We also include specific disclosures for residents of the European Economic Area and Switzerland.
UBDI links people who have data that market researchers want, with market researchers who want and will pay for insights gleaned from the data. UBDI acts as the middleman to provide market researchers with the service while protecting and ensuring that you control your data. You direct us to analyze certain data within our app on your mobile device, and we provide insights from that analysis to market researchers. We do not disclose the underlying data that we analyze to the market researchers and your data never leaves your device, unless you affirmatively provide market researchers with your data when you choose to respond to surveys that they may conduct. In short, we have designed our app and our service so that market researchers (a) get aggregated data that does not identify you, and (b) get personal data from you only when you affirmatively provide it in response to a survey. We discuss surveys below.
We do not advertise on our app or on our website and will not use any information you provide us (or any other information) to present you with ads or to help third parties do so. Our business model is to charge companies for market research they need, and share with you some of the money they pay us for market research that is based on analyses of your data.
We collect data from you when you do the following:
a. Sign up for our service.
b. Give us permission to use data from your other apps and activities.
c. Fill out survey forms.
d. Visit our website.
e. Contact us.
f. Use our app (limited to technical data about the app’s performance).
You sign up for our service by downloading our mobile app and setting up an account. When you set up your account, we gather two types of data: account credentials and demographic data.
Your account credentials will be a username and password that you establish. We store this data in a database that we control but that is maintained by a third party. We use it to be sure that when you open the app and begin to use it, we know it’s really you. We also store your mobile phone number so that we can send you text messages with authentication codes, and to confirm that when you are using the app, it’s really you. You may also choose to give us your email address, which we may also use for authentication, or to send you communications regarding our services.
To allow us to conduct market research based on demographic characteristics about you, the app will also request a range of basic demographic information. This will include data such as your age, gender, ZIP Code, income level and some data about your activities and interests. This demographic data – but not your name or anything else that identifies you – is transmitted to UBDI and combined with data from our other users, so that we can tell how many people with different demographics are in our user group.
When you open the app, our server tells the app what surveys are currently underway, and what demographic groups the researchers are interested in. If your demographic information does not fit what the researchers are looking for, the app does not present the survey to you. But if it does, the app will ask if you want to participate in the research. If you choose to participate, then the app will collect additional data, as described in the next section, depending on the nature of the research.
The idea behind UBDI is to let you get paid when market researchers use data that you provide UBDI using the app, that UBDI then aggregates with information from other users to provide insights to the market researchers. Your data is never used at all without your express permission, and even then it is used in a way that always keeps your data confidential. To make this work, we partner with a company called digi.me to keep your data safe, while putting it in a form that is useful to researchers. After you have set up your account with us (through the app), the app will ask you to also set up a digi.me account. Digi.me sets up a private, encrypted data vault for you on a cloud service you choose (such as Dropbox), and asks you to provide access to other apps and accounts you may have, such as social media apps, health apps, financial apps, browsers, etc. Digi.me uploads your data from those other apps, stores it in your encrypted data vault, and periodically syncs with your other apps so that the data is up to date. You can learn more about digi.me at its website.
Once your digi.me data vault is set up, if you choose to participate in a market research task, the app will ask you to let the app have access to the data in your data vault. The data the app will analyze will depend on the specific market research project. If you give the app access, it will ask digi.me to send the relevant data from your digi.me data vault back to your mobile device. Our app then analyzes the data and sends the insights gleaned from it to servers that we lease from a third party. Depending on the questions, we may also receive your specific data – but without anything identifying it as yours. Instead, when the app sends us your data, our system assigns it a random identifier that cannot be tied back to you. We then combine those results with the results from other UBDI members, and provide aggregated data, along with the deidentified responses to the questions, available to the market researchers.
Sometimes market researchers will be interested in data other than, or in addition to, insights based on data from your data vault. To handle this type of research, we use a service called Typeform. If you agree to participate, your answers will first be sent to Typeform’s servers, then sent to us. As above, our system assigns your responses a random identifier that cannot be tied back to you. We send your answers (with the random identifier) to the market researcher that asked for the survey.
Some surveys may ask you to give comments or suggestions. Whatever you type into a comment or suggestion box in a survey will be sent to us, and also to the market researcher that asked for the survey. So, we encourage you not to include any sensitive or personally identifiable information in response to a survey that asks for comments or suggestions.
We also automatically collect some data about your visit to our website, as well as the browser and the device you are using. This data includes:
We collect some of this data using cookies or similar tracking technologies handled for us by Google Analytics. (A cookie is a small text file placed onto your computer or mobile device that allows a website to identify your specific device and browser. You can learn more about cookies here.) Google Analytics helps us analyze how users interact with and use our website and provides other services related to our website activity and usage. The technologies used by Google may collect information such as your location, time of visit, whether you are a return visitor, and the website you reached us from (if you reached us by following on a link on another site). To learn more about Google’s services and to learn how to opt out of tracking of analytics by Google, click here.
