data was unlawfully processed).

Right to restrict processing.

You have the right to request that we restrict the processing of your personal information under certain conditions (e.g., if you contest the accuracy of the data, if the processing is unlawful but you oppose erasure, if we no longer need the data but you require it for legal claims, or if you have objected to processing pending verification).

Right to data portability.

Where processing is based on your consent or contract necessity and carried out by automated means, you have the right to receive the personal information you provided to us in a structured, commonly used, and machine-readable format, and have the right to transmit that data to another controller where technically feasible.

Right to object.

You have the right to object to the processing of your personal information based on our legitimate interests or for direct marketing purposes. If you object to direct marketing, we will stop processing your data for those purposes. If you object based on legitimate interests, we will stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims.

Right to withdraw consent.

If we rely on your consent as the legal basis for processing your personal information, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

Rights related to automated decision-making.

We do not currently engage in automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you.

We are headquartered in Sweden and may use service providers that operate in other countries. Your personal information may be transferred to the United States or other locations outside of your state, province, or country, where privacy laws may not be as protective as those in your jurisdiction.

For transfers of personal information subject to GDPR or UK GDPR outside the EEA, Switzerland, or the UK, we rely on appropriate safeguards as required by law, such as Adequacy Decisions adopted by relevant authorities or Standard Contractual Clauses (SCCs) approved by the European Commission or the UK Information Commissioner’s Office. Where personal information processing relates specifically to the provision of the Cloud Service to you as a customer, details regarding data transfers and safeguards are further specified in our Data Processing Agreement (DPA).