Last updated: March 01, 2024
Recotap, Inc. and its subsidiaries and affiliates (“we” “our” or “us”) is a software technology company that offers intelligent, data-driven marketing & advertising and services and solutions to B2B companies to accelerate their business growth (“Services”).
The Recotap Privacy policy page describes the types of data we collect and explains how, why, and when we collect this data in order to provide our Services to our Customers. References to “Customer(s)” or “User(s)” or “You” in this policy refers to any business, brand, marketer, and/or advertiser who uses Recotap's Services. Similarly, References to “End-user(s)” as used in this policy means any natural person who is contacted or targeted by Recotap's Services on behalf of the Customer.
This Service Privacy policy also identifies what rights the End-user(s) have concerning the collection of this data, such as the right to opt-out of interest-based advertising (also commonly referred to as targeted or personalized advertising). If you have additional questions, you can write to privacy@recotap.com
Recotap's platform provides customers with the ability to acquire the required data packs to execute effective marketing campaigns. The platform enables customers to identify new Target Accounts, Key Contacts within those Accounts, and Accounts that exhibit Purchase Signals/Intent.
Such data is offered in a combination of partnerships Recotap has entered with data service providers and the data that Recotap collects through its own efforts using proprietary technology.
In situations where data partnerships are involved, Recotap has obtained a valid license from the data partner for the data, and the data partners have granted a non-exclusive, non-transferable, and revocable right to Recotap to sell, Market, and promote the said data.
We aggregate personal information such as name, email address, telephone number from a variety of publicly available and other sources, including:
We do not intentionally collect sensitive personal information like health, biometric data, or sexual orientation from third parties.
When an individual's Business Contact Information is first added to the data partner Directories, the data partner sends such individuals an email to notify them that their information has been added to the data Directory, with the overview of the data partner’s Services, the types of information included and maintained in the Directory, how their data is used and how it may be used by third parties to contact them.
Individuals may opt out of the Directory by following instructions included in the notification email.
Upon subscribing to the platform, users are granted access to the data service with predefined data extraction limit that varies according to the subscription tier chosen by them. Data extracted from Recotap shall be solely for internal business purposes and is subject to the prohibitions and restrictions set forth in this policy with strict adherence to the general data privacy guidelines such as GDPR.
Customers shall not use the Service or Contact Data to:
The following practices are not permitted from our service and would be considered a violation of our policy.
If you know or suspect anyone violating these policies, please notify us at privacy@recotap.com. Recotap will determine compliance of this policy at its sole discretion.
You may request and receive Contact Data regarding data subjects who reside in the European Economic Area, Switzerland, or the United Kingdom (“European Data Subjects”) (such as their name, job title, or contact information), which we refer to below as European Contact Data.” If you do so, you agree that you will use the Contact Data only in the following situations, in addition to complying with other consent or permission requirements set out in this Section:
(i) in order to perform reasonable and actual data validation or hygiene or updating of your own legally obtained customer database. For instance (simply to illustrate), if you possess a data file that reads [Jane Doe | Acme Computers | janedoe@Acme.com] you may use our Contact Data to update that file to read [Jane Doe | Acme Computers Limited | janedoe@AcmeLimited.com].
(ii) pursuant to explicit consent from the data subject of the Contact Data, sufficient to comply with the consent requirements of GDPR.
(iii) for other purposes you have established are necessary to pursue your legitimate interests in the context of business-to-business relationships and in compliance with the GDPR and all other legal requirements. For instance, if you use the Contact Data to contact actual or prospective business partners, you may need to obtain consent for “prospecting” by means of a telephone, fax machine or email.
When you receive or extract European Contact Data, you understand and agree that you are the data controller, and we are your data processor, as those terms are used under the GDPR. You will obtain from each data subject (e.g., the persons in your customer database) all required consents (or establish another basis for processing the Contact Data, if applicable), make available all required data subject rights, and otherwise comply with all provisions of the GDPR and other European data protection rules applicable to data controllers.
You also agree that you will not provide any Submitted Data to us regarding any European Data Subjects unless you have obtained legally sufficient consent to do so from the data subject of that Submitted Data.
To the extent that Recotap processes any Customer Personal Data (as defined in the Recotap Data Processing Agreement) that is subject to the European General Data Protection Regulation (GDPR) or other applicable European data protection rules, on Customer's behalf, in the provision of the services hereunder, the terms of the Recotap Data Processing Agreement, which are hereby incorporated by reference, shall apply. For customers that are located in the European Union, the United Kingdom, Switzerland, or the European Economic Area, the Standard Contractual Clauses adopted by the European Commission, attached to the Data Processing Agreement, with Recotap, which provide adequate safeguards with respect to the personal data processed by us under this Agreement and pursuant to the provisions of our Data Processing Agreement apply.
