What this Privacy Notice Covers.
This Privacy Notice applies only to Uptake’s processing of your Personal Data (we’ll define “processing” and “Personal Data” below) in connection with your submission of your application to the Uptake.org Data Fellows program (the “Program”). If you have provided personal data to Uptake in another context, Uptake’s processing of that personal data is explained in another privacy notice.
Read this Privacy Notice!
We want you to feel that our processing of your Personal Data is conducted fairly and transparently, so we want you to read this Privacy Notice. We also understand that you’re busy, and these things can be dense. That’s why we’ve provided . . . .
A Quick Guide to this Privacy Notice.
This Privacy Notice is your one-stop-shop for understanding what we’re doing with your Personal Data and why. Of course, you should read it top-to-bottom. In case you don’t have the time right now, you can use the menu below to jump to your topic of interest and come back to the other parts as soon as you can.
Who are we?
Click here if: You want to know what we mean when we say “Uptake” (or “us” or “our” or “we”).
What are we processing?
Click here if: You want to know what personal data we’re processing and how.
Who are we?
When we say “Uptake” (or “us” or “our” or “we”), we mean Uptake Technologies, Inc. We don’t mean other companies or individuals that we don’t own or control.
You can find, and send mail to (if you’d like), our headquarters at 600 W. Chicago Ave., Suite 620, Chicago, IL 60654. If you prefer phone, you can reach us at 312-242-2200. Emails related to this Privacy Notice can be sent to [email protected].
What are we processing?
Personal Data We’re Processing.
We are processing some or all of the following information (“Personal Data”): your first name, last name, email address, phone number, job title and organization, and location (country and city). When you submit this form, we may also collect your IP address (also considered your “Personal Data”).
How We Get Your Personal Data.
We obtain your Personal Data in two major ways: (1) directly from you (when you submit our website’s form); and (2) automatically through tracking technologies (like cookies, which may come from some of our Subprocessors (we’ll define that below)).
A Note on Cookies.
Most browsers include an option to clear existing cookies or reject new ones. If you prefer not to use any cookies, you can also opt out in some browsers by adjusting your browser settings. However, if you opt out or reject new cookies, some portions of the website may not function as intended. Note that we currently do not support Do Not Track browser settings.
Why are we processing it?
Reasons for Processing.
We are collecting your Personal Data in connection with our evaluation of your application for participation in the Program, including for the following specific reasons:
Uptake does not process personal data without a lawful basis for doing so. We believe that we have a lawful basis for processing your Personal Data and that our lawful basis is your consent, which you are providing by checking the checkbox next to the consent statement before clicking “Submit” (or however else we may have labeled that button). The provision of your Personal Data is neither a statutory requirement nor a contractual requirement.
How are we processing it?
Scope of Processing.
Throughout this Privacy Notice, you’ll see us talk about “processing” your Personal Data. This has a broad definition and refers to everything we’re doing with respect to your Personal Data under this Privacy Notice.
More specifically, though, we are storing your Personal Data and using it to evaluate your candidacy and communicate with you concerning the same. When we’re done with it (described in more detail below), we may also delete or destroy it. We are not conducting any automated decision-making, including profiling, with respect to your Personal Data.
Consequences of Processing on You.
As a result of our processing your Personal Data, we’ll be able to contact you (by phone, mail, and email) and will, of course, be making a decision as to whether to invite you to participate in the Program.
Uptake takes data security very seriously and will always use reasonable efforts to secure your Personal Data. We have implemented appropriate technical and organizational measures to protect personal data, including encryption of personal data transmitted to and from our website and services. However, no data transmission over the Internet is completely secure, so we cannot guarantee the absolute security of this data.
How long will we have it?
There’s no precise time period, but we intend to store your Personal Data at least while we are evaluating your candidacy. If you are offered, and accept, a position in the Program, we will continue to store your Personal Data, but that will fall under a separate privacy notice. If you are not offered, or are offered and don’t accept, a position in the Program, we will retain a copy of your Personal Data for 4 years following our non-offer or your non-acceptance, though our processing of this Personal Data will be limited to what is required to establish, defend, or exercise legal claims or otherwise cooperate with legal matters.
