{10737.001 00270095.3 }

 

 

DATALOU PRIVACY POLICY 

Last updated: 1/16/19 

Who We Are 

Datalou, LLC ("Datalou", “we”, “our”, “us”) takes your privacy seriously. As electronic commerce 
increases and the volume of data transmission over telecommunications networks steadily rises, 
maintaining the trust of our customers, clients, suppliers, and users necessitates vigilant, responsible 
privacy protections.  

     About This Privacy Policy 

This privacy policy (the “Privacy Policy”) applies to the personal data that you provide to us or that 
we collect about you through our website (www.datalou.com) and all related sites, software and 
services provide by us (together, the “Services”). We realize that privacy is an important issue for our 
clients, suppliers and other users of this site. Please read the following to learn more about how we 
collect, use and safeguard the information you provide through this site. This Privacy Policy may be 
revised from time to time, so please revisit this page often to remain fully informed of our policies.  

Key Terms  

•

 

Personal data means information about individuals (including you) and information from 
which such individuals could be identified. 

•

 

You means any individual whose personal data we process.  

•

 

Special category data means data relating to racial or ethnic origin, political opinions, 
religious and philosophical beliefs, trade union membership, health data, biometric data or 
sexual orientation.  

What Information Does Datalou Collect from You?  

Through our website, Datalou collects the following information:  

(i)  information you provide to us 

{10737.001 00270095.3 }

 

 

(ii) information collected automatically; and 

(iii) information we obtain from third parties 

We do not collect, request, receive or otherwise process any special category data about you. 

 

Information You Provide to Us 

We ask for and collect the following information when you use the Services:  

•

  Identity and profile information: At the time you become a registered customer of Datalou or 

signup as a supplier on the site, we request that you provide us with certain personal 
information, including: name, address, phone number, email address, Federal Employer ID 
Number, and financial and insurance information. When you browse the non-password 
protected portions of our site, you do so anonymously. 

•

  Communications: Our site permits you to contact us via email. Whenever you send an email 

via our site, you will be providing us with your name, title, email address, phone number and 
any information you choose to include in the text of your message. For example, you may 
choose to provide your mailing address or other information necessary or helpful for us to 
address your query or other concern. 

Information We Collect Automatically 

We collect certain information automatically when you use the Services. This information includes: 

•

  Location data: we may collect data about your IP address and geographical location. We use this 

data to provide you with location-based services. We support Do Not Track, which is a 
preference you can set in your web browser to inform websites that you do not wish to be 
tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of 
your web browser. 

•

  Cookies: we use cookies and other similar technologies to track certain behavior on our behalf. 

Cookies are small strings of text that are sent by our website to your browser and then stored by 

{10737.001 00270095.3 }

 

 

your browser on your computer’s hard drive. We may use cookies to help diagnose problems 
with our services and to administer or website. 

•

  Automated profiling: in some circumstances, we may use automated profiling to provide targeting 

advertising based on our usage of Services or your geographical location.    

Information We Receive from Other Sources 

•

  Service providers and business partners: we may also receive information about you from our 

service providers and business partners, including companies that assist with analytics, data 
processing and management (e.g. to measure ad quality and responses to ads, and to display 
ads that are more likely to be relevant to you), account management, customer and technical 
support, hosting and other services which we use to personalize your Datalou experience. When 
we receive information from other sources, we rely on them having the appropriate provisions in 
place telling you how they collect data and who they may share it with. 

•

  Suppliers should note that our "Customer Branded Sites," through which they may register 

and/or provide information, are provided jointly with the applicable customers. The use of 
information collected by Datalou though these Customer Branded Sites is subject to this Privacy 
Policy.  

How is Your Personal Information Used?  

In accordance with data protection laws, we will only process personal data where we have a lawful 

basis for doing so. In respect to your personal data, these bases are: (a) where it is necessary for 
the performance of a contract we have with you; (b) where we are required to do so in accordance 
with legal or regulatory obligations; (c) where you have given your consent; and (d) where it is in our 
(or a third party’s) legitimate interests to process your personal data, provided that those interests do 
not prejudice your own rights, freedoms, and interest. The following are a list of purposes for which 
we process personal data. 

