What information do we collect?
We are serious about protecting your online privacy. This Privacy Policy (“Privacy Policy”) describes our
policies and procedures and provides a description of our data collection, use, and disclosure practices.
If you provide us with your data, or we obtain data about you from other sources, we treat your data
according to this Privacy Policy.
The creation of this Privacy Policy grows from our fundamental respect for the right to privacy of the
persons who engage our services and will serve to guide our relationship with you. We value the privacy
and security of your “data,” which as used herein means any information relating to an identified or
identifiable natural person.
In this privacy statement, we explain what we do with the data we obtain about you. We recommend
you carefully read this statement. In our processing we comply with the requirements of privacy
legislation. That means, among other things, that:
• we clearly state the purposes for which we process personal data. We do this by means of
this privacy statement;
• we limit our collection of personal data to only the personal data required for legitimate
purposes;
• we first request your explicit consent to process your personal data in cases requiring your
consent;
• we take appropriate security measures to protect your personal data and also require this
from parties that process personal data on our behalf;
• we respect the rights that you have as regards your personal data, such as the right to
access your personal data or have it corrected or deleted, at your request.
HOW YOU ACCEPT THE TERMS AND UPDATES TO THE PRIVACY POLICY
You consent to and agree to be bound by this Privacy Policy by expressly accepting the terms of the
Privacy Policy or by using our services. From time to time, we will update this Privacy Policy as we adopt
new practices and procedures related to your personal data. Any changes to this Privacy Policy will be
placed here and will supersede this version. If you have any questions about any changes, please
contact us by finding the section titled “Contact us”. In the case that you do not agree with changes to
the Privacy Policy, we recommend you stop using our platform and/or services. You can make necessary
changes to your data including deletion by following the steps in the section titled “Controlling Your
Personal Data”.
THE PERSONAL DATA WE COLLECT ABOUT YOU AND THE REASON FOR THE COLLECTION
When you engage our websites or services, you may voluntarily provide us your name, the name of your
business, address, phone number, email address, website address, and any other information you wish
to communicate to us. We collect this information to process your request to conduct business with us,
open a business account, and provide customer service.
In addition, when you use our websites, we may automatically collect your data including your Internet
Protocol address and information regarding your operating system, device and location. We also use
cookies on our websites. We collect this information to communicate the content on our websites to
you, to recognize you, to learn more about the users of our websites, to customize and improve your
experience on our websites, and for business and marketing purposes.
Any information you provide, or we collect may be available to us, as well as our service providers
around the world. This means that your personal information may be accessed or transferred to entities
located in a country other than the country in which you reside. Regardless of the country, we will
ensure your personal information is protected as described in this Privacy Policy and in accordance with
applicable law.
By visiting and using our site, you consent to the collection, use, storage, sharing, and otherwise
processing of your personal information.
All information transmitted, printed or otherwise submitted to our sites shall be deemed to be our
property and we are free to use such information for any lawful purpose as detailed herein.
Our site contains links to other sites, and we are not responsible for the privacy practices or the content
of such sites. We reserve the right to release such information to law enforcement or other
governmental officials as we, in our sole and absolute discretion, deem necessary to comply with the
law.
While our customers are bound to our terms of use, this privacy policy does not directly apply to the
collection and data processing of personal information through our customers or that is done on their
behalf. Our customers determine the information to be collected as well as how it is to be processed
and consequently are subject to their own respective privacy policies.
Our terms of use can be found at https://Ottomator.ai/termsofuse/.
If at any point you do not agree with any points of this policy, it is recommended that you cease using
the platform and exercise any of the rights you feel necessary to outlined in the section titled
“Controlling Your Data”.
Definitions
Ottomator means Ottomator.ai, Trellis Ventures Inc. and any affiliates or subsidiaries.
“We”, “we”, “Our”, “our, “Us,” or “us” means Ottomator.
“Visitor” or “Consumer” means a user that has visited our or any of our customer’s sites.
