Pilotbird Lifestyle Analytics

Date last updated 2020-10-10
Kiwi Insurance Services, Inc. d/b/a Pilotbird (“Pilotbird”)

1. What Information We Collect

We may collect information from you when you:

  • Details used to register an account, or administer your account
  • Identifiers such as: real name, alias, postal address, unique personal identifier, online identifier, social media accounts, internet protocol address, email address, account name, social security number, driver’s license number, passport number or other similar identifiers;
  • Characteristics of protected classifications such as: race, color, sex, age (over 40), religion, national original, disability, citizenship status, genetic information, sexual orientation, gender identity and expression, ancestry, medical conditions, AIDS/HIV, military status, veteran status, political affiliations or activities, status as a victim of domestic violence, assault or stalking, and request for family care leave;
  • Commercial Information such as: records of personal property, products or services purchased, obtained, or considered, or other purchasing or consumer histories or tendencies;
  • Internet or other electronic network activity information such as: browsing history, search history, and information regarding your interaction with an internet website, application, or advertisement;
  • Geolocation information;
  • Input, post, or upload information, data, or other content through the Services
  • Submitted questions, requests, or other communications to us via various communication channels
  • Education information that is not publicly available personally identifiable information under the Federal Educational Rights and Privacy Act;
  • Inferences drawn from any of the above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
  • Contact us contents for customer support or technical support
  • Details of your visit any of our websites or access any of our applications
  • Information provided any promotions, demonstrations, contests, surveys, or other marketing events

Below is additional information that we may collect from you, depending on how you interact with the Services:

(a). Your Content

You (and anyone who can interact with your use of the Services) own and control the nature of the information, data, and other content you input, post, or upload through the Services (“Content”), subject to any applicable terms and conditions. Our collection, use, and disclosure practices with respect to Content are distinct from those with respect to other sorts of information, as explained in Section 2.a. below. We may upload Content automatically with your authorization from third-party service providers (such as from your Google Drive).

(b). Customer Information

Information related to the creation of accounts or that otherwise identifies you as a customer or end user of the Services is what we call “Customer Information.” Customer Information may include personal information, such as your name, email address, gender, postal address, phone number and payment card information. If you are an end user using the Services through an account created on your behalf by an Pilotbird customer (such as an employer, an organization of which you are a member, or another individual), we may collect and process Customer Information about you on behalf of the Pilotbird customer with whom your use of the Services is associated.

When you create an account with Pilotbird, we may collect certain Customer Information directly from you or, if you create your account using a third-party service such as Google, Apple, or a single-sign-on service such as Okta, we may collect Customer Information about you from the third-party service (such as your username or user ID associated with that third-party service). By choosing to create an account using a third-party service, you authorize us to collect Customer Information necessary to authenticate your account with the third-party service provider.

Certain aspects of the Services allow you to link or integrate third-party products and services to enable certain features and functionalities with the Services. For example, you can connect your Google Drive account to generate Content in Pilotbird from information and data contained in your Google Drive or integrate with third-party services using Pilotbird Apps. If you choose to use these features or functionalities, you may be asked to create an account with a third-party service provider or link your existing account with that service provider (and, by doing so, agree to the privacy policy and/or terms and conditions of that third-party). You may also be asked to authorize Pilotbird to collect information from the third-party service provider on your behalf. We will then collect information (such as your username or user ID associated with that third-party service) from you and/or that third-party service provider as necessary to enable the Services to access your data and content stored with that third-party service provider. Once the authentication is complete, we have the ability to access information you provided to us or was otherwise collected by the third-party service in accordance with the privacy practices of that third-party service. We will store the information and data we collect and associate it with your Pilotbird account, and we will use that information and data to enable the integration of the Services with the third-party service provider and to perform actions requested or initiated by you, or that are reasonably necessary to carry out instructions provided by you.

(c). Automatically-Collected Information

We collect information about how you use the Services and your actions on the Services, including your IP addresses, browser types, operating systems, ISPs, platform types, device types, mobile device identifiers such as make and model, and mobile carrier. We may also use tools, including third-party tools, to collect analytics data. Some of this information is collected through the use of “cookies” and other tracking technologies, such as web beacons, pixels, session replay scripts, and similar technologies (“tracking technologies”).