In some countries or jurisdictions, additional consents, notices, and permissions are required for certain types of marketing or processing of personal information. Customer understands that, while Recotap seeks to comply with its own legal obligations, Recotap has not obtained any rights or consents on Client's behalf: therefore, to the extent that any law or regulation may require that Customer (in addition to Recotap) provide notice or obtain consent in order to market to any person or process any person's personal data, Customer agrees that Customer shall obtain on Client's own behalf such notices or consents.
Certain customers furnish their customer relationship data, including but not limited to names, email addresses, and company addresses, in the following ways, to enable us to process such data on their behalf as an integral component of our Services.
The data obtained from customers undergoes an enrichment procedure to render it utilizable. This involves enhancing said data with the most up-to-date information within our possession. We also augment this data with targeting information relevant for digital advertising purposes.
We utilize our Customer's CRM Data exclusively as a processor, with the sole purpose of aiding that specific Customer in their advertising endeavors and performance reporting. Recotap operates as a processor for all data received from first-party sources such as CRM, CSV, and websites. It is the responsibility of the Customer to ensure user consent before transmitting data to Recotap.
To uphold data isolation, each customer's data is stored in separate, unconnected databases. We do not share data belonging to one Customer with another Customer.
Our customers retain control over the information they choose to share with us for processing. They bear the responsibility for ensuring compliance with any regulations or laws that necessitate providing prior notice, disclosure, and/or obtaining consent before transferring Personal Data to Recotap for processing purposes.
Recotap has established partnerships with various data providers to enhance our services. These partnerships encompass Identity resolution, data enrichment, Buying intent, and Audience building. In each case involving these providers, Recotap maintains valid agreements and obtains their explicit consent to utilize their services.
When customers sign up for Recotap and activate the tracking service, we may, with the explicit consent of end-users, collect information from their devices or browsers while they use or visit the customer's website. We gather this information to offer a more personalized experience.
Recotap assigns a unique identifier to visitors when they access a Customer's Digital Property, enabling us to understand their online journey.
In order to deliver our Services effectively, Recotap employs various technologies, including session identifiers, web beacons, cookies, JavaScript tags, and other tracking mechanisms. Cookies, for instance, are small data files served by our platform and stored on the visitor’s device.
These technologies enhance the End User experience within our Solution, and as a result, may be deployed by Recotap throughout various parts of our Solution. While most Internet browsers are typically set to accept cookies by default, End Users have the ability to reject cookies, which may still allow them to use our Solution but might disable or limit access to certain features and tools. We may also utilize cookies to monitor and track End User usage of the Solution for marketing and quality improvement purposes.
We may use JavaScript tags to initiate a sequence of events, including the viewing or setting of first-party cookies, to aid us in customizing and optimizing Recotap Solution for End Users.
Additionally, our Advertising Partners may also employ cookies for the purposes detailed in our "What Data We Collect" section. The specific type of cookies utilized can vary depending on the respective Advertising Partner.
This comprises technical details pertaining to the devices that end-users utilize to access Customers' Digital Property. These details include browser specifics (e.g., Chrome, Firefox, Safari, etc.), operating system information, Internet service provider, computer type, domain server, language settings, as well as referring and exit pages and URLs, IP address associated with the end-user device.
In the case of mobile devices, particulars about the device type. It also includes the mobile device's distinctive advertising identifier, such as the Apple IDFA or Android Advertising ID, as well as any other unique identifier that may be assigned to the mobile device, such as an Android ID or UDID for older Apple phone models, or an alternative non-cookie unique identifier employed by Non-Cookie Technologies.
We may collect non-precise geographical data obtained from the device's IP address. This data does not disclose the exact coordinates of end-users but provides information at a broader level, including the country, state, city, and zip/postal code. This information assists us in presenting ads that are pertinent to the general location.
We gather data concerning end-users' browsing activity on a Customer's website or application. This includes information such as the specific pages visited, timestamps of these visits, interactions with items on a page (clicks), time durations spent on pages, downloads of assets, and details regarding the site or advertisement that led them to the Customer's website. It also encompasses data on the date and time of access, the duration spent on specific pages, the sections or features of the website visited or used, the number of links clicked while on the website, search terms employed, and usage information, including authentication and analytics.