“Our Services” means our collection of marketing automation services including, but not limited to,
patented form abandonment solutions, visitor and form tracking and analytics, email remarketing,
proprietary software, manual services, trade shows, presentations, promotional media, and other
marketing services we offer.
“Our Platform” means our websites, social media pages, emails, and any other of our content related to
Our Services. Our platform uses Our Services to provide better service for our visitors.
“Customer” means a business or individual that is a paying, trial, or free tier customer of Our Services for
the purpose of using any of Our Services.
“User”, "user", “You”, “you”, “Your”, or "your” means a customer, visitor, or any user of Our Platform, or
any of Our Services.
“Partner” means a business or third party that has been determined by us to be reputable, respects the
privacy guidelines set forth by the E.U-U.S. and Swiss-U.S. PrivacyShield requirements as well as that of
the “CCPA” (California Privacy Act), and is an entity we have partnered with to provide marketing
services or other business value for which users may share a legitimate interest.
Information We Collect And How We Collect It
Through Our Platform and services, we collect, track, and/or process the following:
“Personal information” or “Personal data” is information that may directly or indirectly identify you. This
includes but is not limited to your: email, name, company name, phone number, and address. The
specific information collected will vary depending on customer forms and configurations. This is
collected by filling out and/or submitting a form that uses Our Services on one of our or our customer’s
sites.
“Navigational information” or information derived from your web browser/client that may identify you
directly or indirectly. This includes your: http(s) headers, IP address, referral sources, browser agent data
(information about which browser is being used), time on page, cookies, web beacons, and other data
that is made available through the browser’s API. This is collected from users by getting data made
available to us through your browser that may identify their device, provide additional information from
vendors, and include other metadata.
“Form Information” or information that a visitor enters into one of our forms which includes but is not
limited to your demographic information and information related to business interest such as
impressions, experiences, and/or expectations. As with personal information, the breadth of this will
vary depending on customer forms and configurations. This type of information is collected when a user
begins filling out a form that has been configured through Our Services.
“Third party information.” We may collect additional information about you through our partners and
other third-party services. This may include both personal and navigational information.
“Aggregated information” means a collection of any of the above information that has been anonymized
and aggregated so that no individual can be identified.
“Payment information“, such as credit card numbers and billing information, is processed through third
party PCI-compliant service providers and not stored in our databases. This data is temporarily collected
and passed to our payment partner when a customer pays for any items or services.
Purpose, Legal Basis And Data Categories
We may collect or receive personal information for a number of purposes connected with our business
operations which may include the following.
Performance of our contract with you
We may require your personal data to receive and process your orders, to deliver products or provide
services to you, to process your payments and otherwise to fulfill our contract with you or to carry out
pre-contractual measures.
For this purpose we may use the following data in particular:
• A first and last name
• Account name or alias
• A home or other physical address, including street name and name of a city or town
• An email address
• A telephone number
• Details of orders, including communications with us about an order or problems that may
exist with a product or service provided
• Financial information such as bank account number or credit card number.
The basis on which we may process these data is for performance of a contract.
Communication With You
We may process your personal data when you otherwise communicate with us, such us when you
decide to provide us feedback though a contact form. Without processing your data, we may not be able
to provide communication or respond to communication. For this purpose we may use the following
data in particular:
• Content of the communication.
The basis on which we may process these data is upon the provision of consent, or otherwise, if consent
is not collected, legitimate interests.
Sending Special Offers
We may send you emails promoting any special offer(s). For this purpose we may use the following data
in particular:
• A first and last name
• Account name or alias
• A home or other physical address, including street name and name of a city or town
• An email address
• IP Address
• Internet activity information, including, but not limited to, browsing history, search history,
and information regarding a consumer's interaction with an Internet Web site, application,
or advertisement
The basis on which we may process these data is upon the provision of consent, or otherwise, if consent
is not collected, legitimate interests.
