Privacy Policy

Jepto provides secure cloud-based marketing analytics solutions. Our services allow you to automate marketing tasks. This Privacy Policy tells you how Jepto uses your Personal Data when you visit our website at https://www.jepto.com (“Site”) and interact with our platform services (collectively with the Site, the “Platform”).

When we mention “Jepto”, “we”, “us” or “our” in this Privacy Policy, we are referring to Jepto data collection practices through the Platform.

“Personal Data” (or personal information) means any information about an individual from which that person can be identified. For instance, it may include your name, telephone number, email address, or payment information, and in some places like the European Economic Area (“EEA”) even your IP address. However, it does not include anonymous data — where any identifiers connected to an individual have been permanently removed. We collect a variety of Personal Data about our customers and visitors to the Platform in different ways.

Categories of Personal Data that we Collect

The Personal Data that we collect falls into these general categories (with some overlap in some instances):

• Identity Data: such as company of employment and title, first name, last name, username or similar identifier and an encrypted version of your login/password.
• Contact Data: includes email address.
• Profile Data: includes your username and password, preferences, feedback and survey responses, as well as any profile data which we have added (for example, using analytics and profiling).
• Financial Data: such as payment card details.
• Transaction Data: includes details about purchases and payments to and from you and other details relating to your activity on the Platform.
• Technical Data: such as internet protocol (IP) address, your login data, browser type and version, location, and other technology on the devices you used to access the Platform.
• Usage Data: includes information about how you use our Platform, products and services.
• Tracking Data: this is information we or others collect about you from cookies and similar tracking technologies.
• Marketing and Communications Data: includes your preferences in receiving direct marketing from us, as well as your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data but is not considered Personal Data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature on the Site. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Policy.

We do not — and do not wish to — collect any special categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data), nor do we collect any information about criminal convictions and offenses.

We also collect, as a processor, any Personal Data of a third-party that you include in any data you provide through the Platform and you act as the controller of such Personal Data.

Know that if you choose not to share certain Personal Data with us, or refuse certain contact permissions, we might not be able to provide the services you need. This is especially true of Identity Data, which is necessary for us to enable your use of the Platform, or of Financial Data, which we need to collect and retain in order to validate and record any financial transactions on the Platform.

How and When We Collect Your Personal Data

We use different methods to collect Personal Data from and about you:

Direct interaction with the Platform. You may provide us your Identity, Contact and Financial Data by registering on the Platform or by corresponding with us, mostly by email or through social media. This includes Personal Data you provide when you:

• create an account on the Site;
• register for the Platform;
• make inquiries or request information be sent to you;
• ask for marketing to be sent to you;
• engage with us on social media;
• contact customer services; or
• leave comments or reviews

Automated technologies or interactions. As you interact with us, such as browsing our Site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We may also collect Tracking Data when you use our Platform.

Third parties or publicly available sources. We may receive Personal Data about you from various types of third parties, including:

• Technical Data and/or Tracking Data from analytics providers, advertising networks and partners, and search information providers (such as Google);
• Identity and Contact Data from data partners; and
• Data from any third parties who are permitted by law or have your permission to share your Personal Data with us.

Jepto recognizes the privacy interests of children, and we encourage parents and guardians to take an active role in their children's online activities and interests.

Our Platform and services are not intended for minors and Jepto does not target the Platform or any of its services to minors. Jepto does not knowingly collect Personal Data from minors. If you are under the age of 18, please do not register and do not provide us with any Personal Data.

We will only use your Personal Data as allowed by law. In general, we will use your Personal Data in the following circumstances:

• Where we need to perform the contract we are about to enter into or have entered into with you. For example, when you register for the Platform, that’s a contract.
• Where it is necessary for our legitimate interests, which may include our business interests, but only where your interests and fundamental rights do not override those interests. For example, when we analyze issues that users encounter, or when we analyze system performance.
• Where we need to comply with a legal or regulatory obligation. For example, keeping Financial and Transactional Data for tax compliance.

Generally, we do not rely on consent as a legal basis for processing your Personal Data other than where the law requires it, for example in relation to sending certain direct marketing communications. Where our legal basis is consent, you have the right to withdraw consent any time.

For our EEA users and visitors, see Legal Bases for Processing Personal Data to find out more about the lawful bases that we will rely on to process your Personal Data.