We collect data regarding the online ads that we have either successfully served or attempted to serve to target accounts. This includes information such as the frequency of ad impressions, the specific webpage where the ad appeared, and whether end-users clicked on or engaged with the ad in any way
In respect of website visitors with IP addresses not from a European Territory, Recotap and some of its Advertising Partners may use technologies other than cookie technology to recognize your computer, device, or browser for the purposes of interest-based advertising, analyzing engagement with ads or content, measuring the effectiveness of a particular ad campaign or marketing effort, to monitor against fraud or misuse of our Services, or in other ways described. This use of non-cookie technology may be used in addition to cookies, or separately, to collect and record data about your web browsing activities on browsers, search engines, or other platforms that may not utilize Recotap Technology.Data We Collect From Third-Party Sources
This data includes information about how well our Customers’ ads and campaigns have performed on advertising platforms.
This is data that allows us to match the Recotap cookie identifier with identifiers that may already be used by other companies in the digital advertising ecosystem that we work with (“Advertising Partners”). For example, we work with ad exchanges, publishers, and supply-side platforms (i.e. companies that sell advertising space on publishers’ websites) in order to serve ads. Matching cookie identifiers helps us deliver ads to end-users and recognize them across browsers and devices and may include pseudonymous advertising identifiers (meaning identifiers that help identify your browser or device, but not you directly) which some Advertising Partners choose to share with us.
We may collect additional information about end-users from our audience partners who create and provide us with segments that we use for our Customers (“Audience Partner”). A segment is a grouping of users who share one or more attributes (e.g. demographic or firmographic attributes). We use this data to better understand the Customers’ target audience and to better market the Customers’ products and services. We also may work with our Customers and Audience Partners to synchronize their unique, pseudonymous identifiers to our own to enable us to more accurately recognize a particular unique browser or device and the advertising interests associated with it (commonly known as “ID or User Syncing”).
We employ a comprehensive range of security technologies and protocols to protect Personal Data. It is stored on secure servers in a controlled environment to prevent unauthorized access, use, or disclosure. We enforce robust physical, technical, and organizational safeguards to ensure data protection.
Our security practices include technical, administrative, and organizational measures to prevent data destruction, loss, alteration, unauthorized disclosure, or access, especially during data transmission over networks and in defense against other unlawful data processing.
As part of our service provision, we may disclose personal data to the following third parties in accordance with our Privacy Policy.
We may share Personal Information with third-party contractors, partners, vendors, and providers who assist us, or our customers, in conducting various business functions. These functions encompass hosting or enriching data, technology and security support, communications, advertising, billing, collections, technical support, customer support, and operational assistance. These companies provide essential services to support our business operations.
We share hashed email addresses or other pseudonymous online identifiers with our Audience Partners in connection with audience creation and modeling and creating segments for the Customer based on the Customer’s CRM Data.
We share hashed email addresses or other pseudonymous online identifiers with our Audience Partners in connection with audience creation and modeling and creating segments for the Customer based on the Customer’s CRM Data.
Interest-based advertising involves tailoring advertisements based on factors such as browsing activity, time of day, time spent on specific websites, and non-precise geographic data associated with end-user devices. To enable this, we may deploy tracking tools on customer websites to collect data on end-users' online activity.
These collected data may be shared with third-party advertising partners. These partners use this information, along with their data, to provide end-users with more relevant advertisements within their networks. This practice is commonly referred to as "interest-based advertising" or "online behavioral advertising."
If end-users prefer not to have their Personal Information shared with third-party advertising partners for this purpose, they can opt out of targeted advertising by following the instructions provided in the Opt-Out section.
We may share data derived from end-users' interactions with a Customer's Digital Properties, email campaigns, or Ads with the Customer to identify potential interest in their products or services. Our objective is to assist customers in improving and optimizing the performance of their marketing and advertising efforts. The data we collect helps customers analyze traffic, measure ad campaign effectiveness, and gauge potential buyer interest, all to ensure the delivery of timely and pertinent messages. Furthermore, we leverage this data to operate, enhance, and refine our Services.
We deliver reporting services aimed at furnishing Customers with in-depth insights into the performance of their ad campaigns via Recotap and extracting valuable insights from the analysis of activities on their Digital Properties. These reports encompass a range of ad metrics, including traffic statistics for specific Digital Properties, assessments of campaign impact, impressions (ads served), clicks (ads clicked), and conversions. It's important to highlight that the Customer defines what qualifies as a "conversion," which can include actions like asset downloads.