You may forbid placement of cookies on your device by refusing to accept Cookies in the pop-up window that asks if you want to accept them. If you reject cookies, all cookies set by Google Analytics will be removed from your browser. Note that this may mean that some features of our website may not function properly. You may also disable cookies in your browser settings, and delete cookies from your computer’s hard disk at any time.
If you contact us by email, by phone, by regular mail, through our website, or in some other way, we will keep a record of that communication and any contact information you provide.
Our mobile app will periodically send us generic, technical information about how the app is performing on your mobile device. This will include data about your device and its operating system, your IP address, and similar data that we will use for diagnostic purposes. If the app for some reason freezes up or crashes, when it is restarted, it will send that same data, along with technical information about what the app was doing when it crashed. This data may include your phone number and device identifier, as well as data about the device’s operating system. It will not include any data from your other apps or activities of the type used to participate in market research.
We will use the data we collect from you in the ways we’ve just described. In addition, we may use the data:
To carry out the purposes above, we also may combine data from the services together and with other information that we obtain from our business records.
We use a combination of physical, technical, and administrative safeguards to protect the information we collect. While we use these precautions to safeguard your information, we cannot guarantee the security of the networks, systems, servers, devices, and databases we operate or that are operated on our behalf.
We share your data with service providers and third parties as described below.
Service Providers: We engage service providers to perform functions on our behalf, such as data hosting, analytics, and content management. These service providers are required to maintain the confidentiality and security of your data and they are prohibited from using, selling, or sharing the data in any way other than to provide the services that we have engaged them to provide to us.
Market Researchers: As described above, we share insights that the app gleans from the data in your data vault with market researchers. Market researchers will see the individual responses based on your data, but those responses will be tagged with a random identifier that cannot be tied back to you. In addition, you may choose to disclose personal data directly to the market researchers through surveys that we make available to you and that you choose to complete.
Other Sharing of Aggregated Data: We may analyze aggregated, de-identified data and share these analyses at our discretion, including with marketing agencies, media agencies and analytics providers. These third parties will not be able to relate this data to you or to any identifiable individual.
Change of Ownership or Corporate Organization:We may transfer to another entity or its affiliates or service providers some or all data about you in connection with, or during negotiations of, any merger, acquisition, sale of assets or any line of business, change in ownership control, or financing transaction. We cannot promise that an acquiring party or the merged entity will have the same privacy practices or treat your data the same as described in this Policy.
Law Enforcement, Legal Process, and Emergency Situations: We also may disclose your data if required to do so by law or on the good-faith belief that such disclosure is necessary to (a) comply with applicable law or legal process; (b) protect and defend our rights or property or our users; or (c) protect our personal safety or the personal safety of our users or the public.
Cross-border Transfer of Data: If you are a resident of the United States, but use the app or visit our website from outside of the United States, please understand that we may collect, process, and store your personal data in the United States and other countries. The laws in the U.S. regarding personal data may be different from the laws of your state or country. Any such transfers will comply with safeguards as required by relevant law. By using the Services, you consent to the collection, international transfer, storage, and processing of your data. If you are a resident of the EU or Switzerland, how we handle your data is set out in Section 9, below.
You may terminate your use of our app at any time. Follow the instructions on your mobile device for deleting the app from that device; this will normally delete all data associated with the app stored on your device.
To terminate your use of digi.me, follow the instructions available on the digi.me app.
Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to third parties who will sell or license their information to others. At this time, UBDI does not engage in such sales. If you are a Nevada resident and would like more information about our data sharing practices, please email email@example.com.
We process personal data on the following legal bases: (1) with your consent; (2) as necessary to perform our agreement to provide Services; and (3) as necessary for our legitimate interests in providing the Services where those interests do not override your fundamental rights and freedom related to data privacy. Personal data we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or subcontractors maintain facilities, as described above.
Users that reside in the EEA or Switzerland have the right to lodge a complaint about our data collection and processing activities with the supervisory authority concerned. Contact details for data protection authorities are available here.
If you are a resident of the EEA or Switzerland, you have certain rights. Please note: In order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you. These rights include the ability:
To submit a request to exercise your rights, please contact us at firstname.lastname@example.org. We may have a reason under the law why we do not have to respond to your request, or respond to it in a more limited way than you anticipated. If we do, we will explain that to you in our response.
We do not respond to Do Not Track signals from browsers, because we do not track your activities over time or across websites.
We may make changes to this Policy from time to time. We will post any changes. The changes will become effective when they are posted. If you keep using our Services after we post changes to this Policy, that means that you accept those changes.
For questions about our privacy practices, contact us at:
2201 Wisconsin Avenue NW
Washington, DC 20007