Dazzle Privacy Notice for Website and App
Last updated: June 24th, 2024
This Website Privacy and Cookie Notice ("Notice") explains the processing of your personal data by Dazzle AG, c/o Pfister Treuhand AG, Bankstrasse 4, 8610 Uster ("Dazzle" or “we”) as the data controller when using our app or visiting dazzleai.com, our social media pages and other Dazzle websites under the EU General Data Protection Regulation, including as applicable as amended into UK law (“GDPR”) and other applicable data protection laws.
1 Purposes of processing
1.1 Finding relevant journalists
We collect data on journalists in our database that our users have access to. This info is auto populated by our AI from various sources, such as the websites of the publications they work for, but also third-party partners such as Rocket Reach. The collected information includes journalists' name, profile picture, social media channels, email address, location, and links to their articles.
We provide this data to allow PR professionals to search for journalists for potential story assignments.
The legal basis for this processing of your personal data is our legitimate interest in matching potential journalists with PR professionals (Art. 6 (1) f) GDPR).
1.2 Providing our website
If you access our website some personal data is temporarily stored. The following data is sent in this context:
- Device and browser metadata – incl. your browser type and operating system, whether the access was successful and the amount of data transferred, page visited on our website, third-party-website from which you clicked on a link to our website.
- Identifiers – Unique identifiers or device IDs associated with the same device or account.
- Network and connections – Information such as time zone and IP address
- Cookie data – Data from cookies stored on your device, including cookie IDs and settings.
The temporary storage of this personal data is necessary to provide you with the website. The legal basis for this processing of your personal data is our legitimate interest in providing the website (Art. 6 (1) f) GDPR).
1.3 Providing our app
If you use our app, personal data is stored. The following data is collected in this context:
- Information and content you provide – We collect content, communication and other information you provide when you use our app, including when you sign up for the account, create, share or comment on media lists in Dazzle.
- Your usage – We collect information about how you use our app, such as which functionality or features you use, the actions you take, and the time, place and the frequency of such usage.
- Information about transactions made – If you have an active subscription, we collect information about the payments and the transactions. This includes payment information, such as your credit or debit card number and other card information, other account and authentication information; and billing, shipping and contact details.
The storage of this personal data is necessary to ensure the functional use of our app. The legal basis for this processing of your personal data is our legitimate interest in providing the website (Art. 6 (1) f) GDPR).
1.4 Log data
Further storage of this data takes place in log files, in order to ensure the functionality of our website and, if necessary, to check and enforce our rights or property, our terms of use and the rights of third parties. The log files are stored as long as necessary for the respective purpose, usually no longer than 14 days. The legal basis is our legitimate interest in providing the website securely (Art. 6 (1) f) GDPR).
1.5 Registration, communication and contact forms
We process personal data that you provide in the context of using certain content and functions on our website. For example, if you use the contact form, we use this personal data to respond to your queries, and/or provide the services and/or information that you have requested. The same applies to communication by other means, such as e-mail, messenger or telephone. The legal basis for this data processing is the performance of a contract (Art. 6 (1) b) GDPR).
1.6 Google Analytics
We use Google Analytics with your consent (Art. 6 (1) a GDPR) to better understand your interests and to continuously improve our website. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics allows us to analyse traffic and usage patterns of individual users (without further identifying them) or groups (which offers are used how often, how often do users return, how long do they stay, from which websites do users come, from which regions do they come, etc.). The cookies used for this purpose expire after 24 months at most.
1.7 Google Web Fonts
Our pages use so-called Google Fonts, i.e., fonts from the third-party provider Google. These web fonts can either be retrieved locally from our server or from the server of the respective third-party provider. In the latter case, personal data may be transferred to Google, in which case Google's Privacy Policy applies. The legal basis for this processing is our legitimate interest in providing the website effectively Art. 6 (1) f) GDPR.
1.8 Google Tag Manager
Google Tag Manager is a tag management system provided by Google that we use on our website. Google Tag Manager allows us to add code snippets, pixels or similar to our web pages. Google processes your personal data as an independent controller. You can find more information in Google's Privacy Policy. The legal basis is our legitimate interest in providing the website effectively (Art. 6 (1) f) GDPR).
1.9 Hotjar
We use the analytics tool provided by Hotjar inside of our application to better understand issues our users are having and improve the user experience. The legal basis is your consent (Art. 6 (1) a) GDPR).
1.10 Heap
Another analytics provider we use is Heap, which enables us to understand our customers’ journeys. This tool allows us to analyse traffic and usage patterns (which offers are used, how often, how often do users return, how long do they stay, from which websites do users come, from which regions do they come, etc.). The legal basis is your consent (Art. 6 (1) a) GDPR).
1.11 Intercom
We use Intercom as our customer relationship management tool for communicating with our users via in-app chat, email and other in-app communication tools. The legal basis is our legitimate interest in a better service quality (Art. 6 (1) f) GDPR).
1.12 Smartlook
We use the analytics tool provided by Smartlook (Cisco) on our website to better understand the performance of our website and improve it for better user experience. The legal basis is your consent (Art. 6 (1) a) GDPR).
