This privacy notice (Notice) explains how Archetype Agency Limited, Archetype Agency GMBH, Archetype Agency AB, Archetype Agency BV, Archetype Agency Limited, Archetype Agency Pte Ltd, Archetype Agency Private Ltd, Archetype Agency SARL, Archetype Agency Sdn Bhd, Archetype Agency SL, Archetype Agency SRL, Archetype Agency Beijing and Archetype Agency LLC (we, our, us, Archetype) collects, uses and shares ("processes") the personal data in relation to the use of Delve, our insight engine.
This Notice applies alongside any other information that Archetype may provide about a particular use of personal data. If you are in receipt of any other products or services, then please read the privacy notice that governs that activity in conjunction with this notice.
If you are an employee of a client organization and are using Delve as part of your internal solution set, please read this notice in combination with any transparency information provided to you by your employer.
We collect your personal data in a number of ways including:
- When you register for an account with us in order to use Delve.
- When you sign in and use Delve within an internet browser.
- If you choose to enter any personally identifiable information about yourself or others.
- If you upload any documents that contain personal information about yourself or others.
- If Delve is granted access to a company knowledge base that may contain personal information about yourself or others.
To provide this service to you Archetype will process the following categories of personal data:
- Account Information: When you create an account with us, we will collect information associated with your account, including your name and email.
- User Content: When you use Delve we process the personal information that is included in the input, file uploads or feedback that you provide.
- Other Information you provide: We collect other information that you may provide to us, such as when you participate in any surveys or when providing feedback on Delve so that we may improve it for your use.
- Log Data: Information that your browser or device automatically sends when you use Delve. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with Delve.
- Usage Data: We may automatically collect information about your use of Delve, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, and your computer connection.
- Device Information: Includes name of the device, operating system, device identifiers, and browser you are using. Information collected may depend on the type of device you use and its settings.
Subject to applicable law, your personal data may be processed by us for the following purposes:
- To provide, administer and maintain the services as set out within our contract, including support.
- To store session data and allow users to save and return to conversations in future.
- To improve the functionality of Delve and conduct research.
- To prevent fraud, criminal activity, or misuse of Delve, and to protect the security of our IT systems, architecture, and networks, and
- To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.
We may aggregate or de-identify Personal Information so that it may no longer be used to identify you and use such information to analyze the effectiveness of Delve, to improve and add features, to conduct research for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users and analyze aggregated information like general user statistics. We may collect aggregated information through Delve, through cookies, and through other means described in this Privacy Policy. We will maintain and use de-identified information in anonymous or de-identified form and we will not attempt to reidentify the information unless required by law.
Every time we process personal data, we must have a legal basis upon which to rely.
We will only collect, use and share your personal information where we are satisfied that one or more of the following legal bases apply:
Contract
Where the processing of data is necessary in order to fulfill our obligations to you under the contract for you to use Delve.
Legitimate Interest
The processing is necessary for the legitimate interests pursued by Archetype or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require the protection of personal information. When we use legitimate interest as our legal basis for processing your information we conduct an assessment in order to risk assess our activities. Our legitimate interests include our interests in running Archetype in a professional sustainable manner, in accordance with all relevant legal and regulatory requirements and in line with industry best practice.
Consent
If you enter personal information into Delve you are giving Archetype your consent to process that information. If you are entering information of a third party, you must obtain their consent before entering such information into Delve.
For the purposes set out in this notice, we will not share your personal information with any person or entity other than Archetype. The only exception to this is when your data is transferred to Google Cloud and Sentry (our hosting provider), or to a technology service provider in order to enable Delve to function. In particular we use the Google Access Gateway in order to provide you with secure access to your account.
If order to understand how Google accesses your data, please see their privacy notice here.
Please note that your searches may contain links to other websites that are not operated or controlled by Archetype. The information that you share with the third-party site will be governed by their privacy notices and terms of service. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the third party directly for information on their privacy practices and policies.
Your data will not be subject to any automated decision making or profiling beyond the activities that are set out within this notice. For the avoidance of doubt, we do not carry out in–application tracking.
As set out above we may share your personal data within our Group. This may involve transferring your data outside of the UK and the European Economic Area (EEA). We have therefore entered into a specific intra-group contract utilizing the International Data Transfer Addendum to the European Commission’s Standard Contractual clauses for International data transfers.
Although we attempt to process data in country some of our external third-party services providers may be based outside the UK or EEA.
Whenever we transfer your personal data out of the UK or the EEA to these third parties, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or the UK Government.
- Where we use certain service providers, we may use specific contracts approved by the European Commission or the Security of State for the United Kingdom as affected by the Information Commissioners Office which give personal data the same protection it has in Europe and the UK
Please contact the Data Protection and Privacy Office if you want further information on the specific mechanism used by us when transferring your personal data out of the UK or the EEA.
Your data will be held within Sentry (our hosting provider). We have configured our services to localize the host container based on your location. For example, if you are a client based in the UK, your data will be stored and processed in the UK. This is to help our clients meet any legal or regulatory requirements in relation to data localization laws.
We will retain your Personal Data for as long as is reasonably necessary for the purposes explained in this Notice. In some circumstances, we may retain your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements or so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your relationship with us. Where your Personal Data is no longer required, we will ensure it is either securely deleted or stored in a way that no longer identifies you.
If you would like further details regarding our records retention, please contact the Data Protection and Privacy Office set out below.
ARCHETYPE AND CCPA/CPRA COMPLIANCE
The California Consumer Privacy Act (CCPA) as amended by the California Consumer Privacy Act of (CPRA) gives consumers more control over the personal information that businesses collect about them. The following table provides additional information about the categories of Personal Information we collect and how we disclose that information.
COOKIES
This website uses cookies. Cookies are small text files that can be used by websites to make a user's experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site.
STRICTLY NECESSARY COOKIES
To the extent provided by applicable local data protection legislation you have the following rights:
- to obtain access to, and copies of, the personal data we hold about you;
- to require that we cease processing your personal data if the processing is causing you damage or distress;
- to require us not to send you marketing communications;
- to request that we erase your personal data;
- to request that we restrict our data processing activities in relation to your personal data;
- to receive from us the personal data we hold about you, which you have provided to us, in a reasonable format specified by you, including for the purpose of transmitting that personal data to another data controller; and
- to require us to correct the personal data we hold about you if it is incorrect.
Please note that the above rights are not absolute, and requests may be refused where exceptions apply.
If you have any questions about these rights or how your personal data is used by us, you should contact the Data Protection and PrivacyOffice whose details are set out above.
We recommend that you seek to resolve any issues Archetype before any referral is made to the relevant regulatory authority. If you have any queries about this privacy notice or how we process your personal data, or if you wish to exercise any of your rights please contact:
a@delve.news
You can also contact our Data Protection Officer at
Data Protection and Privacy Office
60Great Portland Street
London
W1W 7RT
If following such referral, you are still not satisfied with how your personal data is used by Archetype you can make a complaint to the data protection authority that governs your jurisdiction.
Archetype will update this Privacy Notice from time to time. Any substantial changes that affect your rights will be provided to you directly as far as is reasonably practicable.
Updated: November 25, 2024