We may also work with third-party partners to employ cookies and tracking technologies. For example, we may work with online advertising networks, social media companies and other third-party services that use cookies, tracking technologies, or other information about your use of our Services over time in order to display personalized or interest-based ads on the Services, on other websites, through apps or services you may use, and on other devices you may use. We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research. Certain tracking technologies we use are related to advertising networks, and through those technologies we may share certain information such as IP addresses. Please note that the information we share with those advertising networks might be combined with other information about you that those networks may have collected from other sources.

Our uses of cookies and tracking technologies fall into the following general categories:

(1) Operationally Necessary:- This includes tools and technologies that allow you access to our Services; are required to identify irregular site behavior, prevent fraudulent activity and improve security; and allow you to make use of our functionality;

(2) Performance Related:- We may use technologies to assess the performance of our Services, including as part of our analytic practices to help us understand how our visitors use the Services;

(3) Functionality Related:- We may use technologies that allow us to offer you enhanced functionality when accessing or using our Services, including, for example, identifying you when you sign into our Services or keeping track of your specified preferences, interests, or past items viewed;

(4) Advertising or Targeting Related:- We may use first-party or third-party technologies to deliver content, including ads, relevant to your interests, on our Services or on third-party sites.

2. How We Use the Information We Collect

(a). Use of Content

Notwithstanding anything to the contrary in this Privacy Policy, we will not use or access your Content except in the following cases: to provide, maintain, or improve the Services; where you (or the organization through which you have an account) explicitly approve access (e.g., during a customer support inquiry); in response to lawful requests by law enforcement or government authorities; where necessary to ensure the stability and security of the Services and our systems (e.g., where we have reason to believe specific Content is degrading server stability); and where necessary to protect the rights, privacy, safety, or property of you, us, or others. We also may analyze metadata related to Content (such as a total number of records, file size, API volume, access logs, etc.)

(b). Use of Other Information

We use the information we collect for a variety of purposes, and how we use it depends on what we collect and what Services (or features of the Services) you use. These purposes may include
  • Once Pilotbird collects and compiles the information responsive to its client’s request, Pilotbird returns the information to the requesting client and the client pays for the information returned. In addition, Pilotbird may generate scores (or inferences) about individual consumers and businesses. These scores are derived from publicly available web data and are indicative of claimant’s eligibility for fast-tracked claims processing.
  • Sale of Personal Information: Pilotbird’s Services involve the sale of information, including personal information, to its clients in response to a client request. Pilotbird’s clients consist of insurance companies and those insurance companies request information from Pilotbird in order to underwriting insurance policies, engage customers and to investigate insurance claims. Upon receipt of a client request, Pilotbird uses the information provided to us by our client in order to search for relevant information about the business or individual inquired upon. Pilotbird will search for such information on internet web sites (including social media sites). Pilotbird will also request relevant information from its third-party data sources. The searches that Pilotbird conducts involve the disclosure of personal information to the entities with whom we conduct the search.
  • Fulfilling our contract with You and Providing the Services to You. We may use the information we collect for: (i) responding to requests or inquiries from you (including requests for customer support or technical assistance); (ii) providing customer support or technical assistance; (iii) contacting you to provide product updates, information about products you have requested or purchased, marketing Pilotbird products, services and features that you may be interested in, and monitoring the performance of our advertisements and marketing efforts; and (iv) creating, managing, or administering your information and account, including identifying you with your account or the account of a Pilotbird customer.
  • Analyzing and Improving our Services Pursuant to our Legitimate Interest. We may use the information we collect for: (i) deriving market insights, ways to improve the Services, and other business analysis or research purposes; (ii) customizing existing and future product offerings and other aspects of the Services to you and other users; (iii) securing the Services and our systems, and protecting your information and data; (iv) detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity; and (v) measuring interest and engagement in our Services and short-term, transient use, such as contextual customization of ads.
  • Providing You with Additional Content and Services. We may use the information we collect for: (i) furnishing you with customized materials about offers, products, and services that may be of interest, including new content or services; and (ii) auditing relating to interactions, transactions and other compliance activities.
  • Marketing Our Products and Services. We may use personal information to tailor and provide you with content and advertisements.
  • Legal Obligations and Rights. We may disclose personal information to third parties, such as legal advisors and law enforcement: (i) in connection with the establishment, exercise, or defence of legal claims; (ii) to comply with laws or to respond to lawful requests and legal process; (iii) to protect the rights and property of Pilotbird, our agents, customers, and others, including to enforce our agreements, policies, and Terms of Service; (iv) to detect, suppress, or prevent fraud; (v) to reduce credit risk and collect debts owed to us; (vi) to protect the health and safety of Pilotbird, our customers, or any person; or (vii) as otherwise required by applicable law.
  • Consent. We may use personal information for other purposes that are clearly disclosed to you at the time you provide personal information, or with your consent.
  • Aggregated and De-Identified Data. We may use aggregated and de-identified information for a wide variety of statistical, analytical, and Services improvement purposes. The aggregation and de-identification process prevents the information from being reassociated or identified with any one customer account, user, or individual.
  • Other Purposes. We may use the information we collect for our other, legitimate business purposes.

