Privacy Policy
Effective Date: November 27, 2024
Introduction
Corner3, Inc. dba Strella ("Strella," "Company," "we," "our," or "us") is an online research platform where Strella and other companies or groups (each a “Customer” or "Researcher") post opportunities for individuals (each a "Partitipant") to participate in online and mobile application-based research projects (collectively, "Projects").
This privacy policy ("Privacy Policy") explains how we collect, use, disclose and transfer information collected from researchers to the Strella website located at strella.io, the Strella application at https://app.strella.io/ (the "App"), and any other website, widget, mobile application or other service that links to this Privacy Policy (collectively, the "Platform"). Please note that this Privacy Policy does not cover information provided by or collected from Participants. Those privacy rights are governed by the Strella Participant Terms and Conditions and Privacy Policy. This Privacy Policy does not cover any information collected at any other web site, application or offline by Strella (unless specifically stated). Under applicable law, Strella is considered the "data controller" of information from or about our Platform visitors. In other words, Strella is responsible for deciding how to collect, use, share, and disclose this information. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.
Please review this Privacy Policy carefully. By accessing or using the Platform, you agree to this Privacy Policy. IF YOU DO NOT OR CANNOT AGREE TO THIS POLICY, PLEASE DO NOT ACCESS OR USE THE PLATFORM.
Table of Contents
- Data Protection Officer
- How we collect your personal data
- How we use (process) your personal data
- When and how we share information with third parties
- Transferring personal data to the U.S.
- Data Subject rights
- Security of your information
- Data storage and retention
- Children’s data
- Questions, concerns, or complaints
Data Protection Officer
Strella is headquartered in New York City, in the United States. Strella has appointed an internal data protection officer for you to contact if you have any questions or concerns about Strella’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to Strella’s data protection officer. Strella’s data protection officer’s name and contact information are as follows:
Lydia Hylton, CEO
Address: 110 Bank Street Apartment 1A, New York, NY 10014,
Email: privacy@strella.io
How we collect your personal data
How we collect and store information depends on how you access and use the Platform. We collect information when you provide information directly to us, when you permit third parties to provide information to us, and automatically, such as information collected from your browser or device. You can use some of the Platform without providing any information other than that automatically collected as described below.
a) Required Registration Information: Researchers must create an account in order to access the Platform, which requires email, company name, and password.
b) Project Information: To build a Project, Researchers must provide certain information for the creation of the Project and its components, including but not limited to a Project name, overview, Screener materials, research objectives and questions.
c) Automatically Collected Information:
- Usage Information and Analytics. In addition to any information that you choose to submit to us, we and our third-party service providers use a variety of technologies that automatically (or passively) collect certain information whenever you visit or interact with the Platform ("Usage Information"). This Usage Information includes the browser that you are using, the URL that referred you to the Platform, all of the areas within the Platform that you visit, and the time of day, among other information. In addition, we collect the IP address or other unique identifier ("Device Identifier") for a User's computer or other device used to access the Platform (a "Device"). A Device Identifier is a number that is automatically assigned to a Device used to access the Platform, and our computers identify a Device by its Device Identifier.
- Advertisements on Other Websites. We may display advertisements for Strella on other websites and services. When you click on a Strella advertisement on these other websites and services, we receive information about the website or service that served the advertisement, and which advertisement you clicked. If you then interact with our Platform, we may combine the information about your activity with our advertisement with the information we subsequently collect and/or you subsequently submit on our website.
- Email Receipt. If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
- Use of the Strella Website. As is true of most other websites, Strella’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of Strella’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. Strella has a legitimate interest in understanding how members, customers and potential customers use its website. This assists Strella with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.
- Some of the methods that we use to collect Usage Information, include, without limitation, the following (and subsequent technology and methods hereafter developed):
- Cookies and Beacons: A cookie is a data file placed on a Device when it is used to visit the Platform. Web beacons consist of a small string of software code on your browser that works with cookies to monitor usage. Cookies and beacons may be used for many purposes, including, without limitation, remembering you and your preferences, tracking your visits to the Platform and personalizing your experiences on the Platform. If you choose to disable cookies or beacons on your Device, some features of the Platform may not function properly. Users can control the use of cookies at the individual browser level. Please consult the "Help" section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). You can also manage the use of Flash technologies, including flash cookies and local storage objects with the Flash management tools available at Adobe's website. Strella makes available a comprehensive Cookie Policy that describes the cookies and tracking technologies used on Strella’s website and provides information on how users can accept or reject them. The Cookie Policy can be found here.
