Privacy Notice
Effective Date: October 2023
The NielsenIQ group of companies (together, “NielsenIQ”, “we”, or “us”) cares about your privacy and is committed to handling your data in an open and transparent manner. This Privacy Notice explains how we will use, share, and protect the data that we collect or otherwise obtain about you when you use NielsenIQ Connect, NielsenIQ Discover, NielsenIQ Answers, NielsenIQ Insight Studio, NielsenIQ Activate and any other services that display this Privacy Notice, including software applications made available by us for use on or through computers and mobile devices (collectively referred to as the “Services”). To learn more about the NielsenIQ group of companies, one or more of which may process your data in connection with your use of the Services, please click here.
Please note that this Privacy Notice applies only to data collected by us in connection with your use of and/or interaction with the Services and through our performance of any activities that form part of the operation and delivery of the Services. This Privacy Notice does not apply to data collected directly by other parties for their own purposes. Additionally, this Privacy Notice does not apply to your use of any other websites, applications, or online services administered or provided by any entity within the NielsenIQ group of companies. Other websites, applications, and online services, including those provided by entities within the NielsenIQ group of companies and those that may be accessible via the Services, are governed by their own privacy notices. We encourage you to review the privacy notices applicable to those websites, applications, and online services before disclosing any personal data.
If you have any questions about this Privacy Notice or your data, please refer to the “Contact us” section below for our contact information.
Collection of your data
We may collect or otherwise obtain data relating to you, your device, and your use of the Services from a variety of sources. The data that we collect or obtain may include personal data – data that alone or in combination with other data identifies you as an individual, such as your name, email address, mobile phone number, and other data that can be reasonably linked to you as an individual. Additional details about the data that we may collect or otherwise obtain and our data sources can be found below.
- Data collected from you and your employer
In order to arrange your access to the Services and create your user account, your employer has provided us with certain data relating to you, including your name, company name, professional title, and company email address.
In order to access the Services, you will be required to enter your NielsenIQ-assigned username and self-created password (after resetting your NielsenIQ-assigned password).
In order to facilitate Multifactor Authentication on certain Services, we may also collect your mobile phone number.
Additionally, when you use and interact with the Services, we may obtain data about you that you provide to us, enable us to collect through your use of and/or interaction with the Services, or voluntarily post or upload while using the Services, such as your usage data, IP geolocation, messages/comments, photos, videos, or recordings.
We do not seek data that may be considered “special” or “sensitive” personal data (e.g., data relating to an individual’s racial or ethnic origin, political opinions, religious or other similar beliefs, health or medical conditions, criminal background, or trade union membership). We ask that users of the Services not share any sensitive personal data with us or post or upload such data to the Services. If you voluntarily provide sensitive personal data for any reason or we are required to collect such data as a result of legal requirements imposed on us, we will, where necessary, obtain your explicit consent and use such data in accordance with this Privacy Notice and applicable law.
- California Residents
This section explains how we collect, use, and disclose personal data about California residents.
The table below summarizes the categories of personal data that we may collect or obtain from or about you together with the source(s) of the information. Note that the categories and sources in the table represent the categories and sources of personal information that we have collected within the last twelve (12) months.
Category | Examples | Source |
Identifiers | First and last name, alias, home postal address, professional title, online identifiers (such as a cookie ID or mobile device ID), internet protocol (or IP) address, email address, phone number, account name to login to our Services. | Directly from you or your employer Indirectly from you, such as when you use and/or interact with our Services. |
Internet or Other Similar Network Activity Information | When you use and/or interact with our Services, we collect certain information, including: (i) standard technical information from and about your device (e.g., your device ID, device manufacturer and model, operating system, and version, IP address); and (ii) log and usage information (e.g., our webpages that you visit, the dates and timestamps associated with your visits and certain transactions. | Indirectly from you (i.e., passively when you visit and/or interact with our Services. |
Analytics | Information related to your user session and individual use of the Services (most common page visited, clicks, interactions, page navigation, feature usage, session duration, pages visited, interactions, resource s loaded, errors). | Indirectly from you (i.e., passively when you visit and/or interact with our Services. |
Geolocation Data | Your IP address is used to determine the country from which you are connecting. | Indirectly from you (i.e., passively when you visit and/or interact with our Services. |
- Data collected in connection with your use of the Services
As is true of most websites, we will gather certain data automatically, including log usage data (e.g., when you view or click on content) and data from your device and network, including your Internet Protocol (IP) address, browser operating system and version, device identifier, access dates and times, and referring website addresses, when you visit and browse a website that displays this Privacy Notice. We also use cookies (small data files placed on your device for recordkeeping and other purposes) and/or similar technologies to enable certain features and functionality and collect additional data that helps us improve and better deliver the Services to you. For more detailed information about our use of cookies and similar technologies and how to manage them, please review our Cookie Policy.