3. How We Share Information

We may disclose information we collect:

  • When you ask us to, or otherwise give your specific consent (for example, by posting Content using the Universe feature, you consent to our sharing that Content with other Pilotbird users);
  • With vendors we engage to provide you with aspects of the Services, such as data storage, hosting, and payment processing;
  • With third-party service providers who enable certain features or functionalities of the Services that you’ve requested
  • With vendors we engage to help us with marketing and email campaigns, to advertise, gain insights, and perform analytics into how the Services are used and how they might be improved (for example, we may share Customer Information with various social media platforms to engage in custom audience advertising or use third-party data enrichment services to match Customer Information or other personal information we collect with publicly available database information in order to communicate more effectively with you);
  • With an employer or other organization on whose behalf you use the Services, that created an Pilotbird account on your behalf, or that owns, manages, or is associated with the email domain for an email address on your account;
  • As necessary to comply with applicable law, including governmental requests, law enforcement requests, and otherwise to protect the rights, privacy, safety, or property of you, us, or others;
  • As necessary in the event of a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer, financing, or other disposition of all or any portion of Pilotbird business, assets, or stock;
  • With others for any legitimate business purpose that does not conflict with the statements made in this Privacy Policy.

4. Managing Your Information

You may access, correct, amend, or delete Content within Pilotbird. You control all Content you upload. Content you delete (including Content containing personal information) may be retained in archived or backup copies in order to enable you to use certain features like revision history and base snapshots. For instructions on how to permanently delete Content from your Pilotbird account, please contact us at privacy@pilotbird.com. Please note that permanent deletion of Content through this process may impair or disable some features of the Services (such as revision history and base snapshots) with respect to that Content.
We may use some of the information we collect for marketing purposes, including to send you promotional communications about new Pilotbird features, products, events, or other opportunities. If you wish to stop receiving these communications or to opt out of use of your information for these purposes, please follow the opt-out instructions by clicking “Unsubscribe” (or similar opt-out language) in those communications. You can also contact us at privacy@pilotbird.com to opt out.

5. Managing Cookies and Tracking Technologies

(a). How to Opt Out of Online Advertising in Internet Browser

We support the Self-Regulatory Principles for online behavioral advertising (“Principles“) published by the Digital Advertising Alliance (“DAA“). This means that we allow you to exercise choice regarding the collection of information about your online activities over time and across third-party websites for online interest-based advertising purposes. More information about these Principles can be found at www.aboutads.info. If you want to opt out of receiving online interest-based advertisements on your internet browser from advertisers and third parties that participate in the DAA program and perform advertising-related services for us and our partners, please following the instructions at: www.aboutads.info/choices, or www.networkadvertising.org/choices. If you’re in the EU, you can find additional information about your choices with respect to advertising networks and online behavioral advertising by clicking here: www.youronlinechoices.com.
When you elect to opt-out through these sites, they will place an opt-out cookie on your device indicating that you do not want to receive interest-based advertisements. Opt-out cookies only work on the internet browser and device they are downloaded onto. If you want to opt out of interest-based advertisements across all your browsers and devices, you will need to opt out on each browser on each device you actively use. If you delete cookies on your device generally, you will need to opt out again. And some of these opt-outs may not be effective unless your browser is set to accept cookies. If you delete cookies, change your browser settings, switch browsers or computers, or use another operating system, you will need to opt-out again. Disabling cookies may limit your ability to use the Services.