Jepto does not sell, rent, or trade your Personal Data with third parties other than as disclosed within this Privacy Policy. We may share your Personal Data with the categories of third parties listed below, or for certain specific purposes.

Agents and contractors

Jepto may share Personal Data with our third-party agents, contractors, or service providers who are hired to perform services on Jepto’s behalf. These providers may operate or support certain functions of the Platform, or process Personal Data on our behalf in order to assist us with certain functions. Below is an illustrative list of functions for which we may use third-party service providers and the names of the providers we may use to perform these functions:

• Analytics services (e.g., Google Inc.)
• Email marketing outsourcing (e.g. SendGrid)
• Advertising services (e.g. Google Ads, Facebook Ads, TikTok, X, Microsoft Ads)
• Customer support services (e.g. Ortto)
• Hosting and content delivery network services (e.g., Amazon Web Services)
• Communication services (e.g. Slack)
• Artificial Intelligence (e.g. Open AI)

These agents and contractors are only allowed to use the information shared with them for the specific tasks we have requested them to do and consistent with this Privacy Policy, and for no other purposes. Jepto takes steps to ensure that all service providers with access to Personal Data are capable of protecting the information we share with them.

Legal disclosures

We may disclose Personal Data about you as required or permitted by law and/or to comply with a judicial proceeding, court order, or legal process. To the extent permitted by applicable law, we also may disclose Personal Data about you in response to a request from law enforcement agencies, regulators or other public agencies (including schools or children services) or if we believe such disclosure may prevent a crime, facilitate an investigation related to public safety or protect the safety of individuals, protect the security or integrity of our Platform, or enable us to take precautions against liability or to protect our rights.

Business Transfers

We may disclose or otherwise transfer information about our users, including Personal Data, to an acquirer, successor, or assignee as part of any merger, acquisition, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

Information via Cookies

We also share data with third parties connected to advertising, retargeting and analytics. Please see Cookies below, including the cookie list, for more information about who those third parties are.

Anonymized Information

We share aggregated, automatically-collected or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) for business or marketing purposes; (iii) to assist us and other parties in understanding our users' interests, habits and usage patterns for certain programs, content, services, advertisements, promotions and/or functionality available through the Platform. We do not share personal information about you in this case.

We reserve the right to change the Agreement at any time for any reason. Any changes we may make to the Agreement in the future will be notified to you by posting an updated version of the Agreement on this page with an updated revA cookie is a small text file that is stored on a user's computer for record-keeping purposes. When you visit or access the Platform, we may by means of cookies, beacons, tags, scripts, and/or similar technologies automatically collect technical information about the devices and software you used to access the Platform, such as the type of Internet browser or mobile device you use, the website or source that linked or referred you to the Platform, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, and other similar technical information.

You can see more information about the cookies we use including who they belong to, their ID and why they are used. We’ve also included links to the third-party websites where you can go to find out more.

Technical, analytics, and usage information

We use both session ID cookies and persistent cookies. Jepto tracks users use of the Platform, but does not track users across third-party websites.

These same technologies (or a combination of them) may also be used to help us:

• Capture and store users' preferences, account settings, and certain login information (mainly for convenience, user verification, and account security)
• Compile statistics and analytics about your use of and interaction with the Platform, including details about how and where our Platform is accessed, how often you visit or use the Platform, the date and time of your visits, your actions on the Platform, and other similar traffic, usage, and trend data. These analytic tools allow us to better understand the functionality of our mobile software on your device and gain insights about how mobile software is used in order to improve your experience;
• Gather important functionality, testing, and performance data about our Platform, including performance data related to our mobile application, such as networking activity, CPU load, and resource usage, among other relevant data;
• Moderate user behavior on the Platform, such as protecting against fraud and other inappropriate activities;
  
• Gather demographic information about our user base; and, Perform other similar functions.

We may use third-party tools and technologies to help us gather this information discussed above. For instance, we use Google Analytics to collect and process certain analytics data with technologies such as tracking pixels. Typically, all technical, analytics, and usage information is gathered by Jepto in anonymous form and does not identify you personally.

Advertising and Marketing

As further described in Advertising, Marketing and Your Communication Preferences below, Jepto partners with third-party advertisers, ad server companies, and ad networks (collectively, “External Partners”) that use cookies, beacons, tags, tracking pixels and scripts and other tracking technologies in order to collect data such as IP address, device ID, and other information about your computer or device, as well as Internet and online usage information and information about certain activities on the Platform, including purchases.