Compiling And Analyzing Statistics For Website Improvement
We may process your personal data to compile and analyze statistics to improve our website. For this
purpose we may use the following data in particular:
• An email address
• IP address
• Internet activity information, including, but not limited to, browsing history, search history,
and information regarding a consumer's interaction with an Internet Web site, application,
or advertisement
• Geolocation data
The basis on which we may process these data is upon the provision of consent, or otherwise, if consent
is not collected, legitimate interests.
To Be Able To Comply With Legal Obligations
We may need to process your personal data to comply with a legal obligation, such as to comply with
tax law or a court order. For this purpose we may use the following data in particular:
• A first and last name
• Account name or alias
• A home or other physical address, including street name and name of a city or town
• An email address
• A telephone number
• Details of orders
• Financial information such as bank account number or credit card number
• IP address
• Internet activity information, including, but not limited to, browsing history, search history,
and information regarding a consumer's interaction with an Internet Web site, application,
or advertisement.
The basis on which we may process these data is compliance with a legal obligation or, if the legal
obligation does not apply under EU or EU Member State law but under the law of another jurisdiction
which we are subject to, legitimate interests.
Otherwise For Our Legitimate Interest
We may process your personal data to otherwise realize our legitimate interests, such as
• To display our website; or
• To defend against or enforce legal claims if required.
For this purpose, we may use the following data in particular:
• For displaying our website: Data automatically transmitted by your browser, such as
• Browser type and browser version
• Operating system used
• Website from which access is made (referrer URL)
• Date and time of access
• IP address of the requesting computer
• For displaying our website: The data depends on the circumstances of the specific case.
The basis on which we may process these data is legitimate interests.
Generally, you are under no statutory obligation to provide any of the abovementioned data to us.
However, if you do not provide your data, we might not be able to perform our contract with you,
contact you, or conduct any other of the other abovementioned activities.
Cookies
Our website uses cookies and similar technologies. Cookies are small data files that may have unique
identifiers, and reside, among other places, on your computer or mobile device, in emails we send to
you, and on our websites. In addition, we may use local shared objects (sometimes called “flash
cookies”), java script, log files, and similar technologies (together with cookies and web beacons,
collectively referred to as “Cookies” in this policy) to track and analyze site usage and facilitate
advertising on our Site and third party sites.
We may use Cookies to collect or transmit information about you and your use of the Site or third-party
sites, such as: your browser type, search preferences, data relating to advertisements that have been
displayed to you or that you have clicked on, your interests on our websites and other sites, and the
date and time of your use. When we use Cookies, we do so in order to further website features and
processes, provide authentication and security for your transactions on our websites, store your
preferences, facilitate relevant advertising, and help us learn more about how users engage with the
Site, and understand your activities after you leave our websites. Our Cookies may be persistent or
stored only during an individual session.
You may opt out of tracking by third parties for certain advertising purposes, which can help you control
targeted advertising by third-parties that track your activities across sites. It may be possible to disable
certain Cookies through your device or browser settings. The method for disabling cookies may vary by
device and browser, but can usually be found in preferences or security settings. If you are not
comfortable with the above uses of Cookies, please do not use our websites.
Do-Not-Track Signals. Please note we do not change system behavior within our websites in response to
browser requests not to be tracked. You may, however, disable certain tracking as discussed in this
section (e.g., by disabling cookies or opting out of ad networks).
Third-Party Trackers. We also use automated devices and applications, such as Analytics Providers, to
evaluate usage of our websites and the services we provide. We use these tools to gather non-personal
information about users to help us improve our services, performance and user experiences. These
analytics providers may use Cookies to perform their services, and may combine the information that
they collect about you on our websites with other information that they have collected. This policy does
not cover such third-party usage of your non-personal information.
Disclosure Practices
We disclose personal data to our affiliates and service providers. Otherwise, we disclose personal data if
we are required by law or by a court order, in response to a law enforcement agency, or in similar
scenarios.