Use of your data
We will use your data for the purpose(s) for which it was collected or provided to us (as stated above in the “Collection of your data” section or at the point of collection) or as otherwise obvious from the context of collection.
We may also use your data in order to:
- operate and manage the Services and customize or personalize your user experience and the content that we deliver to you when you use the Services;
- operate and manage our IT and security systems, including to monitor such systems and identify and respond to security events;
- monitor your individual use of the Services, analyze how you interact with the Services (most common page visited, clicks, interactions, page navigation, feature usage), and retrieve all of the information related to your user session (session duration, pages visited, interactions, resources loaded, errors)
- communicate with you about the Services, respond to your inquiries and requests, and/or update or validate the data that we hold about you;
- contact you with information about our business, services, and events as well as other information that may be of interest to you (subject always to obtaining your prior opt-in consent to the extent required under applicable law);
- conduct research for quality assurance and product, service, and development purposes;
- facilitate our day-to-day operations and financial management as well as any corporate transactions (e.g., a reorganization, merger, sale, joint venture, assignment, transfer, etc.);
- prevent, investigate, take action regarding, or provide notice of fraud; unlawful/criminal activity and other misconduct; security/technical issues; or unauthorized access to/use of personal data, the Services, or our data systems;
- protect the rights, property, operations, health, or safety of you, us, or others;
- enforce our agreements; comply with applicable laws and regulations; and establish, exercise, and/or defend our legal rights; and
- respond to subpoenas, court orders, or other legal process/requests and communications from law enforcement authorities or other government officials.
We will never use your personal data to advertise, promote, or market third-party goods or services to you. Additionally, we will not license, publish, or sell any personal data collected from or about you.
Legal basis for processing your personal data
Applicable law in your country of residence may require us to set out in this Privacy Notice the legal basis upon which we rely in order to process your personal data.
If you are based in the European Union (“EU”)/European Economic Area (“EEA”) or the United Kingdom (“UK”), we will process your personal data for the purposes outlined in this Privacy Notice based on one or more of the legal bases listed below.
- Legitimate interests: We may rely on our legitimate interests, provided that such interests shall not be overridden by your interests, fundamental rights, or freedoms. In particular, among other things, we may process your personal data in reliance on a legitimate interest in: (i) effectively and lawfully operating the Services as well as the operation of our business and day-to-day affairs; (ii) communicating relevant information to you; (iii) conducting research and producing analyses; (iv) effectively delivering, developing, and improving our products and services; (v) managing, maintaining, and operating our IT and security systems; (vi) adequately protecting, defending, and safeguarding our networks; (vii) evaluating business and other corporate transactions; (viii) managing and enhancing protection against fraud, spam, harassment, intellectual property infringement, and risks to which we are exposed (e.g., crime and security risks); (ix) complying with laws and regulations to which we are subject, including, where applicable, laws and regulations of countries other than your country of residence; and (x) meeting our obligations and enforcing our legal rights.
- Consent: We may process your personal data based on your prior consent. We will only rely on this legal basis in relation to processing that is entirely voluntary (i.e., not necessary or obligatory).
- Compliance with legal obligations: We may process your personal data if necessary for us to comply with a legal obligation arising under applicable law to which we are subject.
To the extent that we process any “special” or “sensitive” personal data relating to you, we will do so because either: (i) you have given us your explicit consent to carry out such processing; (ii) the processing is necessary for the establishment, exercise, or defense of legal claims; or (iii) you have made the data manifestly public.
If you have any questions or concerns about the legal basis upon which we collect and use your personal data, please email us at connect.privacy@smb.nielseniq.com.
Disclosures and transfers of your data
In connection with one or more of the purposes outlined above in the “Use of your data” section, your data may be disclosed to different entities within the NIQ group of companies as well as:
- third-party service providers, including providers of the following services (among others): system hosting, management, or support; data analysis/processing; data backup; data security and storage; and product development (subject to binding contractual obligations of confidentiality and security);
- relevant third parties as part of a corporate transaction, such as a reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceeding);
- competent governmental and public authorities, in each case to comply with legal or regulatory obligations or requests or for the purposes of reporting any actual or suspected breach of applicable law; and
- other third parties as we believe necessary (e.g., in order to protect the health, safety, rights, or property of you, us, or others) or appropriate for legal purposes (e.g., in connection with claims, disputes, or litigation or in order to enforce our legal rights).
