Personalise your experience

To personalise your experience, Which of these best describes you:

recruiter
sales
investigation
other

SWORDFISH PRIVACY POLICY

Last Updated: May 6, 2020


PLEASE READ THE PRIVACY POLICY CAREFULLY AND USE IT TO MAKE INFORMED DECISIONS. BY USING OUR SERVICES, YOU AGREE TO THE TERMS OF THIS PRIVACY POLICY AND YOUR CONTINUED USE OF THE SERVICES CONSTITUTES YOUR ONGOING AGREEMENT TO THIS PRIVACY POLICY.


GENERAL

This Privacy Policy outlines Swordfish’s (the “Swordfish”, “we,” “us,” or “our”) practices with respect to collecting, using and disclosing your personal information when providing our online services (collectively, the “Services”) and constitutes an integral part of Swordfish’s Terms of Service (“Terms”, and collectively, the “Agreement”).


For residents of California, U.S.A. subject to this Privacy Policy, see the supplement entitled “Your California Privacy Rights” linked here.


For residents of Nevada, U.S.A. subject to this Privacy Policy, see the supplement entitled “Your Nevada Privacy Rights” linked here.


Our Services are designed to help customers find business profile information of individuals they seek in order to interact with them. Swordfish enables its customers to access business profiles of these contacts for the purpose of supplementing the data customers have about these contacts.


“Users” are Swordfish individual customers or business customer representatives who download, install, or use the Swordfish browser extension (the “Plugin”) or access the Swordfish Website - www.swordfish.ai (the “Site”). Users may be fraud prevention professionals, investigators (e.g., law enforcement and fraud detection teams in businesses), recruiters and other human resources professionals, or vendors (e.g. sales professionals, B2B partners, or sales platforms).


“Contacts” are people whose identities are being confirmed, who are the subject of an investigation, or who are being contacted by Users, for example for recruitment or sales purposes. An example of identity confirmation occurs when a person signs up for an online service and a User working for the service wants to make sure that the person signing up is who he or she claims to be. Law enforcement Users may be investigating certain Contacts or seeking to contact witnesses to events under investigation.


Here is how our Services work. Users use a search page on our Site or our plugin while online by requesting personal information of a specific individual. Users can search for individuals by social media URL, name, phone number, email address, or postal address. In response to a request for personal information about that individual, we respond with the available contact information (name, phone number, email address, location (city and country), company name, and job title) and social media account URLs available to us about the requested individual if the individual is either in a database of one of our third party data providers (a “Third Party Database”) or within the Swordfish database (“Swordfish Database”). The Third Party Databases and Swordfish Database are referred to collectively in this privacy policy as the “Databases.” The Databases contain information comprising “Business Profiles.” A “Business Profile” is a name associated with an email address and/or telephone number. If a User requests personal information about an individual, and if none of the Databases has information about that individual, the Site or plugin will respond by stating that no information about that individual is available. We may also verify email addresses of Contacts with business domains by confirming them with their business’s email servers.


Swordfish operates as a search platform, and therefore most of the information it retrieves is not created or collected directly by Swordfish. Rather, our third party data providers retrieved the information from the web or from the contribution of relevant data from other users and business partners.


Swordfish is a registered data controller in the United Kingdom. In addition, Swordfish is a registered data broker in the States of California and Vermont, U.S.A.


We respect your privacy and are committed to protecting the privacy and security of both our customers’ Users and the Contacts they are investigating or contacting.

The term “you” shall refer to both Users or Contacts, as applicable.

In this Privacy Policy you will read about:


  • The Databases
  • What types of personal information we collect
  • Cookies
  • How we process and use the personal information we collect
  • Sharing personal information with third parties
  • Links to other websites
  • Your rights regarding your personal information
  • Retention of personal information
  • How do we safeguard and transfer your personal information
  • Minors’ control
  • Marketing
  • Corporate transactions
  • Changes to this Privacy Policy
  • How to contact us


The Databases

Most of the Business Profile information to which we have access comes from Third Party Databases, which our trusted business partner data providers collect from publicly available sources. They also receive personal information from their business partners who own established and legitimate directories or from publicly available sources. In addition, Swordfish also collects Business Profile information itself and stores it in the Swordfish Database. In response to a User query, our algorithms process this information contained in the Databases in order to identify the most up-to-date information related to each Business Profile. 