By visiting www.privacyrights.info or optout.privacyrights.info, you can opt out from sales of this type of personal information by businesses that participate in the DAA’s CCPA App-based Opt-Out Tool.

(b). How to Opt Out of Online Advertising in Mobile Applications

If you want to opt out of receiving online interest-based advertisements on mobile apps, please follow the instructions at www.aboutads.info/choices.

To make opt-out requests related to mobile apps on your device for businesses participating in the DAA’s CCPA App-based Opt-Out Tool, you can download the appropriate app at www.privacyrights.info/appchoices.

(c). How to Opt Out of Google Data Collection
We also may use certain forms of display advertising and other advanced features through Google Universal Analytics, such as Remarketing with Google Analytics, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting. These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the Doubleclick advertising cookie) or other third-party cookies together to inform, optimize, and display ads based on your past visits to the online Services.
(d). Effect of Opting Out
Please note that when you opt-out of receiving interest-based advertisements, this does not mean you will no longer see advertisements from us or on our online Services. It means that the online ads that you do see from DAA program participants should not be based on your interests. We are not responsible for the effectiveness of, or compliance with, any third-party’s opt-out options or programs or the accuracy of any third-party’s statements regarding their programs. In addition, third parties may still use cookies to collect information about your use of our online Services, including for analytics and fraud prevention as well as any other purpose permitted under the DAA’s Principles.

6. Information from Children

Pilotbird is not directed to children under the age of 13 (or other age as required by local law) and we do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will take reasonable steps to delete such information from our files as soon as is practicable. If you learn that your child has provided us with personal information without your consent, you may contact us at privacy@pilotbird.com.

7. Changes to Privacy Policy

Any information that we collect is subject to the Privacy Policy in effect at the time such information is collected. We may, however, revise the Privacy Policy from time to time. If a revision is material, as determined solely by us, we will notify you, for example via email. The current version will always be posted to our Privacy Policy page.

If you have any questions about this Privacy Policy, please contact us at privacy@pilotbird.com.

8. California-Specific Disclosures

The disclosures in this section apply solely to individual residents of the State of California (“consumers” or “you“) and provide additional information about how we collect, use, disclose, and otherwise process personal information of individual residents of the State of California within the scope of the California Consumer Privacy Act of 2018 (“CCPA“).

(a). Collection and Use of Personal Information
In the last 12 months, we have collected the following categories of personal information:
  • Identifiers, such as your name, mailing address, email address, zip code, telephone number, or other similar identifiers.
  • California Customer Records (Cal. Civ. Code § 1798.80(e)), such as username and password, payment information, company name, job title, business email address, and department.
  • Protected Classification Characteristics, such as age and gender.
  • Commercial Information, such as information about products or services purchased, obtained or considered.
  • Internet/Network Information, such as your browsing history, log and analytics data, information about the device(s) used to access the Services, domain server, search history and information regarding your interaction with our websites or Services and other usage data.
  • Geolocation Data, such as information about your physical location collected from geolocation features on your device, including your IP address.
  • Sensory Information, such as pictures you provide or upload in connection with our Services, and the content and audio recordings of phone calls between you and us that we record where permitted by law.
  • Profession/Employment Information, such as current employer.
  • Other Personal Information, such as personal information you provide to us in relation to a survey, comment, question, request or inquiry, information you provide when connecting a third-party account, product or service, and any other Content you upload.
  • Inferences, including information generated from your use of our Services reflecting predictions about your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.
We collect personal information directly from you, from our business partners, from your browser or device when you visit our websites, from third parties that you permit to share information with us, and as otherwise stated above.
(b). Recipients of Personal Information
As described above, we share personal information with third parties for business purposes, subject to your right to opt out (see the “The Right to Opt-Out of Personal Information Sales” section below). The categories of third parties to whom we disclose your personal information may include: (i) our service providers and advisors, (ii) marketing and strategic partners; (iii) ad networks and advertising partners; (iv) analytics providers; and (v) social networks. Please see the “How We Share Information” section of the Privacy Policy above for more information about how we may share your personal information.
We do not “sell” personal information as most people would typically understand that term. However, we do use cookies and related technologies that enable certain advertising networks, social media companies and other third-party businesses to collect and disclose your personal information directly from your browser or device when you visit or interact with our websites or otherwise engage with us online. Please see the “Online Advertising and Data Collection” section below for more information about how third parties use cookies and related technologies to collect information automatically on our websites and other online Services, and the choices you may have in relation to those practices.
(c). California Privacy Rights
As a California resident, you may be able to exercise the following rights in relation to the personal information about you that we have collected (subject to certain limitations at law):
  • The Right to Know any or all of the following information relating to your personal information we have collected and disclosed in the last 12 months, upon verification of your identity:
    1. The specific pieces of personal information we have collected about you;
    2. The categories of personal information we have collected about you;
    3. The categories of sources of the personal information;
    4. The categories of personal information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed;
    5. The categories of personal information we have sold and the categories of third parties to whom the information was sold; and
    6. The business or commercial purposes for collecting or selling the personal information.
  • The Right to Request Deletion of personal information we have collected from you, subject to certain exceptions.
  • The Right to Opt Out of Personal Information Sales to third parties now or in the future.
You also have the right to be free of discrimination for exercising these rights. However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our products and services or engage with you in the same manner.
(d). How to Exercise Your California Consumer Rights