Additionally, upon request, we will provide your employer with reports detailing how you and other employees at your company use the Services. These reports may include data relating specifically to you (i.e., your name, company email address, and details about your use of the Services, such as, among other things, a history of your access times, duration of your visits, pages viewed, and information downloaded).
All of the disclosures described above may result in the transfer of your personal data to countries or regions with data protection laws that differ from those in your country of residence. By providing us with your personal data and/or using the Services, you are acknowledging that your personal data may be transferred to countries outside of your country of residence. In cases where your personal data is transferred outside of your country of residence, we will ensure that there are adequate safeguards in place to protect your personal data.
Additional information for EU/EEA/UK residents
If you are based in the EU/EEA/UK and your personal data will be transferred to a country that has not been recognized by the UK/European Commission as providing an adequate level of data protection, the safeguards put in place might include a data transfer agreement with the data recipient based on standard contractual clauses approved by the UK/European Commission for transfers of personal data to countries not providing an adequate level of data protection. Alternatively, in certain circumstances, your personal data may be transferred on the basis of a specific derogation or exemption recognized under applicable data protection law. For further details relating to the transfers described above and the safeguards used with respect to such transfers, please email us at connect.privacy@smb.nielseniq.com.
Minors
We understand the importance of protecting the privacy of minors, especially in the online environment. The Services are not designed for or intentionally targeted at minors, and we do not intend to collect or maintain personal data about anyone under the age of 18. If we become aware that we have collected personal data relating to a minor, we will take reasonable steps to delete it.
Data security
We have in place reasonable organizational, technical, and administrative measures that are designed to protect your data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction while it is under our control. However, please be aware that the storage and transfer of personal data cannot always be completely secure.
Data retention
We will retain your data in a form that permits identification only as long as necessary for the fulfillment of the purposes set out in this Privacy Notice or while you maintain an active account with our Services, unless a longer retention period is required under applicable law or is necessary in order to resolve disputes, protect our legal rights, or otherwise comply with our legal or professional obligations.
Your choices and legal rights
You have choices about how your personal data is handled, and we are committed to providing you with reasonable access to your personal data and the ability to review and limit the use of such data in accordance with applicable law.
Depending on your country of residence, under applicable law you may have the right to:
- request confirmation as to whether or not we are processing any of your personal data;
- request access to or copies of your personal data;
- request that we update or correct your personal data (e.g., if it is inaccurate or incomplete);
- propose restrictions on the ways in which we use your personal data (e.g., if we have no legal right to keep using it) or limit our use of your personal data (e.g., if your personal data is inaccurate or unlawfully held);
- object to our processing of your personal data;
- withdraw the consent that you have given us to process your personal data (where we process your personal data on the basis of your consent and subject to certain limitations at law);
- request that your personal data be transferred to another organization in a structured, commonly used, and machine-readable format (to the extent applicable);
- request that we delete your personal data; and
- lodge a complaint with the data protection or privacy authority in your country of residence regarding our processing of your personal data.
If you are interested in exercising one or more of the rights described above, please contact us at connect.privacy@smb.nielseniq.com. Because we want to avoid taking action regarding your personal data at the direction of someone other than you, please note that we may request information verifying your identity before we can give effect to these rights.
Additional information for EU/EEA/UK residents
If you have any questions or concerns about our handling of your personal data, you can contact our Data Protection Officer at nielseniq@hewardmills.com.
As noted above, if you are unsatisfied with the way in which we have handled your personal data or any privacy query or request that you have raised to us, you also have a right to complain to the Data Protection Authority (“DPA”) in your country of residence or the country in which the issue that is the subject of your complaint occurred. To find the contact details of the appropriate DPA, please visit https://edpb.europa.eu/about-edpb/board/members_en.
Updates to this Privacy Notice
We may update and make changes to this Privacy Notice from time to time in light of changing business practices, technology, and/or legal requirements. When we make changes to this Privacy Notice, we will amend the “Effective Date” at the top of this page and such modified or amended version of this Privacy Notice shall be effective as to you and your data as of that revision date.
The most current version of this Privacy Notice will always be available here. We encourage you to review this Privacy Notice periodically to be informed about how we use and protect your data.
Contact Us
If you have any questions, comments, or concerns about this Privacy Notice or our data handling practices, please email us at connect.privacy@smb.nielseniq.com or write us at one of the addresses below.
If you reside in the EU/EEA/UK, please write us at:
NielsenIQ
NielsenIQ House
Oxford Business Park South
John Smith Drive
Oxford OX4 2WB UK
Attn. Legal Privacy
If you reside in any country outside of the EU/EEA/UK, please write us at:
NielsenIQ
200 W Jackson Blvd Ste 2700
Chicago, IL USA
Attn. Legal Privacy