Privacy Policy

1. Introduction

Our privacy policy will help you understand what personal data and information we collect at Baily Labs, how Baily Labs uses it, and what choices you have. When we talk about "Baily Labs," "we," "our," or "us" in this policy, we are referring to ACN Digital Holdings Ltd, the company that provides the Services, with registered address at 20 Harcourt Street, Dublin 2, D02H364, Ireland.

When we talk about the "Services" in this policy, we are referring to our online tools, platform and other consulting services. Our Services are currently available over the web, for use via a web browser or applications specific to your desktop or mobile device.

Please read this Privacy Policy carefully before accessing or using our services. If you do not wish that we process your personal data in the manner detailed in this Privacy Policy, please do not submit any personal data to us, browse our website or request any of our services.

If you are in the European Union, you may have data protection rights under the General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR") as implemented into national law and as each may be amended, extended or re-enacted from time to time (collectively "Data Protection Legislation"). Where the GDPR applies to the personal data we receive about you, you will enjoy full rights under the GDPR as a 'data subject'. Please note that 'personal data' does not include data where the identity has been removed (i.e. anonymous data).

2. Identifying the Data Controller and Processor

Data Protection Legislation differentiates between the controller and the processor of personal data.

2.1

Baily Labs is the controller of personal data and information as outlined in this Privacy Policy.

2.2

Baily Labs may also process personal data and information as a processor, and where Baily Labs collects or processes such data and information, it does so for and on behalf of a controller.

3. Personal Data and Information We Collect and Receive

The personal data and information we collect and process varies depending on how you use our Services. Typically we collect and process the following types:

3.1 User Data

If you join an organisation and create a user account with us, you are a "user." Information relating to the user includes first and last name, and contact details. You may be a user invited by a Customer — that Customer determines its own policies regarding storage, access, modification, deletion, sharing, and retention of personal data.

3.2 Customer Data

Content and information submitted by users to the Services, including business name and business phone number.

3.3 Transaction Data

We or third party payment companies may collect and store billing address and credit card information.

3.4 Technical Data

When you use the Services, our servers automatically record information including your Internet Protocol address, browser type and settings, date and time of use, browser configuration, language preferences, and cookie data. Precise GPS location from mobile devices is collected only with your permission.

3.5 Usage Data

We may collect information about the device you use, including device type, operating system, device settings, application IDs, unique device identifiers, and crash data. We do not receive or store your passwords for any third party services.

3.6 Interactions Data

Information about how you access and use the Services, including administrative and support communications and information about features, content, and links you interact with.

3.7 Marketing and Communications Data

We may receive information from affiliates, partners, or others that we use to improve our information. We collect, use and share aggregated data for various purposes. We do not carry out any automatic decision making or profiling, and do not collect special categories of personal data.

4. How We Collect Information

4.1.1 Direct interactions

You may provide personal data when contacting us through our website, registering as a user, purchasing services, attending events, or corresponding with us by post, phone, or email.

4.1.2 Automated technologies

As you interact with our website, we collect Technical Data and Usage Data using cookies and similar technologies. Please see our Cookie Policy.

4.1.3 Third party sources

We may receive technical data from analytics providers such as Google Analytics and from advertising partners. We also receive data from affiliates and partners to improve our information.

5. How We Use Your Personal Data and Information

5.1 Performance of a contract

We process User Data and Customer Data where necessary for the performance of our Services contract, including provision of services, processing orders, registering users, setting up accounts, and dealing with queries and disputes.

5.2 Process and manage orders

We process User Data, Customer Data and Transaction Data to perform contracts, manage payments, and collect amounts owed.

5.3 Managing our relationship

We process Customer Data to manage and improve our relationship with you, including arranging events, providing service information, and notifying you of changes to our terms or privacy policy.

5.4 Administering and protecting our business

We process Technical Data, Usage Data and Interaction Data to administer and protect our business and website, including troubleshooting, data analysis, testing, and system maintenance.

5.5 Evaluate and improve our services

We process Technical Data, Usage Data, Interaction Data and Marketing and Communications Data to understand and improve our Services and evaluate our marketing strategy.

5.6 Technical support

We process Transaction Data, Usage Data, Technical Data and Interactions Data to prevent or address service, security or technical issues.

5.7 Suggestions and recommendations

We process Customer Data and Marketing and Communications Data to make suggestions about our Services, including sending emails about new features or news.

5.8 Investigating and preventing fraud

We process Transaction Data, Usage Data, Technical Data and Interaction Data to keep the Services secure and to prevent abuse and fraud.

6. Your Choices

6.1 Direct marketing

We may use your personal data to form a view on what may be of interest to you. You may receive marketing communications from us if you have requested information or purchased Services, unless you have unsubscribed.

6.2 Third-party marketing

We will obtain your express opt-in before sharing your personal data with any third party for marketing purposes.

6.3 Opting out

You can ask us to stop sending marketing messages at any time by unsubscribing from our emails or by contacting us via the main website. You may still receive service-related and administrative emails.

6.4 Customer Data

Customers have choices concerning Customer Data, including provisioning access, enabling or disabling integrations, managing permissions and retention settings, and transferring or assigning accounts.