To Exercise Your Right to Know or Right to Deletion

To exercise your right to know and/or your right to deletion, please submit a request by:
We will need to verify your identity before processing your request. In order to verify your identity, we will generally require either the successful login to your account (if applicable) or the matching of sufficient information you provide us to the information we maintain about you in our systems. Although we try to limit the personal information collected in connection with a request to exercise the right to know and/or the right to deletion to that personal information identified in your request, certain requests may require us to obtain additional personal information from you. In certain circumstances, we may decline a request to exercise the right to know and/or right to deletion, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law.

To Exercise Your Right to Opt Out of Personal Information Sales

As noted above, we do not “sell” personal information as most people think of that term. Please see the “Online Advertising and Data Collection” section below for more information about how third parties use cookies and related technologies to collect information automatically on our websites and other online Services, and the choices you may have in relation to those activities.
(e). Online Advertising and Data Collection

As described above, we use third-party partners to engage in online advertising. By visiting www.privacyrights.info or optout.privacyrights.info, you can opt out from sales of personal information by businesses that participate in the opt out tool. To make opt-out requests related to mobile apps on your device for businesses participating in the DAA’s CCPA App-based Opt-Out Tool, you can download the appropriate app at www.youradchoices.com/appchoices. Please see the “Managing Cookies and Tracking Technologies” section of our Privacy Policy for more information about how third parties use cookies and related technologies to collect information automatically on our websites and other online services, and the choices you may have in relation to those practices.

(f). Minors Under Age 16
We do not sell the personal information of consumers we know to be less than 16 years of age. Please contact us at privacy@Pilotbird.com to inform us if you, or your minor child, are under the age of 16.
(g). California’s “Shine the Light” Law
In addition to the rights described above, California’s “Shine the Light” law (Civil Code Section §1798.83) permits California residents that have an established business relationship with us to request certain information regarding our disclosure of certain types of personal information to third parties for their direct marketing purposes during the immediately preceding calendar year.

To make such a request, please send an email to privacy@pilotbird.com.