Swordfish Salesforce App – If a User chooses to connect its Salesforce or other customer relationship management (CRM) application account to the Swordfish Salesforce App, Swordfish will not collect information from the Salesforce account. Instead, the effect of the connection is for the Salesforce account to receive updated information about Contacts from Swordfish. In other words, the communication of personal information is one-way from Swordfish to the User’s Salesforce or CRM account.


If you prefer that we not disclose your Business Profile to our Users, vendors or business partners, you may opt-out by filling in your relevant details at www.swordfishapp.com/Optout. In this case, we shall not continue to use or disclose your Business Profile. To learn more on our commitment to respect your rights in accordance with applicable privacy and data protection regulations, please see “Your Rights Regarding Your Personal Information” below.

 

WHAT TYPES OF PERSONAL INFORMATION WE COLLECT

As explained in detail below, we collect two main types of information. The first type (i.e. “Business Profiles”). Business Profiles consist of available contact information (name, phone number, email address, postal address, company name, and job title) and social media account URLs available to us about the requested individual. Swordfish returns Business Profiles to Users using our Services in response to their requests. The second type of information (i.e. “User’s Data”) is mainly collected to allow Users to open and maintain an account with Swordfish and to use the Services using the Site, our Plugin, or file upload features.


1. Business Profiles

Swordfish collects Business Profile personal information about individuals itself as described in Section 3 and 4 below and stores it in the Swordfish Database. Our third party data providers collect Business Profile personal information from different public sources, namely: (i) third parties who license, sell, or otherwise provide personal information they have collected to our third party data providers; or (ii) information from publicly available sources, such as via the Internet and social networks.


2. User’s Data

We collect two categories of information from our Users:


  • The first category of information is un-identified and non-identifiable information pertaining to a User(s), which may be made available or gathered via your use of the Services (“Non-personal Information”). We are not aware of the identity of the User from which the Non-personal Information was collected. Such information includes the following:

  • (a) We collect technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time and the domain name from which you linked to the Services; etc.), in order to enhance the functionality of the Services and to provide you with a better user experience.

  • (b) We may also collect information about your use of the Services (including by using the plugin or the Site), such as log files, User activity (e.g. pages viewed, the amount of time spent on particular pages, online browsing, clicks, actions, installs, etc.), time stamps, alerts, etc. This information is collected for amongst other things troubleshooting errors and bugs as well as for research and analytics purposes about your use of the Services.

  • (c) We may anonymize or de-identify the information collected by the Services or via other means so that the information cannot, on its own, personally identify you, for instance for reporting purposes. Our use and disclosure of such aggregated or de-identified information are not subject to any restrictions under this Privacy Policy, and we may disclose it to others without limitation and for any purpose.

  • ii. The second category of information is personal information about you that specifically identifies you or when combined with other information we have, can be used to identify you. Such personal information is collected as part of the following activities and includes the following items:

  • (a) In order to download our Plugin, you will be required to register for the Services (e.g. through our Site). As part of the registration process, we will collect your full name, email address, and telephone number. In addition, when you upgrade and purchase our paid version of the Plugin you will be requested to enter your payment information (e.g. your credit or debit card number, PayPal account, etc.). We do not collect such payment information directly, we have no access to it, and the processing of such payment information is made by our “payment gateway” trusted third party service providers.

  • (b) When you register or connect the Site or Services with your social network account or email services (each a “Platform”), we may have access to basic personal information about you from such Platform, such as your name, email address, contact list, as well as any other information you made publicly available on such Platform or agreed to share with us. At all times, we will abide by the terms, conditions, and restrictions of such Platforms.