- Embedded Script: An embedded script is programming code that is designed to collect information about your interactions with the Platform, such as the links you click on. The code is temporarily downloaded onto your Device from our web server or a third party service provider, is active only while you are accessing the Platform, and is deactivated or deleted thereafter.
d) Information Third Parties Provide About You: We may, from time to time, supplement the information we collect about you online with outside records from third parties, including networking and marketing resources, in order to enhance our ability to serve you. We may combine the information we receive from those sources with information we collect through the Platform. In those cases, we will apply this Privacy Policy to any such information received, unless we have disclosed otherwise.
e) Information You Provide About a Third Party: If you send someone else a communication from the Platform, such as sending an invitation to a friend or colleague, the information you provide (names, e-mail addresses, etc.) is used to facilitate the communication and is not used for any other marketing purpose unless we obtain consent from that person or we explicitly say otherwise.
(f) Payment and Tax Information: If you are a Researcher, the Platform may collect payment information, such as credit card information and associated account information (name and contact information of your point of contact). Credit card information is stored by a trusted third party payment processor. Our payment partner will share your payment information with credit card companies to process actual payments.
How we use (process) your personal data
We may use your information:
- to provide you with information or the Platform;
- to process transactions or payments;
- to process your registration to the Platform, including verifying your information is active and valid;
- to establish and conduct Projects;
- to analyze and synthesize research findings;
- to enhance or improve the Platform;
- to customize your experience on the Platform, or to provide you specific content that is most relevant to you;
- to contact you (such as via e-mail) with regard to your use of the Platform and, in our discretion, changes to the Platform and/or the Platform's policies;
- to send offers and promotional materials related to the Platform and for other Strella marketing purposes;
- for Strella’s advertising, marketing, publicity and promotional activities;
- to transcribe interviews and/or videos;
- to analyze use of the Platform;
- for internal business purposes;
- for other purposes disclosed at the time you provide your information or as otherwise set forth in this Privacy Policy;
- to comply with any procedures, laws and regulations which apply to us, to comply with our legal obligations or, otherwise, where it is necessary for our legitimate interests or the legitimate interests of others; or
- to establish, exercise or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others.
We will never use your name, your company’s name, or any identifying details in case studies, blog posts, or other marketing content without your prior approval. Similarly, any visuals, materials, or data provided to Strella as part of a project will remain confidential and will not be used in pitches, marketing, or other purposes without your express permission. We reserve the right to create and use anonymous information-information that cannot reasonably identify you or your device or as otherwise defined by applicable law-for any purpose and to disclose such information to third parties in our sole discretion.
When and how we share information with third parties
The personal information Strella collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, Strella engages third parties to send information to you, including information about our products, services, and events. A list of our third party sub processors can be found here.
Strella will disclose information about the Project to potential participants. We do not otherwise reveal your personal data to non-Strella persons or businesses for their independent use unless: (1) you request or authorize it; (2) it’s in connection with Strella-hosted and Strella co-sponsored conferences as described above; (3) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (4) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (5) to address emergencies or acts of God; or (6) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.
The Strella website connects with third party services such as LinkedIn, HubSpot and others. If you choose to share information from the Strella website through these services, you should review the privacy policy of that service. If you are a member of a third party service, the aforementioned connections may allow that service to connect your visit to our site to your personal data.
Transferring personal data to the U.S.
Strella has its headquarters in the United States. Information we collect about you will be processed in the United States. By using Strella’s services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, Strella is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.
Depending on the circumstance, Strella also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Strella in a manner that does not outweigh your rights and freedoms. Strella endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Strella and the practices described in this Privacy Statement. Strella also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Strella has received zero government requests for information.
For more information or if you have any questions, please contact us at privacy@strella.io
Data Subject rights
The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:
● Right to be informed
● Right of access
● Right to rectification
● Right to erasure
● Right to restrict processing
● Right of data portability
● Right to object
● Rights related to automated decision making including profiling
This Privacy Notice is intended to provide you with information about what personal data Strella collects about you and how it is used.
If you wish to confirm that Strella is processing your personal data, or to have access to the personal data Strella may have about you, please contact us.