If our website or organization is taken over, sold, or involved in a merger or acquisition, your personal
data may be disclosed to our advisers and any prospective purchasers and will be passed on to the new
owners.
Use of Information Collected
In addition, tThe information listed in the section titled “Information We Collect And How We Collect It”
will be used to:
Notify you of information and/or offers of products/services in which you have expressed an
interest in.
For us and our customers to better understand our audiences.
Improve both our own and our customers’ marketing efforts.
Improve our and our customers’ forms.
Communicate with you about information related to Our Platform or Our Services.
Enable and fulfill certain services and features.
Render services through our partners.
Improve Our Services such as our proprietary tracking technology.
To fulfill purchases of Our Services.
Improve the accuracy of customer relation data.
Debug and manage Our Platform and Our Services.
Joint services involving our partners and customers.
Enforce our terms and policies.
Comply with regulations and legal requirements.
On our site
We use your personal, demographic, and profile information to enhance your experience at our site and
to enable us to present content we think you might be interested in. We use your contact information to
send you information about our company and promotional material from our partners. We may also use
your personal, demographic and profile data to improve our site, for statistical analysis, for marketing
and promotional purposes, and for editorial or feedback purposes for our advertisers. Information
collected by us may be added to our databases and used for future telemarketing, SMS text-messaging,
emails, or postal mailings regarding site updates, new products and services, upcoming events, and/or
status of orders placed online. By using this site, you agree that you may be contacted in any manner
contemplated in this section even if your number is found on a do not call registry, in-house list or
similar registry.
Text messages: By accepting the terms and conditions of this site and providing your cell phone number,
you are expressly consenting to receive SMS, wireless or other mobile offering to your cell phone from
us and other organizations. You understand that your wireless carrier’s standard charges and rates apply
to these messages. For SMS text messages, you may remove your information by replying “STOP”,
“END”, or “QUIT” to the SMS text message you have received, and we will remove your personal
information within 10 days of receiving such request.
Information Retention
Our website and services hosted from secure, enterprise-level platforms including Amazon Web Services
(AWS) and Google Cloud Platform (GCP).
Personal, form, and navigational information are stored for only as long as there is a legitimate business
need (such as continuing to send promotions to a subscriber). After this period, user data will be deleted
or anonymized and archived. Aggregated, non-personal data will be stored on an ongoing basis.
Sensitive information which needs to be preserved beyond business needs, will be anonymized, if
possible, and stored securely in an isolated environment. Users may make requests regarding their data
outlined in the section Controlling your Personal Data below.
Disclosure of Data to Customers, and Partners, and Third Parties
We use third party provider manage our websites and to process payments. These providers may be
located overseas, in Canada or other countries. Some third-party payment provider gateways or e-
commerce platforms used by us may require you to leave our website and be redirected to their website
or application. If this occurs, you will be governed by the third party’s privacy policy rather than ours,
and we encourage you to read their privacy policy.
Any third party, partner, or customer we share, rent, sell, or otherwise make data available to will be
pre-screened by us, determined by us to be reputable, and will use the personal data for marketing
products and services which you might share a legitimate interest. Information will be transferred as an
anonymous dataset or collated into metrics when it suffices.
Collected information is disclosed to third parties and/or partners for the following reasons:
As required by law whether that be to protect our rights or simply to comply with legal directives.
For marketing products and services which we determine you might find of interest.
For partners’/clients’ business intelligence or to better understand their user base for the intent of
improving user experience and marketing.
To render services such as payment processing.
You may elect to have your data removed and filtered out from disclosure. Additional details can be
found in the section titled “Controlling your Personal Data” below.
Controlling Your Personal Data
Regarding your personal data, you have the right to:
Request a copy of or to edit, amend, or delete collected personal information.
Request your data be anonymized and/or stored in isolation from Our Services.
Object to the processing of your personal information and/or disclosure to third parties.
Opt out of the sale of your personal information to third parties.
Withdraw consent to process your personal information.
File a complaint with a data protection authority regarding handling of your personal information.