9. EU-Specific Disclosures

This section contains disclosures on how we collect, store, process, transfer, share and use data that identifies or is associated with residents of the European Economic Area (“EEA“), Switzerland, and the United Kingdom (“UK“) (“personal data“). These EU Disclosures apply solely to residents of the EEA, Switzerland, and the UK (“you“). Unless otherwise expressly stated, all terms in this section have the same meaning as defined in the General Data Protection Regulation (“GDPR“). Pilotbird is the controller of the personal data we hold about you in connection with your use of the Services.
  • Personal Data We Collect From You When You Use the Services and How We Use It. We collect personal data as set out in the “What Information We Collect” and “How We Use the Information We Collect” above. We will indicate to you where the provision of certain personal data is mandatory. If you choose not to provide such personal data, we may not be able to provide those parts of the Services to you or respond to your other requests.
  • Information We Collect About You Automatically. Please see the “What Information We Collect” section above.
  • How Long Will We Store Your Personal Data. We will usually store the personal data we collect about you for no longer than necessary for the purposes for which it was collected, including for the purposes of satisfying any legal or reporting requirements, and in accordance with our legal obligations and legitimate business interests. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and the applicable legal requirements.
  • Lawful Basis of Processing. We collect and process your personal data for purposes set forth in this Privacy Policy. Where required by law, we obtain your consent to use and process your personal data for these purposes. Otherwise, we rely on another authorized legal basis (including but not limited to the (a) performance of a contract or (b) legitimate interest) to collect and process your Personal Data.
  • Recipients of Personal Data. We may share your personal data with the recipients as set out in the “How We Share Information” section above.
  • Marketing and Advertising. From time to time we may contact you with information about our products and services, including sending you marketing or advertising messages and asking for your feedback on our products and services. For some marketing or advertising messages, we may use personal data we collect about you to help us determine the most relevant marketing or advertising information to share with you. We will only send you marketing or advertising messages if you have given us your consent to do so. You can withdraw your consent at a later date by clicking on the unsubscribe link at the bottom of our marketing or advertising emails or by contacting Pilotbird Support at privacy@pilotbird.com.
  • International Transfers of Your Personal Data. The personal data we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations, including in the United States. If you are accessing our Site from the EEA, your personal data will be processed outside of the EEA. In the event of such a transfer, we ensure that: (i) the personal data is transferred to countries recognised as offering an equivalent level of protection; or (ii) the transfer is made pursuant to appropriate safeguards, such as standard data protection clauses adopted by the European Commission. Pilotbird is closely monitoring developments and guidance from both European and U.S. regulatory authorities and will update these EU Disclosures as needed. If you wish to enquire further about these safeguards used, please contact us using the details set out at the end of these EU Disclosures.
  • Your Rights in Respect of Your Personal Data. In accordance with applicable privacy law, you have the following rights in respect of your personal data that we hold: (i) Right of access; (ii) Right of portability; (iii) Right to rectification; (iv) Right to erasure; (v) Right to restriction; (vi) Right to withdraw consent; and (vii) Right to object.

You also have the right to lodge a complaint to your local data protection authority. Information about how to contact your local data protection authority is available here.

If you wish to exercise one of these rights, please submit a request by:
Due to the confidential nature of data processing we may ask you to provide proof of identity when exercising the above rights.

10. E.U. General Data Protection Regulation (“GDPR”)

The European Union has promulgated a new privacy and security framework called the General Data Protection Regulation (“GDPR”).  It imposes a number of obligations on data controllers and data processors and affords data subjects a number of important rights, including access and rectification.  This document is intended to provide transparency regarding Pilotbird operations in the United States (“Pilotbird”) as required under Articles 13 and 14 of the GDPR when we process “personal data” from the EU.
Pilotbird acts as both a “Data Controller” and a “Data Processor” under the GDPR.  Pilotbird acts as a data controller with respect to personal data about its contractors in the EU (i.e., human resource data), personal data it collects from its clients and prospective clients (i.e., its own customer relationship management data), and personal data about EU citizens it licenses from others (i.e., EU personal data Pilotbird licenses to its clients).
Pilotbird acts as a data processor under GDPR to the extent it processes personal data about EU citizens on behalf of its clients.  In this instance, our clients are considered data controllers.  Pilotbird processes the personal data according to contract and written instructions from the data controller.
This privacy notice focuses on the personal data that Pilotbird collects and processes that are used for insight, recognition, and contact purposes.  Employees of Pilotbird partners in the European Union should refer to their employee handbook for information regarding Pilotbird’s privacy policies.
(a). Geographic operation

We conduct business primarily in the United States.  Individuals wishing to contact us about data protection issues may reach us at Consumer Advocate by emailing us at privacy@pilotbird.com.