  • (c) We collect personal information which you provide us voluntarily. For example, we collect personal information when you communicate with us via email or the Site or share additional information about yourself or about others through your use of the Services, when you respond to communications from us, or when you make a purchase through our Site.

  • (d) If you agree to use Swordfish’s referral service to invite friends to use Swordfish, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email with an invitation to visit the Site and install the Plugin. If your friend consents to become a Swordfish customer, we then collect information from your friend when your friend registers to use the Services as described in this policy.

  • (e) See Section 4 below regarding User information in the Swordfish Database and Section 5 below regarding information collected from Users when they visit the Site.

3. Gmail Service

  • If you use the Gmail Service and you are not a resident of the European Economic Area, we will ask you to grant us access to your Gmail account using the application settings in your account (For a complete description of the Gmail Service, please see our - Terms of Service

  • The Gmail Service will have access to the content of your Gmail account and will automatically add contact information to the Swordfish Database. The information added to the Swordfish Database through your use of the Gmail Service will be governed by Swordfish’s Privacy Policy.

4. User Information and the Swordfish Database

In order to improve the Services for all users, improve accuracy, and return more useful information to customers, Swordfish adds User information into the Swordfish Database. In other words, a User’s contact information becomes a new Business Profile and a User will also be a Contact.


By becoming a User, you consent to become a Contact as well, and other Users will be able to look up your Business Profile when using the Services.


5. Website Visitor Information

We may collect information from Site visitors (including Users) that submit information to us using the Site, social media messages, including name, email address, phone number, and message content. We may collect information on an aggregate basis when visitors visit our Site, for instance:


  • Data about how the user was referred to our Site

  • Visitors’ Internet protocol (IP) addresses

  • Locations of visitors

  • Web browser users are using

  • Information about the user’s device

  • Operating systems used by visitors

  • Key words or search terms used by visitors to find our website

  • How many visitors view the website or specific pages on it

We use a web analytics service, Google Analytics, to evaluate how users view and use our Site. Google Analytics tells us about when and how you use our Site, the website from which you navigated to our Site, information about your system, and your location.


For more information about Google Analytics, please visit:


http://www.google.com/policies/privacy/partners/


You can opt out to prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout.


If a user begins a chat session on our Site using an email address, we may receive additional information about you from another of our third party data providers. For instance, we may receive the following information, if available:


  • Job title

  • Metrics about times you used our Site

  • Information on how you used our Site

  • Number of Twitter followers

  • Additional information about how you were referred to our Site

  • Information about your receipt of emails

COOKIES

A cookie is a small data file that is sent to your device when you first visit a website. Cookies usually include an identification number that is unique to the device you are using. Such identifiers can help us better understand our Users and how they are using the Site and the Services.

Some of our cookies are required for the operation of our Site, for instance to authenticate you as the correct User. Other cookies are functional in that they assist you in using the site. For instance, some cookies enable recognition of a User when they re-visit the Site, keeping their settings and preferences and ability to offer customized features. If you prefer, however, at any time you can reset your browser so it refuses all cookies, or notifies you when a cookie is being sent.

The basis for processing required and functional cookie data is assisting in fulfilling your requests for information.

The Site and Services may implement the following types of cookies:  (i) cookies implemented by us for the purposes described above (“First Party Cookie”); and (ii) third party cookies which are set by other online services who run content on the page you are viewing, for example by Google Analytics and other third party analytics companies who monitor and analyze our web access.

You may remove the cookies by following the instructions of your device preferences; however, if you choose to disable cookies, some features of our Services may not operate properly and your online experience may be limited.



HOW DO WE PROCESS AND USE PERSONAL INFORMATION?