What does this mean? When you click on a link to an External Partners on our Site, that External Partner will drop a cookie (or similar tracking technologies) and likely capture and collect your device ID or IP address, as well as information about your device, operating system, the wireless carrier providing service to such device, and the geographical location of the device (i.e. Usage, Technical and/or Tracking Data primarily) so that it can track your activity on the Site and when you visit other sites, unless you blocked cookies as described below.

These External Partners may also download non-personally identifiable cookies to your computer, or use other technologies such as “web beacons” to measure the effectiveness of their ads and to personalize advertising content. Their use of your Personal Data will be governed by the terms of their privacy policies and their privacy policies may explain the way in which you can “opt-out” of certain tracking by their advertisements.

Your choices

Most web browsers automatically accept cookies, but if you prefer, you can set your browser to refuse cookies or to notify you each time a cookie is set. You can learn more about cookies by visiting www.allaboutcookies.org, which includes additional useful information on cookies and how to block cookies using different types of browsers.

If you disable or refuse cookies, please note that some parts of this Site may become inaccessible or not function properly.

Jepto does not process or respond to web browsers' “do not track” signals or other similar transmissions that indicate a request to disable online tracking of users who visit or use our Platform.

A cookie is a small text file that is stored on a user's computer for record-keeping purposes. When you visit or access the Platform, we may by means of cookies, beacons, tags, scripts, and/or similar technologies automatically collect technical information about the devices and software you used to access the Platform, such as the type of Internet browser or mobile device you use, the website or source that linked or referred you to the Platform, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, and other similar technical information.

We may carry out direct marketing by email if you are a registered user. For example, you might receive our newsletter, which will always contain a link to unsubscribe that you can click on if you no longer wish to receive the newsletter.

External Partners

Tracking Data, and in particular cookies, help us to deliver website and social advertising that we believe is most relevant to you and to potential new customers of Jepto. The cookies used for this purpose are often placed on our website by our External Partners. This includes retargeting.

If you want more information about Tracking Data, in particular cookies, see Cookies above.

Almost all the cookies that relate to advertising are part of third-party online advertising networks via our External Partners. Certain advertisements that appear on the Platform are sometimes delivered (or “served”) directly to users by our External Partners. Some of these External Partners automatically receive certain of your Personal Data through your interaction with an advertisement, as described above in Cookies.

We may use social plugins on our Platform and may include icons that allow you to interact with third-party social networks. If you use any social plugins, the relevant third-party may set a cookie when your browser creates a connection to the servers of such social networks and the plugin may transmit your data to the social networks.

Your use of these social plugins is subject to the privacy policies of the third-party social networks. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, we encourage you to read the Privacy Policy of every website you visit.

The information you enter on the Platform or otherwise provide to Jepto may be transferred outside the European Union to Australia, which does not offer an equivalent level of protection to that, required in the respective country. In particular, you are advised that Australia uses a sectoral model of privacy protection that relies on a mix of legislation, governmental regulation, and self-regulation. The European Union's General Data Protection Regulation (“GDPR”) allows for transfer of personal data from the European Union to a third country in certain situations. By agreeing to the terms of use and this Privacy Policy, you agree and consent to the transfer of all such information to Australia which may not offer an equivalent level of protection to that required in other countries, particularly the European Union, and to the processing of that information by Jepto on servers located in the United States of America and/or Australia as described in this Privacy Policy. This Privacy Policy and our Terms of Service incorporates the GDPR Data Protection Addendum, when you are located in the European Union or when you provide personal data to Jepto that is subject to the General Data Protection Regulation. In our discretion, we may adopt other means, such as entering into Model Contract Clauses, or enter into different certification programs such as the Privacy Shield under applicable law for ensuring adequate safeguards.

The table below shows the different ways that we use Personal Data, and which of the legal bases we rely on to do so.

Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data.

We do not carry out any automated decision-making.

Please contact us if you have any questions.

We have implemented a number of security measures designed to protect your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. For instance, we use firewalls, password protection, secure socket layer, encryption, and other security measures to help prevent unauthorized access to your personal data.

In addition, we limit access to your Personal Data to our employees, agents, contractors and other third-parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

We have implemented procedures to handle any suspected Personal Data breach (or unauthorized access) and will notify you and any applicable regulator of a breach as legally required.