1.13 Auth0
We use Auth0 to secure signup and login to our app. The Auth0 user profile information is stored in Auth0 when you use a database connection. If a user logs in using any other type of connection (including custom database connections), Auth0 stores information provided by the external identity provider for future queries. The legal basis is our legitimate interest in providing the app securely (Art. 6 (1) f) GDPR).
1.14 Social media
Our social media partners (Facebook, LinkedIn and X) provide us with statistics and analytics on the use of our social media offerings. These statistics do not contain any names or other information about individual users. With the help of these services, we can analyze and improve our social media activities.
We only use social media plugins on our website to measure performance of our campaigns (i.e., what percentage of traffic converts), and also to leverage their retargeting capabilities (e.g. through the Facebook pixel).
When using LinkedIn or Facebook social media plugins, we and LinkedIn/Meta act as so called "Joint Controllers" pursuant to Art. 26 GDPR. We have therefore concluded a separate Joint Controller Addendum delineating Facebook/LinkedIn’s and our responsibilities. For more information see Metas Privacy Policy and LinkedIn's Privacy Policy.
The legal basis is our legitimate interest in using these statistics (Art. 6 (1) f) GDPR).
1.14 Other purposes for which we process your personal data
Furthermore, we process your personal data:
- to fulfill contracts and in the context of existing or new business relationships. We will retain this personal data at least for the duration of our business relationship. The legal basis is the performance of a contract (Art. 6 (1) b) GDPR).
- to meet our legitimate interests (Art. 6 (1) f) GDPR), including the following:some text
- Enter into corporate transactions (e.g., restructuring, asset deals, mergers)
- Protect our rights or property, enforce our terms of use and legal notices, and provide for the establishment, exercise, and defense of legal claims
- to fulfill our legal obligations, court orders or other binding decisions (Art. 6 (1) c) GDPR).
- with your consent for other purposes (Art. 6 (1) a) GDPR), such as subscription to a newsletter; in this case, you have the option to revoke your consent at any time.
2 Recipients of personal data
In addition to the recipients of personal data mentioned above, we also use other companies to process personal data on our behalf, for example for hosting of our website or sending newsletters. Such processors only process the data on our behalf. For example, our hosting provider is Amazon Web Services.
Furthermore, we transmit personal data to third parties if this is required by law, necessary for the exercise and defense of legal claims or if third parties provide certain services for us (e.g., lawyers, tax advisors).
Dazzle is a company operating globally. Therefore, personal data of individuals who visit our website and/or who use our app or otherwise interact with us may be transferred and accessed from around the world, such as from countries where Dazzle operates. Dazzle will share your personal data within its own organization in accordance with its given purpose.
If we transfer your personal data outside of the European Economic Area (“EEA”) to a country which provides a different level of privacy and protection of data, Dazzle will make sure that it has arranged the same level of data protection as within the EEA. For this purpose Dazzle mainly uses Standard Contractual Clauses ("SCC") and in individual cases other appropriate guarantees. You can request a copy of the SCC or other contract ensuring the appropriate level of data protection by contacting [email protected]
3 Cookies
3.1 EU residents
If you are visiting our websites from a geolocation in the EU/EEA:
In addition to the processing purposes mentioned above, we also use cookies that are technically necessary to offer our website or if we are obliged to do so. The legal basis for the use of necessary cookies is § 25 (2) no. 2 TTDSG.
Cookies that are not technically necessary (e.g. for analytics purposes) are only processed with your consent. This concerns the following cookies:
- Marketing Cookies: These cookies are used to track advertising effectiveness to provide a more relevant service and deliver better ads to suit your interests.
- Functional Cookies: These cookies collect data to remember choices users make to improve and give a more personalized experience.
- Analytics Cookies: These cookies help us to understand how visitors interact with our website, discover errors and provide better overall analytics.
The legal basis for the data processing in connection with these cookies is § 25 (1) 1 TTDSG.
For more information about the cookies set on this website and how to revoke or give your consent, please visit here.
3.2 Non-EU residents
Outside of the of EU/EEA the following applies:
You can opt-out of the use of marketing, functional and analytics cookies at any time.
For more information about the cookies set on this website and to opt-out.
3.3 Storage period of cookies and browser setting
Unless otherwise stated in this privacy policy, cookies remain stored as long as necessary to fulfill the respective processing purposes. You can object to the storage of cookies by browser preferences and delete them manually in your browser settings. Please note, however, that some cookies may be mandatory for the use of our website or its individual functions.
4 Data Security
Dazzle observes a strict duty of confidentiality about your personal data. We have implemented technical and organizational measures intended to protect the personal data that we process. However, no environment or security protocols are ever guaranteed to be completely secure or error-free.
5 Privacy of Children
Our website and app are not designed for, or directed to children under the age of 16 and we do not knowingly collect personal data from children. If you have reason to believe that we have inadvertently collected personal data about a child, please contact us and we will take steps to delete this data.