We use the information we collect in the ways and for the purposes described above. We may also use such information in the following ways, and for additional purposes, as follows:


1. 1. Business Profiles

We may use Business Profiles of Contacts for the following purposes:

  • To maintain and provide the Services; Users submit a query to the Services by providing a name of a Contact to find out the email address or telephone number of that Contact; our Services respond to the User by providing the User that Contact’s email address and telephone number;
  • To enrich Swordfish Database with current Business Profiles, which enables our Services to provide accurate and current responses to User queries of our Services;
  • To respond to Contacts’ inquiries, support request, feedbacks or questions;
  • To detect and prevent fraudulent and illegal activity or any other type of activity that may jeopardize or negatively affect the integrity of the Services;
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority.

The basis for collecting and processing Business Profiles of Contacts (including Users) who are located in the European Economic Area, the UK, or Switzerland is legitimate interests of our customers and Swordfish itself. In the case of Users whose Business Profiles are placed in the Swordfish Database, the basis is consent.

In accordance with our Terms of Service, any User request for a Business Profile of a Contact located in the European Economic Area, the UK, or Switzerland shall only be for purposes of fraud prevention, fraud detection, or investigations. Users represent that any such inquiry is for one of these purposes. For Contacts asking Users to authenticate them before providing services to such Contacts, the basis for processing is also to facilitate the performance of a contract between the Users’ businesses and the Contacts.


2. User’s Data

We may use User’s Data for the following purposes:

  • To verify User’s registration to the Services and verify User’s email address;
  • To respond to User’s inquiries, support requests, feedback or questions.
  • To manage User’s account and provide Users with customer support;
  • To identify and authenticate User’s access to the Services;
  • To detect and prevent fraudulent and illegal activity or any other type of activity that may jeopardize or negatively affect the integrity of the Services;
  • To communicate with you and to keep you informed of our latest updates, upgrades, and products;
  • To perform a research or to conduct analytics in order to improve and customize our Services to your needs and interests; and
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority.
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.

The basis for collecting and processing User personal information who are located in the European Economic Area, the UK, or Switzerland is to perform the contact between Swordfish and the customer for which the User is working. Another basis is the legitimate interests of Swordfish to prevent fraud and illegal or other harmful activity, to perform research and conduct analytics, and to investigate violations and enforce our policies. Finally, consent is the basis for adding User information to the Swordfish Database of Contacts’ Business Profiles.



SHARING PERSONAL INFORMATION WITH THIRD PARTIES

We may share and disclose personal information we collect, if we believe in good faith that such disclosure is necessary or required: (i) to comply with a law, regulation, governmental or securities exchange requirement, court order, judicial proceeding or legal process, such as a subpoena, search warrant, or demand for disclosure under judicial or administrative process; (ii) to address a violation of the law; (iii) to investigate fraud or criminal activity, and to protect our rights or those of our affiliates, vendors and Users, or as part of legal proceedings affecting or may affect us or our affiliates, vendors or Users; and (iv) to allow Swordfish to exercise its legal rights or respond to a legal claim.

The bases for such processing of personal information of Users or Contacts who are located in the European Economic Area, the UK, or Switzerland under this section are compliance with a legal obligation and the legitimate interests of Swordfish, its customers, and Users.

We may also share your information in the following ways, and for additional purposes, as follows:


1. Business Profiles

We may share some Business Profiles of Contacts with our third party data providers to check their accuracy and make sure Third Party Databases are current.

At any time, you may decide to opt-out from enabling us to disclose or allow access to your Business Profiles stored on Swordfish Database with our vendors and business partners, by filing in your relevant details here - www.swordfish.ai/Optout


We may also share Business Profiles stored in our database with the following recipients: (i) our subsidiaries; (ii) subcontractors and other third-party service providers (e.g. hosting services, etc.); (iii) auditors or advisers of our business processes; and (iv) any potential purchasers or investors in Swordfish.


2. User’s Data

We may share User’s personal information with the following recipients: (i) our subsidiaries; (ii) subcontractors and other third-party service providers (e.g. payment processors, hosting services, etc.); (iii) auditors or advisers of our business processes; and (iv) any potential purchasers or investors in Swordfish.