(b). What kinds of personal data we may hold about you
Pilotbird holds personal data such as names, addresses, ages, dates of birth, emails, telephone numbers, transactional data, lifestyle and demographic data. This information may be kept in its identifiable form, or in an aggregated form (so that individuals cannot be identified), for the purposes listed below.  This information is primarily obtained from third parties and publicly accessible sources.
We do not hold any sensitive personal data on people, as defined by GDPR.
(c). What we do with personal data
We use personal data to create solutions to be used for insight, recognition, and contact purposes.
  • Insight: we use this data to create a marketing picture of individuals. This includes demographics such as age, income, hobbies and interests that relate to people’s lifestyle choices and market-specific predictors such as technology and financial product ownership. We use a combination of actual data held (at the individual level or summarized at household, address, postcode or other geographical levels) and derived information (through statistical modelling or by applying a logical rule set) which indicates an individual’s likelihood of having a particular attribute, e.g. a person’s likelihood to have to purchase insurance of financial products. The resulting dataset is then used by our clients for retention or product placement.
  • Recognition: we use this data for matching and linking to other databases. For example, a partner or client sends us a list of names and addresses, we then match those names and addresses to our product. Where there is a match, we add triggers that we hold on those matched individuals to partner or client file.
  • Contact: we use the contact information from this data to create a trigger and monitoring file. For example, we create a file of names and addresses of individuals who are used for customer retention and engagement.
We use personal data collected from our clients and prospective clients to contact them and conduct business.
(d). With whom we may share your personal data
We share information with our clients – such as insurance agents and companies to help them deliver better services and products to their customer base. They may use this personal data for the following purposes:
  • To send you relevant marketing communications
  • To improve the relevance of marketing communications through the use of lifestyle and demographic insight data
  • To clean, validate, and enhance marketing databases
  • To undertake research and analysis
  • For product development and testing
  • for identity verification, fraud detection, and prevention
  • To support client relationships
  • To connect and link your data to other marketing and advertising databases and platforms
  • For campaign planning, management and strategic decision making

We share data directly via our APIs and Dashboards. We also share data (usually in a form where individuals cannot be directly identified) with other marketing companies such as social media and programmatic platforms. We make sure the recipients of our data are reputable entities by conducting appropriate checks on them. Before we share our data, we enter into written agreements with recipients which contain data protection terms that safeguard your data.

Personal data used in Pilotbird’s data products and services may also be passed to and used by members of the Pilotbird group of companies, worldwide. We may also pass data to other companies that process personal data on our behalf to help us conduct our business. When we do so, we ensure that appropriate contractual safeguards are put in place.

Pilotbird may also disclose personal data as required by law and to comply with legal process.

(e). Data retention, security, and transfers

The data we hold is non-sensitive personal data and not subject to any sector-specific data retention requirements. Our data retention periods are as follows:

Personal data that is not used for any purpose is deleted.  If a data subject under GDPR objects to us processing their data, we will remove it from our data products, and then from our environment in accordance with our data deletion cycle, unless we have a valid justification to hold on to it, such as to resolve disputes or comply with our legal obligations. We also retain personal data which is necessary to keep on a suppression file so if we obtain someone’s data again, we will know not to use it.

(e). Data transfer

Where business needs exist, Pilotbird intends to transfer your personal data to entities outside the US and EU.  However, your personal data will not be transferred unless a valid transfer mechanism is in place legitimizing such a transfer.  In the case of transfers referred to in Article 46, 47, or the second paragraph of Article 49(1), this will typically involve EU model clauses or the EU-US Privacy Shield Framework.  Safeguards afforded by the EU model clauses may be accessed here: Click

Information about the EU-US Privacy Shield Framework may be accessed here:  www.privacyshield.gov.

(f). Your rights

Individuals may request access to, deletion or correction of their personal data, or restrict or object to the use of their data by writing to us at Consumer Advocate Pilotbird by emailing us at info@pilotbird.co
We do not collect personal data about citizens residing in a country other than the US, Argentine, Australia, Austria, Belgium, Brazil, Canada, India, Ireland, Italy, Japan, Mexico, Spain, Sweden, and Switzerland. If your request relates to your personal data for countries other than these, it is unlikely we have any personal data about you.
Lastly, if you are living in UK or Germany and are interested in exercising your rights, you can do so at the respective Pilotbird office by contacting them through the following link or email address:

(g). Other data protection information

Pilotbird uses and shares personal data based on its legitimate commercial interests, and those of its partner businesses, for direct marketing, fraud prevention, information security, and organizational purposes, in accordance with Article 6(1)(f) of the GDPR. We take great care to handle all personal data in accordance with data protection law and to ensure that it is never used in ways that unduly prejudice individuals’ interests. Users of our data are prohibited by contractual restrictions from using our data in a way which discriminates unfairly against individuals or produces legal or similar effects. You have the right to object to this processing if you wish and if you wish to do so please inform us by using one of the contact channels in the preceding section.