We will only keep your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In some circumstances you can ask us to delete your data; see EEA Rights: Staying in Control of Your Information: Your Legal Rights below for further information.

General Retention Periods

Subject to exceptions as required or permitted by applicable law, we retain Personal Data that is necessary for your use of the Platform as long as you are a user of the Platform. Given the nature of our services and tax-related matters, we retain certain Financial Data and related information for as long as required by law.

Metadata on the Platform which is needed for the purposes of IT security and maintaining the Platform in general, can be retained for the prevention of fraud and abuse, and therefore will be retained for such purpose, generally for a period of up to three years. This includes (for instance) IP address.

Exceptions

There are exceptions from static retention periods that have to be taken into consideration. For instance, we cannot delete Personal Data when there are legal obligations to retain the Personal Data (e.g. arising from tax or commercial law). This is particularly true of data Financial Data and payment information.

Additionally, we cannot delete Personal Data when it is needed for the establishment, exercise or defense of legal claims (“litigation hold”). In this case, the Personal Data can be retained as long as needed for exercising respective potential legal claims.

Time frame of deletion

If Personal Data can no longer be retained it will be erased without undue delay, generally within one month, unless exceptions apply.

Anonymization

In some instances, we may choose to anonymize your Personal Data instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the Personal Data can be linked back to you or any specific user.

If the General Data Protection Regulation applies to you because you are in the EEA, you have specific rights in relation to your Personal Data, beginning with a right to be informed, which is an obligation on us to inform you how we use your Personal Data (and that’s what we’re doing in this Privacy Policy).

With respect to all the rights listed below, please click in order to exercise your rights.

• Your right to rectification. You have a right to rectify, update or complete any inaccurate Personal Data, pending verification of your identification. Most of this can be accomplished by going to your “Account Settings” and making any changes there. For instance, if your contact details change, or if you spot any errors in the information we hold about you, we recommend starting with your “Account Settings”. If, after visiting your “Account Settings”, you are still unable to rectify the information, please contact us directly here.
• Your right of access. You have the right to obtain a copy of all Personal Data that Jepto holds about you, such as personal details, correspondence, marketing preferences, consent information, complaints, queries and payment history, generally, within a 30-day time limit and free of charge. You may limit the amount of data that you would like to obtain if you do not wish to access all the records.
• Your right to move your data (portability). Under certain circumstances, you can request that a data collector move your data to another service provider however, this is not an automatic right.
• Your right to object to processing. You have to right to request that Jepto stop certain data processing activities that involve processing your Personal Data. This isn't an automatic right, and Jepto's ability to restrict processing will depend on the type of data that for which you are making this request.
• Your right to request deletion You have a right to request that Jepto delete your Personal Data that it holds. This isn't an automatic right, and what Jepto is able to delete will depend on the type of data that Jepto holds about you, whether it was obtained via consent, what purpose it serves, and whether Jepto has an obligation to keep the data, among other things.

Note that unless you request deletion, and such request is determined to be appropriate, while you remain a user, we’ll process and retain your data as described in this Privacy Policy in order to enable you to use the Platform. Once you stop being a user, we will hold your data as described in the data retention section.

These rights are subject to certain rules around when you can exercise them. You can see a lot more information on them, if you are interested, on the UK Information Commissioner’s Office website, for instance.

For all requests mentioned above, we may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
‍
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex, or you have made a number of requests. In this case, we will notify you and keep you updated.

In addition:

• You have a right to lodge a complaint with a Supervisory Authority. If you feel that Jepto is not processing your Personal Data in a manner that complies with the GDPR, you have a right to lodge a complaint with the supervisory authority of your country of residence. Of course, we would appreciate the chance to deal with your concerns before you approach a supervisory authority, so please contact us in the first instance.
• You have a right to withdraw your consent. For activities where you have provided consent to Jepto, you have a right to withdraw your consent at any time.
• Your rights in relation to automated decision-making and profiling That’s a right you have for us to be transparent about any profiling we do, or any automated decision-making.

If you wish to exercise any of the rights set out above, please contact us (see How to Contact Jepto About Privacy).

Jepto may update this Privacy Policy from time to time. If we decide to change our Privacy Policy, we will post those changes to this Privacy Policy on the home page, and other places we deem appropriate, along with a change notice where we feel that it is necessary so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We may also elect to send users notice of any changes via email. If any modification is unacceptable to you, you should stop using the Platform.