LINKS TO OTHER WEBSITES

This Privacy Policy applies only to our Services and not to websites or applications owned by third parties. We may provide links to other websites (e.g. through advertisements, marketing materials, etc.) which we believe may be of interest to you. We cannot guarantee the privacy standards of such websites to which we link or be responsible for the contents of sites and this Privacy Policy is not intended to be applicable to them.

You are knowingly and voluntarily assuming all risks of using third-party sites. You agree that we shall have no liability whatsoever with respect to such third party sites and your usage of them.


YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

We respect your privacy rights and therefore you may contact us at any time and we shall work diligently to respect your choices and requests regarding your personal information. The list below describe the rights of Users and Contacts under applicable privacy and data protection laws. These rights are subject to conditions and limitations under applicable law:

  • Right of Access: You may request to access your personal information and obtain a copy of personal information which is being processed by Swordfish. In the event that you request to know what personal information is being processed by us, we will provide you with the following information free of charge: purposes of processing; categories of personal information processed; categories of recipient(s) of personal information; length of time during which the personal information will be stored; your privacy rights; and information on data transfers or disclosures.

  • Right of Rectification: You may request to change, update or complete any missing data we process about you, by contacting us with your relevant details. Please note that there may be legal reasons why we may not change information to the extent required or allowed under applicable law.

  • Right to Withdraw Consent: Where consent is the basis for processing your personal information, you may at any time withdraw your consent to our processing of your personal information. In this case, if there is no processing necessary for compliance with a legal obligation or overriding legitimate interest for continuing the processing of your personal information (e.g. to comply with our legal obligations, resolve disputes, enforce our agreements, etc.) and the personal information is no longer necessary in relation to the purpose for which it was originally collected, we will cease further processing of your personal information, for instance by erasing your personal information. Such withdrawal of consent will be made by contacting us with your relevant details. Your right to withdraw consent, however, is subject to certain conditions and exceptions under the law.

  • Right of Erasure: You may at any time, request that we delete personal information about you. In this case, if there is no legal basis for continuing to retain your personal information (e.g. to comply with our legal obligations, resolve disputes, enforce our agreements, etc.), we will erase your personal information. Your right of erasure, however, is subject to certain conditions and exceptions under the law.

  • Right of Restriction of Processing: You may request us to restrict processing of your Personal Information if one of the following applies: (i) the accuracy of the personal information is contested by you; (ii) the processing is unlawful; or (iii) if we no longer need the personal information. Such request will be made by contacting us with your relevant details. Again, the right to restrict processing is subject to certain conditions and exceptions under the law.

  • Right to Data Portability: You have the right to receive the personal information about you in a structured, commonly used and machine-readable format. Such request will be made by contacting us with your relevant details. We will need to authenticate the identity of any person making such a request and certain conditions under law apply as well.

  • Right to object to processing Data: You have the right to object to processing your personal information. Such a request will be made by contacting us to submit your objection. Again, the right to object is subject to certain conditions and exceptions under the law.

If you wish to contact us about exercising any of the rights listed in this Section, please submit a request to us using the Contact Us section at the end of this privacy policy.


RETENTION OF PERSONAL INFORMATION

Personal Information will be retained by Swordfish in such a way that you can be identified until the date on which personal information is no longer needed for Swordfish’s processing activities (“Processing Date”). Swordfish will adopt the same retention policy for all Users and Contacts regardless of their place of residence, which will follow the reasonable mandatory retention period, which is 7 years as from the Processing Date. Please note that we may retain the information we collect for as long as needed to provide the Services and to comply with our legal obligations, resolve disputes and enforce our agreements.

If you wish to remove Business Profiles existing in our servers or if you prefer that we not disclose your Business Profiles with our Users, vendors or business partners, you may opt-out by filling in your relevant details here - www.swordfish.ai/Optout. In this case, we shall not continue to use or disclose your Business Profiles, except as required or permitted under applicable law.

Please be notified:

if you opt out of being a Contact, we will make sure that our Services will not return any personal information associated with your email address. Nonetheless, should you change accounts or have multiple accounts, there may be duplicate records. Accordingly, the more information you can provide us when opting out, the more effectively we can block your personal information from being provided to Users.