To exercise any of these rights, please contact us through our email: admin@ottomator.ai or through
our personal data rights page https://ottomator.ai/personal-data-rights/. Please email us from the email
which you’d like to exercise your personal information rights on. We may verify your request by
contacting you at the email, phone number, or address you choose to verify your identify with.
In adherence to the PrivacyShield Framework and under certain conditions, you may also invoke binding
arbitration. The details of how to do so can be found here:
Data Privacy Framework
We may be required to retain certain information to complete transactions, detect wrongdoing, exercise
legal rights, keep mandatory records, exercise free speech, enable internal uses that are aligned with
user expectations or are based on the user’s relationship with us, and to comply with legal obligations.
We have designated Verasafe to be our independent dispute resolution body. Details are in the section
titled “Dispute Resolution”.
Dispute Resolution
Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through our
internal processes, we have agreed to participate in the VeraSafe Privacy Shield Dispute Resolution
Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe
will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the
Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here:
Submit a Dispute
E.U.-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
We comply with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set
forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal
information transferred from the European Union and/or Switzerland to the United States. We have
certified to the Department of Commerce that we adhere to the Privacy Shield Principles. If there is any
conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield
Principles shall govern. To learn more about the Privacy Shield program, and to view our certification,
please visit https://www.privacyshield.gov/
We are also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission
in matters regarding the transfer of personal data. As such, we may be required to disclose personal
data in response to lawful requests or to meet national security and/or law enforcement requirements.
We abide by PrivacyShield’s principles and liability provisions in regard to onward transfers of data to
third-party controllers and agents from the EU and/or Switzerland. Our compliance entails the following:
customers will be notified of and have the option to opt out of data transfers, data transfers to third-
parties will be limited in scope to specified purposes consented by users and contractually agreed upon,
ascertaining that these third-parties are obligated to protect the transferred data in a way that is
compliant with PrivacyShield’s principles, ceasing data transfer and processing in the case that a third-
party can no longer meet these protective obligations, and providing a summary or representative copy
of relevant privacy provisions to governing bodies upon request.
Opt-Out of Our Communications
You may opt-out of receiving communications from us as well as remove your information from our
marketing lists. If you remove your information from our marketing lists, it will no longer be used by us
to send promotional correspondence to you. You can remove your information from our marketing lists
by sending your request in writing via email to admin@ottomator.ai.
We Do Not Intend to Collect Data from Children
The information and services provided to us, or our affiliates, sponsors, and advertisers are not intended
to be viewed by children (under 18 years old). No information collected from children is knowingly used
for any marketing or promotional purposes whatsoever, either inside or outside or our websites. No
part of our website is structured to attract anyone under the age of 18.
Security
We are committed to the security of personal data. We take appropriate security measures to limit
abuse of and unauthorized access to personal data. This ensures that only the necessary persons have
access to your data, that access to the data is protected, and that our security measures are regularly
reviewed.
Third-Party Websites
This privacy statement does not apply to third-party websites connected by links on our website. We
cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We
recommend you read the privacy statements of these websites prior to making use of these websites.
International Transfers of Personal Information.
While Ottomator is headquartered in the United States, it may partner with affiliates abroad. This
means that we may collect your personal information from, transfer it to, and store and process it in the
United States and other countries outside of where you live. Data protection laws differ among
jurisdictions; and the United States and these other jurisdictions may not provide the same level of
protection for personal information as your jurisdiction of residence. You understand that your
information may be stored in or accessed from the United States and these other jurisdictions. You
understand that, law enforcement agencies in the United States and these other jurisdictions may
access and use your information for the purposes of investigation and law enforcement. By using our
Site, you consent to the transfer and use of your information to the U.S. and other jurisdictions, as set
forth in this paragraph.
Our Right to Contact You
We reserve the right to contact you regarding your account status and changes to subscriber
agreements, privacy policy, or any other policies or agreements relevant to you.