7. Sharing and Disclosure

Except as set out in this Privacy Policy, we do not disclose personal data to any third party. We may share information with the following parties:

7.1 Internal third parties

Affiliates in our corporate group, including parent companies, subsidiary companies, and related entities.

7.2 External service providers

Companies that provide products or services to us, including professional advisers, IT systems suppliers, data storage solutions, analytics companies, and website hosting providers.

7.3 Public and government authorities

Entities that regulate or have jurisdiction over us. We will disclose personal data where required by law, court order, or regulatory authority, or to protect the rights, property or safety of Baily Labs, Customers, users or others.

7.4 Prospective buyers or sellers

During changes to our business structure, including mergers, acquisitions, bankruptcy, dissolution, reorganisation, or sale of assets.

7.5 Third party integrations

Baily Labs may, on a Customer's behalf, share Customer Data with the provider of an integration added by that Customer. Baily Labs is not responsible for how such providers may collect, use, or share Customer Data.

8. Sharing Your Personal Data in Other Countries

Your personal data may be transferred, stored and accessed within the European Economic Area (EEA) or transferred to countries outside the EEA. For such transfers, we ensure a similar degree of protection through one of the following safeguards:

8.1 Adequate level of protection

Where the European Commission has deemed the country to provide an adequate level of protection for personal data.

8.2 Specific contracts

We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

8.3 EU-US Data Privacy Framework

Where service providers are based in the United States, we may transfer data to them if they are certified under the EU-US Data Privacy Framework, following the European Commission's adequacy decision of July 2023.

9. Security

We are committed to keeping your email address confidential. We do not sell, rent, or lease our subscription lists to third parties, and will not disclose your email address to any third parties except as allowed under the Sharing and Disclosure section.

We take appropriate organisational and technical measures to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. These steps take into account the sensitivity of the information and the current state of technology.

You recognise that no entity can keep personal data 100% secure. If you have reason to believe that any of your personal data is no longer secure, please notify us immediately using the contact information below.

10. The Length of Time We Retain Your Personal Data

We retain your personal data for as long as is required to provide the Services requested by you. It is sometimes necessary to keep your personal data for longer periods, for example where there are statutory reasons to retain it, legal or accounting requirements, or a legitimate business need.

Where we act as processor under written instructions of a controller, we will process your personal data in accordance with those instructions, unless otherwise determined by applicable legislation.

11. Your Legal Rights

Under certain circumstances, by law you may have the right to:

11.1 Request access to your personal data

This enables you to receive a copy of your personal data and to check that we are lawfully processing it.

11.2 Request correction of personal data

This enables you to have any incomplete or inaccurate personal data we hold about you corrected.

11.3 Request erasure of personal data

This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. When you submit an erasure request, we permanently remove all personal identifiers from your record. Non-identifying business data may be retained in anonymised form that cannot be linked back to you, in compliance with GDPR Recital 26.

11.4 Object to processing

You may have the right to object to processing of your personal data where we are relying on a legitimate interest, or where we are processing for direct marketing purposes.

11.5 Request restriction of processing

This enables you to ask us to suspend the processing of your personal data in certain scenarios, including where you want to establish the data's accuracy or where our use of the data is unlawful.

11.6 Request the transfer of your personal data

This enables you to ask us to provide your personal data in a structured, commonly used, machine-readable format, where applicable.

11.7 Right to withdraw consent

Where you have provided consent to the processing of your personal data for a specific purpose, you have the right to withdraw that consent at any time by contacting us in writing using the details in the Contacting Baily Labs section below.

12. Exercising Your Rights

You may exercise your legal rights through your Services account settings, or by contacting us in writing using the contact details below. You will not have to pay a fee to access your personal data, though we may charge a reasonable fee if your request is clearly unfounded or excessive.

Self-service data requests

You may submit data export or erasure requests directly through our website. You will receive a 6-digit code via email to verify your identity. Data export requests will result in a copy of your personal data being emailed to you. Erasure requests will result in permanent removal of your personal identifiers. Verified requests are processed automatically and immediately.

13. Contacting the Data Protection Supervisory Authority

You may have the right to make a complaint to the relevant data protection supervisory authority. We would appreciate the opportunity to address any concerns first — please contact us in the first instance using the details below.

14. Age Restriction

All services provided by Baily Labs are only available to persons over the age of 18 years. Please do not submit any personal data or request any Services if you are under the age of 18.

15. Third Party Websites

This Privacy Policy does not address, and we are not responsible for, the terms of use, privacy, content or other practices of any third party website, including any third party website to which a link is provided on our website.

16. Third-Party Services

16.1 Organisation logo display

When your organisation's logo is displayed on our platform, these logos are sourced from our own internal database and storage. Organisation logos are only displayed with the explicit approval of an authorised representative of the organisation. No third-party logo enrichment or lookup services are used.

17. Changes to This Privacy Policy

Where a change is made to this Privacy Policy, it will be set out on our website. If we plan to use your personal data in a way inconsistent with this Privacy Policy, we will inform you by email in advance.

18. Contacting Baily Labs

Please contact us if you have any questions about this Privacy Policy.