We may disclose Personal Information when deemed necessary to:
This includes situations where we are legally obligated to do so, such as complying with a court's binding order or when disclosure is required to exercise, establish, or defend the legal rights of Recotap, our Customers, or any other third party.
In the event of a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or the transition of our services to another provider, Personal Information may be sold or transferred as part of the transaction. If a third party acquires a portion or the entirety of our business or assets, we may disclose your information in the course of the sale, which may include sharing it during due diligence proceedings leading up to the sale.
The duration for which we retain information collected depends on the nature of the data and our methods of collection and storage. After a reasonable timeframe, we will either delete or anonymize the information. If neither is immediately feasible, we will securely store the information and segregate it from any further use until it can be deleted.
We hold onto Personal Data provided by the customer when there exists an ongoing legitimate business necessity to do so. This includes situations where retention is essential for compliance with legal obligations, dispute resolution, or the enforcement of our agreements.
When there is no ongoing legitimate business requirement for processing Personal Data, we will securely erase the information or anonymize it. Should the customer wish for earlier deletion, they may request this by writing to privacy@recotap.com.
As processors of Customer CRM data, such as customer lists containing clear emails, which Customers instruct us to collect or provide for the purpose of our Services, we retain this Customer CRM Data until either the Customer requests its deletion or until the agreed-upon deletion period outlined in our Terms of Service expires, whichever comes earlier. The data retention period for Customer CRM Data, as defined in our Terms of Service, is as follows:
In the event that either the Customer or Recotap explicitly terminates the Recotap Services in accordance with our Terms of Service, we will delete Customer CRM Data within 90 days from the termination date.
If a Customer's account remains suspended for a period of 90 days or longer, the Customer CRM Data will be deleted.
When a Customer has not logged into their Recotap account for more than 365 days, with no product usage in the past 30 days and no media spending in the past 30 days, the Customer CRM Data will be deleted upon the 366th day of inactivity for the account.
Customers also have the option to request the deletion of Customer CRM Data by sending an email to privacy@recotap.com.
Cookies we set expire (and are then deleted) 12 months from the last time an end-user device accessed a Digital Property using Recotap Technology. If they visit another Digital Property that uses our technology inside that 12-month expiry period, then the expiry period will be reset and measured from that date instead. The expiration period for mobile identifiers is controlled by the end-user on their own device.
We delete personal data associated with mobile and cookie identifiers after 12 months. For example, data such as website visits or ads clicked.
Data logged in order to process an advertising bid request we have received from an Advertising Partner (such as cookie identifier, IP address, the domain url requesting to display the ad, and browser information) are deleted after 7 days. Data we have logged regarding bids we have placed to display an advertisement (including cookie identifiers, mobile identifiers, the advertisement bid on and the advertisement won or displayed to the end-user) are deleted after 15 days.
Data logged for the display of an advertisement (including cookie identifiers, the advertisement won or displayed to you, and data indicating whether you clicked on the particular advertisable displayed) are deleted after 12 months.
By default, Recotap tracking pixels disable web analytics tracking and website personalization on customer websites that have GDPR/CCPA mode set to True.
To activate these features on a per-visitor basis, the visitor's consent state is programmatically communicated to the Recotap tracking pixel. This ensures that these features are only enabled when explicit consent has been obtained from the visitor, aligning with GDPR and CCPA regulations.
In certain circumstances, it may be necessary to deactivate Recotap Landing Page Analytics on a specific webpage without removing the Recotap pixel tag. This situation may arise, for example, when your website's privacy policy offers users the option to opt out of Website Analytics.
The Recotap pixel tag is equipped with a window property that, when set to true, deactivates the Recotap pixel tag's data transmission to Recotap. When the Recotap pixel tag attempts to send data to its servers, it will first verify the status of this property and take no action if the value is set to true.
This mechanism allows you to respect user preferences regarding data collection and aligns with our commitment to privacy and compliance with relevant regulations.
There are instances where it may be necessary to deactivate Recotap Website Personalization on a particular webpage without removing the Recotap pixel tag. This may be the case, for example, if your website's privacy policy provides users with the option to opt out of Website Personalization.
The Recotap pixel tag is equipped with a window property that, when set to true, deactivates the Recotap pixel tag's ability to personalize the website.