Who else is getting it?
Your Personal Data will be shared among the employees and contractors that need to use it to evaluate and communicate with you concerning your candidacy for the Program. This definitely includes members of our Uptake.org team and probably includes members of our People team. This may also include members of our team that we feel would be a good mentor to you during the Program. This will not include employees or contractors that have no involvement in the Program (except to the extent we announce that you’ll be joining the Program).
Outside of Uptake: Subprocessors.
Your Personal Data will be shared with certain of our third-party technology and service providers (also known around here as “Subprocessors”), including primarily Hubspot (manager of the input form), Salesforce (our customer relationship management provider), and Google and Box (for internal storage purposes). In all cases, we only make your Personal Data available to Subprocessors who truly need it, and their processing will generally be limited to what is necessary to provide us with their respective services.
Special Circumstance: Law Enforcement.
Like other global companies, Uptake is subject to various legal obligations and falls within the jurisdiction of numerous government and law enforcement officials. We will cooperate with these officials, as well as any private parties, as required to enforce and comply with the law. We may disclose your Personal Data as we, in our discretion, believe is necessary or appropriate: (a) to comply with law, regulation, or valid legal process; or (b) to protect our property, rights, and safety, and the property, rights, and safety of a third party or the public in general. If we are going to release your Personal Data on this basis, we will do our best to provide you with prior notice unless doing so is prohibited by law, regulation, or valid legal process or could otherwise be prejudicial to our ability to enforce and/or comply with the law.
Where is it going?
Uptake is a Chicago-based company, and our hosting and other cloud providers keep our data in the United States. If you requested information related to products and solutions sold and/or marketed by Uptake Canada Inc. (our affiliate), your Personal Data may be transferred to Canada, which has been found by the European Commission to provide an adequate level of protection of personal data. Except for transfers to Canada (if applicable), your Personal Data will not leave the United States unless you ask for it back, in which case it will be transferred back to the country in which you reside.
Read This if You Live in Europe.
As you may be aware, the United States has not been subject to a universal adequacy decision by the European Commission. While we can’t read their minds, we believe this means that the European Commission does not consider U.S. laws to provide the same level of legal protections to individuals concerning their personal data and how it is used, in part because U.S. companies may not be subject to legal obligations as stringent as those applicable to European companies. This means that processing in the U.S. may be undertaken with fewer privacy- and security-focused protections than in Europe, which may increase the risk of data breaches, losses of data, or similar events affecting personal data privacy and security. In any event, Uptake is firmly committed to data privacy and security and has implemented a number of measures that are intended to ensure all personal data (including your Personal Data) is protected just as strongly in the U.S. as it might be in Europe. We won’t get into all of it here, but this includes entering into EU-approved model contract clauses with certain of our processors and Subprocessors (including those we’ve described above) and providing appropriate technical and organizational measures to secure your Personal Data (as discussed above). If you have any questions about cross-border processing, please don’t hesitate to reach out to [email protected].
What if something changes?
It could happen. This Privacy Notice is current as of May 7, 2018, but we may change this Privacy Notice or the way in which we process your Personal Data (including the purpose of that processing or the methods for doing so). If we do, we do our best to notify you in advance (probably by email). The current version of this Privacy Notice will always be available on our website.
What can you do about it?
Uptake is committed to the cause of giving individuals greater control over the processing of their personal data. In furtherance of this commitment, as one of our “data subjects” (a technical term), you may be entitled to certain rights:
The rights above with an asterisk (*) are subject to some conditions and may not be applicable under this Privacy Notice. If you want to know more about those conditions, or if you would like to exercise one or more of the rights above, shoot your request to [email protected].
If you’re not happy with what you’ve read so far, or if you believe we’ve overstepped, you can always reach out to your local data protection authority. The identity of your local data protection authority depends on where you live, so we are unable to identify it for you. If you live in Europe, we have found this link to be helpful: https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en.
If we haven’t answered your question yet, you sure do have a lot of questions. Fire those questions over to [email protected].