Data Subject Rights
If you have any questions or want to assert your rights as a data subject, please contact us. You can
contact us by using the information below. In principle, you have the following rights:
• Right of access: You have the right to know whether we process personal data about you,
and if so, which categories of personal data this concerns and how we handle your personal
data. You also have the right to receive a copy of your personal data.
• Right to rectification: You have the right to supplement or correct personal data that is
incomplete or incorrect respectively.
• Right to deletion: You may have the right to have your personal data deleted.
• Restriction of processing: You may have the right to have the processing of your personal
data restricted.
• Withdrawal of consent: If you give us your consent to process your data, you have the right
to revoke that consent at any time with effect for the future.
• Right to transfer your data: You may have the right to receive the data you have provided to
us in a structured, commonly used, and machine-readable format and to transmit this data
to another controller.
• Right to object: You may have the right to object to the processing of your data which we
process based on legitimate interests. We comply with this, unless we can demonstrate a
compelling legitimate ground for the processing.
However, the above rights may only apply under certain conditions or may be subject to exceptions. For
example, we cannot delete your personal data if we still require it to perform the contract with you or if
we are under a statutory obligation to retain it.
If you contact us to assert any of the above rights, please make sure to always clearly state who you are,
so that we can be certain that we do not modify, delete, etc. any data of the wrong person.
Our Contact Information
If you have any questions about this privacy statement, the practices of this site, or your dealings with
this website, you can contact us via email sent to: admin@ottomator.ai or through mail addressed to:
Trellis Ventures Inc. (DBA Ottomator)
377 Lear Rd., Suite B, Unit 129
Avon Lake, OH 44012
Phone: +1 (440) 496 8180
Email: admin@ottomator.ai
Anti-Spam Policy. CAN-SPAM Act Compliance
Ottomator is dedicated to ensuring compliance with the ‘CAN-SPAM Act’, which took effect January 1,
2004. You may receive email from us in the following circumstances:
Acknowledging your application has been received and requesting additional action.
Requests for additional information to support your current application.
Response to your inquiries regarding the status of your loan, payment due dates, extension requests
and other transactional requests.
Thanking you for your valued business.
Advertisements for our products, services, changes in services, new product availability.
Advertisements for third party products and services where we have determined that such product or
service may be of interest to our customers.
Ensuring compliance with the CAN-SPAM Act
We have implemented the following guidelines for email delivery:
All emails sent to you by us will clearly identify us as the sender/
The Subject Line of any email you receive will always accurately describe the subject matter of the
email.
Any email from us will include the ability to unsubscribe from future email messages.
Unsubscribing will ensure the customer is removed from our lists ; this excludes customer service emails
regarding the processing and status of a current product.
Advertising emails from us will include information that the email is an advertisement, either in the body
or footer of the email.
All emails sent to you directly by us include valid postal address information in the footer.
All third-party marketing partners are required to comply with the CAN-SPAM Act.
Emails sent to you directly by us will include an email address and physical address where you can send
suggestions, complaints or other correspondence.
CCPA OVERVIEW
Please note that if you are California resident, the California Consumer Privacy Protection Act (CCPA)
sets forth certain obligations for businesses that “sell” personal information to third parties. Ottomator
does not engage in such activity. Furthermore, Ottomator’s products and services are compliant with
the California Consumer Privacy Act of 2018.
The CCPA) also allows California residents to make certain requests about their personal information.
Specifically, the CCPA allows one to request the following:
• Information you about the categories of personal information we collect or disclose about
you; the categories of sources of such information; the business or commercial purpose for
collecting your personal information; and the categories of third parties with whom we
share/disclose personal information.
• Provide access to and/or a copy of certain personal information we hold about you.
• Delete certain personal information we have about you.
• Provide you with information about the financial incentives that we offer you, if any.