•

  To carry out our obligations arising from any contracts entered into between you and us (for 

example, our terms and conditions); 

•

  To provide you with the information, services, and newsletters that you request from us;  

•

  To respond to your enquiries or to process your requests in relation to your information;  

{10737.001 00270095.3 }

 

 

•

  To provide, improve and personalize our Services; 

•

  To inform you about important changes or developments to our Services; 

•

  To ensure that our Services are presented in the most effective manner for you and for your 

device;  

•

  To detect and protect us against error, fraud and other criminal activity, and enforce our 

Terms and Conditions;  

•

  For internal operations, including troubleshooting, data analysis, testing, research, and 

statistical purposes;  

•

  To allow you to participate in interactive features of our Services, if and when you choose to 

do so;  

•

  To provide target advertising;  

•

  To provide customers with information about suppliers.  

 Sharing Your Personal Data 

The following describes the ways in which we may share your personal data in the normal course of 
business and in order to provide our Services: 

•

  With your consent: we will disclose your personal data when and if you have agreed that we 

may do so. We will make this clear to you at the point at which we collect your personal data, 
including the purpose(s) for which we will use the personal data.  

•

  Service providers: we use third-party service providers to facilitate or outsource some 

aspects of our business, products and Services and some of these service providers will 
process your personal data. 

•

  If required by law: we may be required to disclose your personal data by law, in response to 

a valid court or other authority order, or to respond to request relating to criminal 
investigations. 

•

  Change of control: if a business transfer or change of business ownership takes place or is 

envisaged, we may transfer your personal data to the new owner (or a prospective new 
owner). If this happens, you will be informed of this transfer.  

•

  Protecting our rights: We may disclose your personal data if we feel this is necessary in 

order to protect or defense our legitimate rights and interests and/or to ensure the safety and 
security of the Services.  

{10737.001 00270095.3 }

 

 

Modifications  

We strive to maintain the accuracy of any personally identifiable or business information that may be 

collected from you and will use our commercially reasonable efforts to respond promptly to update 
our database when you tell us the information in our database is not accurate. It is your responsibility 
to ensure that such information is accurate, complete and up-to-date. You may obtain from us, by 
email, the information in our records and/or files. If you wish to make any changes to any personally 
identifiable or business information you have provided to us, you may do so at any time by 
contacting us at privacypolicy@datalou.com.  

Marketing and Opt-Out  

Datalou may offer a marketing newsletter, which we will only send to you if you expressly consent to 

receive it. You may opt out of receiving marketing communications from us and our affiliates at any 
time by following the opt-out link provided in any email received from us or by emailing us at 
privacypolicy@datalou.com.  

Behavioral Marketing 

We may use remarketing services to advertise to you on third party websites after you have visited 

or used our Services. We, and our third-party vendors, may use cookies to inform, optimize and 
serve ads based on your past visits to our Services.  

Consequences of Not Providing Information  

You may choose not to provide us with your personally identifiable information or business 

information. However, choosing not to provide certain requested information may prevent you from 
accessing and taking advantage of certain services offered by Datalou.  

Protecting Your Personal Data  

Datalou employs physical, electronic and managerial safeguards to protect the personal data we 

receive from you. This includes our requirement for user names and Member IDs to access sensitive 
data and our use of industry-standard SSL encryption to protect data transmissions. You should not 
share your password with anyone. In addition, if you suspect unauthorized access to your 

{10737.001 00270095.3 }

 

 

information, it is your responsibility to contact Datalou immediately. Datalou personnel will never ask 
you to divulge your password in written or electronic communications. We will only ask you for your 
password when you contact us and only in cases where you request customer service to correct a 
service problem which requires your password.  