6 Regular deletion of personal data
Unless a specific duration of data storage is specified in this Notice, we will only process your data as long as this is necessary for the respective purposes or as long as there are legal retention obligations. After the respective processing purpose ceases to apply and retention obligations end, your data will be routinely deleted.
Unless otherwise stated in this privacy notice, Cookies remain stored as long as necessary to fulfill the respective processing purposes. You can object to the storage of Cookies by browser preferences and delete them manually in your browser settings. Please note, however, that some Cookies may be mandatory for the use of our website or its individual functions.
7 Your rights
You can request access to the personal data stored by us. If you have provided personal data on the basis of a contract or consent, you have the right to receive this personal data in a standard and machine-readable format.
You can also request the deletion, correction or restriction of the processing of your personal data subject to the conditions and limitations subject to certain exceptions or limitations. You can revoke your consent at any time without affecting the lawfulness of processing based on your consent before its withdrawal.
In case of questions and in case of possible concerns about the data processing, you can also complain to a data protection authority.
You can object to the data processing on the basis of our legitimate interests at any time based on grounds relating to your particular situation.
8 Contact
The website and app are owned and managed by Dazzle. Dazzle is controller of personal data collected on the websites and in the app:
Dazzle AG
c/o Pfister Treuhand AG
Bankstrasse 4
8610 Uster
If you wish to exercise your rights or have any questions or concerns regarding the processing of your personal data, please send your request via e-mail to [email protected]
9 Additional information for US residents
You may have additional rights under US state privacy laws, including under the California Consumer Privacy Act of 2018 ("CCPA"), as amended by the California Privacy Rights Act of 2020. While these US state laws may not apply to us currently, we voluntarily still extend the same rights provided under GDPR to US residents.
If you are a California resident, you have rights under the California Consumer Privacy Act of 2018 ("CCPA") as amended by the California Privacy Rights Act of 2020 (“CPRA”). These rights also apply for residents of other US states that have passed similar state privacy laws, incl. Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah and Virginia.
This section both explains which personal data is collected directly from you (Notice at Collection) and comprehensively describes our online information practices together with information (Privacy Policy).
Notice at collection: We may collect and may have disclosed the following categories of personal information during the past twelve months for a business purpose:
- Identifiers, such as your real name, alias, unique personal identifier, online identifier, IP address, email address, account name, and other similar identifiers.
- Personal information categories listed in the California Customer Records provisions, including payment information, such as your credit card number.
- Commercial information, such as the record of Dazzle products or services purchased, obtained or considered.
- Internet or other electronic network activity information, such as session logs.
- Audio, electronic, visual, or similar information, such as voice recording, voice prints, keystrokes and photos.
- Professional or employment‑related information.
- Inferences drawn from any of the above information to create a profile reflecting your preferences, characteristics, behavior, abilities, and aptitudes.
None of this personal information will be sold or shared. The purposes and retention periods are set out above. We do not sell your personal information or share (in the sense of the CCPA) it for cross-contextual advertising. All information shared by us with third parties is deidentified or aggregated personal information.
Sources: We may collect the categories of personal information identified in the table above from the following categories of sources:
- Directly from you, esp. when you fill out a form
- Collected automatically, e.g. by data analytics providers
Recipients: We may disclose each of these categories of personal information to:
- Group entities
- contractors and service providers, incl. business partners and advisors
- other third parties, incl. government entities and law enforcement
However, we have not sold or shared, as defined in the CCPA, any personal information in the last twelve months.
Sensitive personal information: We may collect additional sensitive personal information as defined by the CCPA: your account log‑in, password, credentials allowing access to an account, financial account, debit and credit card numbers, and contents of your email and/or text messages and precise geolocation data. However, we only use these sensitive personal information to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services and other legitimate purposes set out by 11 Cal. Code of Regulation § 7027(m).
Your Rights and Choices: If you are a California resident, you have (1) the right to know what personal information we have collected about you, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about you; (2) the right to delete personal information that we have collected from the consumer, subject to certain exceptions; (3) the right to correct inaccurate personal information that we maintain about you; (4) the right not to receive discriminatory treatment by us for the exercise of privacy rights conferred by the CCPA, including an employee’s, applicant’s, or independent contractor’s right not to be retaliated against for the exercise of their CCPA rights.
These rights also apply for residents of other US states that have passed similar state privacy laws.
If you would like an authorized agent to submit a CCPA request on your behalf, please have the authorized agent send an email containing your name, email address, and type of request to [email protected] In situations where we receive a request from an authorized agent on your behalf, we may (a) require signed proof that the agent is, in fact, authorized to act on your behalf; and (b) take additional steps to verify your identity.
To exercise your rights under the CCPA and similar US state privacy laws, please send us your request via email to [email protected] All requests are subject to verification of your identity. We may require at least two (2) pieces of identifying information that match information maintained by us. In some cases, we may require additional identifying information and a signed declaration attesting to your identity.
10 Additional information for US residents
Canadian residents can also exercise their rights under the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), especially the right to access their personal data under Principle 9 of the PIPEDA, by contacting [email protected].