HOW DO WE SAFEGUARD AND TRANSFER YOUR PERSONAL INFORMATION?

We take great care in implementing and maintaining the security of the Services and your personal information. We employ industry standard procedures and policies to ensure the safety of your personal information and prevent unauthorized use of it. Although we take reasonable steps to safeguard personal information, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure and Swordfish cannot guarantee the security of data outside of its information processing facilities.

Since we operate globally, it may be necessary to transfer your Personal Information to countries outside the European Union. The data protection and other laws of these countries may not be as comprehensive as those in the European Union – in these instances we will take steps to ensure that a similar level of protection is given to your Personal Information. You hereby consent to transfer of your Personal Information to countries outside the European Union. However, as stated above, any inquiries about Contacts located in the European Economic Area, the UK, or Switzerland shall only be for the purposes of fraud prevention, fraud detection, or investigations.

The products and services of Swordfish are not targeted to or intended for children under the age of 18. If you are under 18, you may not submit information about yourself to Swordfish. Swordfish reserves the right to modify or remove any information on the Site or Services at its own discretion.

In the event that we become aware that a User is under the age of 18 has shared any personal information with Swordfish, or if we become aware of a Contact under the age of 18, we will discard that minor’s personal information. If you have any reason to believe that a minor has shared any personal information with us or any personal information about a minor is in our Databases of Contacts, please contact us at contact@swordfishapp.com



MARKETING

We may use Users’ Personal Information, such as names and email addresses, ourselves or by using our third-party subcontractors for the purpose of providing our Users with promotional materials and newsletters concerning our Services, which we believe may interest them.

Out of respect to their right to privacy, at any time, Users may request to unsubscribe and discontinue receiving marketing offers by following the directions in the email or sending us a blank message with the word “remove” to contact@swordfishapp.com.

The basis for collecting and processing User personal information who are located in the European Economic Area, the UK, or Switzerland as described in this section is to perform the contact between Swordfish and the customer for which the User is working and the legitimate interests of Swordfish.



CORPORATE TRANSACTIONS

We may share information, including Personal Information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale of an asset or transfer in the operation thereof) or bankruptcy or any similar insolvency proceedings of Swordfish or any of its affiliates. In the event of the above, the acquiring company or transferee will assume the rights and obligations as described in this Privacy Policy.



 

CHANGES TO THIS PRIVACY POLICY

Swordfish reserves the right to modify this Privacy Policy from time to time, so please review it regularly. If we make changes to this policy, we will notify you here or by means of a notice on the Site’s homepage prior to the changes becoming effective. If the changes are material, we will notify you by email.

Please check back periodically to review the latest version of this Privacy Policy. You hereby declare that your continued use following any changed made to the Services or the Privacy Policy shall constitute your consent to any modified terms.

CONTACT US; EXERCISING INDIVIDUAL RIGHTS; COMPLAINTS

Our point of contact is Ben Argeband, who is the officer of our company in charge of data protection.

If you have any questions, comments or concerns about this policy or about our privacy practices, seek to exercise any of your privacy rights under applicable law, or wish to access, change, or update personal information we have about you, you should first contact our data protection officer by email at contact@swordfishapp.com. You may also contact us at this email address if you are aware of abuse or misuse of our Services.

If you prefer that we not disclose your Business Profile to our Users, vendors or business partners, you may opt-out by filling in your relevant details at www.swordfish.ai/Optout .

If you have a complaint about our privacy practices, contact our data protection officer by email at contact@swordfishapp.com. Our privacy team will investigate any complaints that you make concerning our privacy practices and provide you with a written response. You will need to provide enough information for us to evaluate your complaint, and we may need to ask for additional information in order to assess a complaint. Also, you have a right to submit any complaint to your local data protection authority or government regulator.




Cookies are being used on our website. By continuing use of our site, we will assume you are happy with it.

Ok