We maintain technical, administrative, and physical safeguards that are designed to prevent 

unauthorized access, use, or disclosure of personal data we collect and store. We regularly monitor 
our systems for possible vulnerabilities and attacks. Please be aware that Internet data transmission 
is not always secure, and we cannot warrant that information you transmit utilizing this site is secure. 
Because security is important to both Datalou and you, we will always make reasonable efforts to 
ensure the security of our systems.  

When we use third party organizations to process your personal data on our behalf, we require that 

they: (a) have appropriate security arrangements in place; (b) must comply with our contractual 
requirements and instructions; and (c) must ensure compliance with GDPR and any other relevant 
data protection legislation, all as required under GDPR.  

International Data Transfers 

Datalou operates globally and may share your information internationally for the purposes described 

in this Privacy Policy. Datalou is based in the United States. Information collected within the 
European Economic Area (“

EEA”), will therefore be transferred to countries outside of the EEA for 

purposes described in this Privacy Policy. We use appropriate safeguards to ensure the lawful 
transfer of your personal data outside the EEA.  

Retaining Your Personal Data 

It is our policy to retain your personal data for no more than the length of time required for the 

specific purposes for which it is processed by us and which are set out in this Privacy Policy. 
However, we may sometimes need to keep your personal data for a longer period of time, for 
example, where required by our legal obligations, or in order to ensure we have effective IT back-up 
systems. In such cases, we will ensure that your personal data will continue to be treated in 
accordance with this Privacy Policy, we will restrict access to any archived personal data, and 
ensure that all personal data is held securely and kept confidential.  

{10737.001 00270095.3 }

 

 

In any event, we will always delete any personal data when you request us to do so (unless we are 
prevented by law).  

Your Rights 

You have various rights in relation to your personal data, including: 

•

  The right of access to a copy of the personal data we hold about you; 

•

  The right to require us to correct any inaccuracies in your personal data; 

•

  The right to object to decisions about you being taken by automated means; 

•

  Where we have sought your consent, the right to withdraw your consent at any time; and  

•

  The right to ask us not to process your personal data for direct marketing purposes (although, we 

do no currently undertake any direct marketing). 

You may also have the following rights in relation to your personal data in certain circumstances: 

•

  The right to restrict or object to our use of your personal data; 

•

  The right to require us to provide a copy of your personal data to others; and 

•

  The right to require us to erase your personal data. 

Please be aware that these rights are not always absolute and there may be situations in which you 

cannot exercise them, or they are not relevant. If you wish to exercise any of your rights, please 
contact us at privacypolicy@datalou.com.  

Children 

Datalou is not intended for use by children. Individuals under the age of 13 are not permitted to use 

the Services and must not attempt to register an account or submit any personal data to us. We do 
not knowingly collect any personal data from any person who is under the age of 13 or allow them to 
register an account. If it comes to our attention that we have collected personal data from a person 
under the age of 13, we will delete this information as soon as possible. If you are a parent or 
guardian and you learn that your child, under the age of 13, has provided us with personal data, 
please notify us immediately at privacypolicy@datalou.com.  

{10737.001 00270095.3 }

 

 

Changes to this Privacy Policy  

This Privacy Policy may change from time to time and, if it does, the up-to-date version will always 

be available on our Services. If we make changes to this Privacy Policy, we will post the revised 
Privacy Policy on the Services and update the “Last Updated” date at the top of this page. Please be 
sure to periodically check this page to ensure that you are aware of any changes to this Privacy 
Policy. Any material changes to this Privacy Policy will be communicated to users by a notification to 
their email and/or by posting notice of the change on the Services.  

Questions?  

Datalou’s goal is to make our privacy practices easy to understand. If you have questions, 

concerns or if you would like  more detailed information, please email us at 
privacypolicy@datalou.com.  

If you have questions about the information provided in this Privacy Policy, or you have a concern 

or complaint about the way in which we process your personal data, please contact 
privacypolicy@datalou.com. 

Mailing address for other inquiries:  

Datalou, LLC  
Attn: Chief Privacy Officer 
2530 Meridian Parkway  
Durham, NC 27713