This feature ensures that user preferences regarding website personalization are respected and aligns with our commitment to privacy and compliance with relevant regulations
Under the California Consumer Privacy Act (CCPA), residents of California have the right to opt out of the sale of their personal information. Similarly, under the General Data Protection Regulation (GDPR) and other European data protection laws, individuals in the European Economic Area (EEA), the United Kingdom, and Switzerland have the right to object to the processing of their personal data.
Subject to the exemptions under law, end-users may have the right to request access or delete their personal information. Under certain circumstances, end-users also have the right to receive personal information that we process about them and transmit that information to another organization, i.e., a right to data portability. They may also request that we restrict or block future processing of their personal information.
Where we previously obtained their consent in order to process their personal information, they have the right to withdraw that consent.
Users can exercise these rights by emailing their request to privacy@recotap.com.
We will validate these requests and carry out valid requests. If the request is not deemed valid, then we will share the reasons why it is not valid and your options for seeking resolution through a supervisory authority and through a judicial remedy.
Alternatively, you can contact our DPA (Data Protection Officer) with more information at privacy@recotap.com
If an individual would prefer to not receive personalized ads based on their browser or device usage, they may generally express their opt-out preference to no longer receive tailored advertisements. Individuals will continue to see advertisements, but they will no longer be tailored to such individual’s interests.
To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit:
Digital Advertising Alliance’s self-regulatory opt-out page - https://optout.aboutads.info and mobile application-based “AppChoices” download page https://youradchoices.com/appchoices
European Interactive Digital Advertising Alliance’s consumer opt-out page https://youronlinechoices.eu
Network Advertising Initiative’s self-regulatory opt-out page http://optout.networkadvertising.org/
Recotap takes its commitment to data protection seriously and is fully compliant with both the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR). This compliance underscores our dedication to safeguarding personal data.
We work to maintain our compliance status, benefiting both our company and our customers. We prioritize giving End Users control over their data, offering them the freedom to access and remove their information from our system, among other rights outlined in the Opt-Out section.
It's important to note that GDPR outlines distinct requirements for "Processors" and "Controllers" of data. In the case of Recotap, we function as both a data controller and data processor. We act as a data controller when assisting users in acquiring data and as a data processor when communicating with prospects on their behalf. This dual role ensures that we adhere to GDPR regulations effectively.
According to the standards contained in the General Data Protection Regulation (GDPR), processing of personal data is allowed if it is ‘necessary for the purposes of the legitimate interests pursued by the controller or processors or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject which require protection.
In other words, GDPR allows processing subject to a balancing test, which weighs the legitimate interests of the controller - or the third party or parties to whom the data are disclosed - against the interests or fundamental rights of the data subjects. If this is not the case, they cannot rely on legitimate interest as a justification for processing the data and must find another legal ground. It is therefore important to carefully consider whether their legitimate interests in processing personal data are outweighed by the potential impact on individuals’ rights and freedoms.
Recotap collaborates with various digital advertising platforms, including Google Ads, Facebook Ads, Twitter Ads, LinkedIn Ads, Amazon Advertising, and Programmatic Advertisers, all of which operate within the framework of the General Data Protection Regulation (GDPR). These platforms have robust data protection policies in place to ensure compliance with the regulation and safeguard the rights and privacy of individuals whose data is processed. Here are the key components of their data privacy compliance efforts:
Obtain verifiable parental consent before processing data of users below the age of consent (usually 16, but may vary in some EU countries).
If transferring data outside the EU/EEA, ensure that appropriate safeguards, such as Standard Contractual Clauses or adequacy decisions, are in place to protect the data.
Establish procedures for promptly notifying users and relevant authorities in the event of a data breach that may result in a risk to users' rights and freedoms.
Designate a Data Protection Officer if required by GDPR regulations, especially if the platform's core activities involve large-scale processing of sensitive data.
Maintain detailed records of data processing activities and policies to demonstrate compliance with GDPR requirements.
Conduct regular internal audits and reviews to assess compliance, identify potential issues, and make necessary improvements.
The detailed privacy policy of Recotap’s Advertising partners can be found in the links below.
https://www.stirista.com/privacy-policy/
https://www.thetradedesk.com/us/privacy
We may update or modify this Privacy policy at our discretion and at any time. When we make changes to this Service Privacy Notice we will post the updated notice online and update the notice’s effective date. Please review this page periodically.
If we are required by applicable data protection laws to obtain your consent to any material changes before they come into effect, then we will do so in accordance with the law.
If you have any questions about our privacy policy, you can contact privacy@recotap.com.