• The information, which we will provide free of charge twice per 12-month period upon
request, includes a list of the types of Personally Identifiable Information that we have
provided to third parties for their direct marketing purposes and the names and addresses
of all third parties which we have shared such information during the past calendar year. To
exercise your rights, please send us a written request via email at
privacy@sheilathelabel.com.
Please note that we do not collect or process Sensitive Personal Information, as defined by California
law, for inferring characteristics or use or disclose Sensitive Personal Information for purposes other
than those permitted by law.
If you are a California resident, you can opt out of sharing your personal information with third parties
for their direct marketing purposes by emailing us at privacy@sheilathelabel.com and clearly stating
your request, including your full name, mailing address, email address and phone number. You also have
the right to opt out of the sale of your personal information to third parties.
Shine the Light: If you are a California resident, you have the right to request that we provide you with
(a) a list of certain categories of personal information we have disclosed to third parties for their direct
marketing purposes during the immediately preceding calendar year and (b) the identity of those third
parties. To exercise this right, email us at the address provided herein, and clearly stating your request,
including your full name, mailing address, email address and phone number.
Non-discrimination: If you exercise any of your personal information rights detailed in this section, we
will not discriminate against you and we will not deny you goods or services, charge you a different
price, or provide you with a lesser quality of goods or services.
GDPR OVERVIEW
Ottomator is committed to offering our clients sophisticated products and solutions that are both
innovative and legally compliant. As part of this commitment, we have conducted an analysis regarding
whether and how the European Union’s General Data Protection Regulation (GDPR) may impact our
organization. As outlined in greater detail below, based on our review we have determined that
Ottomator is not subject to the GDPR at this time and therefore is not legally required to comply with
the Regulation.
What is the GDPR?
The GDPR is a complex and comprehensive overhaul of European data protection law. The GDPR was
designed to harmonize privacy regulation across the EU and to address emerging risks associated with
the processing of personal data in an evolving technological landscape. The GDPR applies to a broader
array of companies than were subject to the 1995 EU Data Protection Directive, including some
companies that have no physical operations in the EU or whose activities were not covered by the 1995
Directive.
Businesses that are subject to the GDPR must adhere to a number of specific requirements, among them
heightened data security standards and transparency regarding their processing of EU personal data. EU
data subjects have a variety of data protection rights they may exercise under the GDPR, including the
right to know how their personal data may be collected, used, disclosed, transferred, shared, and
retained, as well as the ability to control these data processing activities under certain circumstances. A
company’s failure to meet its GDPR obligations could result in regulatory investigations and potentially
steep financial penalties.
Does the GDPR apply to Ottomator?
At this time, the GDPR does not apply to Ottomator or the organization’s data collection and processing
activities. Broadly speaking, there are three ways a business located in the United States may be subject
to the GDPR:
If the business is “established” in the EU (for example, if it has a physical presence or
employees in the EU);
If the business is not established in the EU, but is processing EU personal data in conjunction
with offering goods or services in the EU (whether or not the business is charging money for the
goods or services); or
If the business is processing EU personal data to monitor or track behavior in the EU.
GDPR. We have completed this analysis and determined that Ottomator does not have to comply with
the GDPR because:
Ottomator is not established in the European Union. We do not have any offices or employees
outside the U.S., nor do we conduct business activities in the EU.
Ottomator does not offer goods or services to individuals or entities in the EU. Our business is
focused exclusively on providing our U.S. clients with products and solutions that help them
better identify, understand, and target consumers located in the United States. Though our
website may be accessible to someone located in the EU who has access to the Internet, we do
not market to people in the EU, nor do we target audiences in other countries.
Ottomator does not monitor the behavior of persons in the EU. The data portfolios that serve as
the basis for our products and services consist solely of information collected in the U.S. We do
not process EU personal data or otherwise track data subjects located in the European Union.
The personal data you provide to us or which we collect from you is received directly in the US.
There is no transfer of personal data in the sense of Article 44 of the GDPR
If we were to discover that we had inadvertently obtained EU personal data, we would promptly and
securely delete such personal data in accordance with applicable law.