You may also request information about: the purpose of the processing; the categories of Strella; what the source of the information was (if you didn’t provide it directly to Strella); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Strella if it is inaccurate. You may request that Strella erase that data or cease processing it, subject to certain exceptions. You may also request that Strella cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Strella processes your personal data. When technically feasible, Strella will—at your request—provide your personal data to you.
Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Strella will provide you with a date when the information will be provided. If for some reason access is denied, Strella will provide an explanation as to why access has been denied.
For questions or complaints concerning the processing of your personal data, you can email us at privacy@strella.io. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.
Security of your information
Your Strella account will be secured by User-created passwords. You are responsible for keeping your passwords confidential. We ask you not to share your password with anyone.
We implement physical, technical, and administrative measures to protect your Information stored within our databases, and we restrict access to such information to those employees who need access to perform their job functions, such as our customer support personnel and technical staff.
Despite these efforts, please note that we cannot 100% ensure or guarantee the security of your Information. Unauthorized entry or use, hardware or software failure, and other factors could compromise the security of your Information. As such, you acknowledge and accept that we cannot guarantee the security of your information transmitted to the Platform and that any such transmission is at your own risk.
Data storage and retention
Your personal data is stored on the servers of the cloud-based database management services Strella engages. Strella retains service data for the duration of the customer’s business relationship with Strella and for a period of time thereafter, to analyze the data for Strella’s own operations, and for historical and archiving purposes associated with Strella’s services. Strella retains prospect data until such time as it no longer has business value and is purged from Strella systems. All personal data that Strella controls may be deleted upon verified request from Data Subjects or their authorized agents.
Additionally, any third-party APIs utilized as part of Strella’s services do not use your data to train their models, ensuring that your data remains confidential and secure.
For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at: privacy@strella.io
Exercising your rights
(a) Accessing and Correcting Information: You are responsible for maintaining the accuracy of the account information you submit to us. Except as described herein, the Platform will allow you to directly review, correct, update or remove your account information at any time. For automatically collected information, you also can exercise certain opt-out rights by Contact Us at privacy@strella.io
(b) Your Legal Rights: Your local laws may permit you to exercise certain rights with respect to the information we collect from and about you. Please note your rights and choices vary depending upon your location. Certain information may be exempt from such requests under applicable law. We may request you provide us with information necessary to confirm your identity and verify your request before responding to your request as required or permitted by applicable law. In some circumstances, if you still ask us to delete your information, you may no longer be able to access or use our Platform.
Depending on your location, you (or an authorized agent acting on your behalf) may make certain requests related to your personal information, including that we:
- Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share/disclose personal information. Such information is also set forth in this Privacy Policy.
- Provide access to and/or a copy of certain personal information we hold about you.
- Correct certain personal information we have about you.
- Restrict or object to certain processing of personal information.
- Delete certain personal information we have about you.
- Object to certain processing of information or withdraw consent (though such actions may not have retroactive effect).
Strella will make every effort to respond to your request within a reasonable timeframe as required by law. There may be circumstances where we are unable to provide you access to your personal data, including as described elsewhere in this Section. We will advise you of any reason for denying or restricting an access request.
To exercise any of the above rights (or any other rights under applicable law), please contact us by email at strella@privacy.io.
In situations in which we process personal data on behalf of our customer, such as when you are an employee of a Researcher, we may refer the request to the relevant customer and cooperate with their handling of the request, subject to any special contractual arrangement with that customer.
In addition to the rights above, you have the right to lodge a complaint with the relevant supervisory authority. However, we encourage you to contact us first, and we will do our very best to resolve your concern.
Children’s data
The Platform (particularly, the applications for Participants) is not intended for use by children under 13 years of age (or in the EU, children under the age of 16 years of age), and we do not knowingly collect personal information from children under 13 (or in the EU, under the age of 16 years of age) without the direct involvement of the minor's parents or guardians. If we learn that we have collected or received Personal Information from a child under 13 or Personal Data from a child in the EU under the age of 16 without parent or guardian consent without legally-valid consent or other legal basis, we will take reasonable steps to delete that information. If you believe that we might have any Personal Information from or about a child under 13 or Personal Data from a child in the EU under the age of 16, please contact us at privacy@strella.io
Questions, concerns or complaints
If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at:
Lydia Hylton, CEO
Address: 110 Bank Street Apartment 1A, New York, NY 10014,
Email: privacy@strella.io