MeritDirect provides marketing services and products to our customers to enable them to engage with their chosen audience of individuals and/or businesses. We receive third party information from other, reputable companies which may include your name, your postal address, email address and or telephone number or supplemental information obtained including demographic and Personally Identifiable Information (“PII”.)
MeritDirect does not collect, hold or use sensitive information such as Social Security numbers, credit card numbers, banking information, biometric or health data.
We strive to work only with third party companies that have demonstrably high standards and a regard for privacy, consistent with MeritDirect’s own standards. We are committed to protecting your privacy rights and take this issue seriously. We have internal policies to uphold the security of the data in our possession whilst meeting the legitimate needs of our customers.
We provide a range of data driven marketing products and services including offering insight and analytical services as well as marketing customized databases that may contain PII. These services often involve a combination of data that we have licensed or obtained from public sources, or carefully screened data partners and may contain various analytics and algorithms that we have applied to the data, generally speaking in order to help our customers understand their customers and (in some cases) to analyze or enhance the data files that they hold. The data that we license can be provided by our customers and partners in the form of name, address, job title, telephone, email and information about what you may have purchased or be responsible for purchasing. Transactional data with credit card or banking details is not received or processed by MeritDirect.
MeritDirect may engage in digital advertising programs, by utilizing our marketing databases to deliver online targeted advertising for marketers using third party online networks. We work hard to ensure that we deliver the appropriate audience for our clients whilst upholding and respecting the right to privacy and the right not to participate in these programs. Our advertising partners may deploy cookies, web beacons or similar technologies through websites or email messages sent by MeritDirect or their own online channels and partners. The technology facilitates relevant advertisements to appear as you browse the web, based on your actual, recent website browsing and email activity or known interests derived from your browsing history.
If you would like to opt out of digital advertising programs that we engage in, through third party platforms and networks (as well as those platforms and networks more generally), you may go to the following industry sources and “opt out” channels, which provide opt-out resources to which many third party platforms subscribe:
You may opt out of MeritDirect’s corporate communications, used to promote our events and products and services at any time by using the unsubscribe mechanism within the email you receive, or you can use the opt-out contact info below.
To opt out of any of our database products and services utilized by our clients for legitimate business purposes, please click the unsubscribe button in any email you receive from us. Alternatively, contact us by mail or email using the address details below and request that you would like to be opted-out of all third party communications.
MeritDirect has procedures and technologies in place to safeguard our data assets which may contain your personal information. Access to data is only by authorized employees for legitimate business purposes. We use reasonable measures to ensure that partners with whom we work also have sufficient security processes are in place to ensure secure transfer.
MeritDirect may collect and store the information you voluntarily provide to us by visiting our website – meritdirect.com. For instance, you may provide information to us through registration to events or by completing a form to request information, which may ask for personal information, such as your name, the company you work for, business title, postal address, email address, telephone number, and other information. Also, please note that if we obtain personally identifiable information about you, we may contact you, unless you have requested that we add your details to our “do-not-contact” database. You can also opt out of receiving any further information by notifying us at the address below or writing to firstname.lastname@example.org
Attn: Privacy Manager
2 International Drive, Suite 300
Rye Brook, NY 10573
8. “EUROPEAN USERS – EU-US Privacy Shield & Swiss-US Privacy Shield
MeritDirect and its subsidiaries have elected to participate in and have committed to comply with the EU-US & Swiss-US Privacy Shield, collectively known as the ‘Privacy Shield Frameworks.’
MeritDirect has self-certified via the US Dept. of Commerce that it will comply with all principles and requirements of the Privacy Shield Framework, with regards to our handling and storage of EU and Swiss Subject’s personal data described below.. (Our Privacy Shield Certification applies only to services we provide as a data processor, and does not apply to our “OmniChannelBASE International” Database.
The US Dept. Of Commerce Privacy Shield Members list can be found here https://www.privacyshield.gov
MeritDirect LLC and it’s division of Dovetail Database – a MeritDirect company, complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data (as defined below) from European Union member countries (including Iceland, Nowray and Lichtenstein, aka the European Econonic Area or EEA) and Switzerland into the United States under the Privacy Shield. MeritDirect has certified that it adheres to the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability. If there is any conflict between the policies in this MeritDirect LLC (U.S.) Privacy Shield Policy (“Privacy Shield Policy”) and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/. This certification specifically excludes the MeritDirect product OmniChannelBASE International.
“Data Subject” means the individual to whom any given Personal Data covered by this Privacy Shield Policy refers.
“Personal Data” means any information relating to an individual residing in the European Union and Switzerland that can be used to identify that individual either on its own or in combination with other readily available data.
“Sensitive Personal Data” means Personal Data regarding an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, physical or mental health, or sexual life.
Scope and Responsibility
MeritDirect receives marketing data from each MeritDirect client and manages this data in a marketing database system that is used only by that specific MeritDirect client. The data that MeritDirect receives is from each MeritDirect client, not the data subjects and MeritData acts in its capacity as a data processor. The data subject provides their data to each respective MeritDirect client. Data subjects do not provide information directly to MeritDirect, therefore the Merit Direct client with whom the data was placed retains control of that data. Each MeritDirect client uses their respective marketing database, which MeritDirect hosts and maintains for the MeritDirect client, for the MeritDirect client’s marketing purposes to the MeritDirect client’s data subjects Some types of Personal Data may be subject to other privacy-related requirements and policies. For example:
MeritDirect employees responsible for engaging third parties to which Personal Data covered by this Privacy Shield Policy will be transferred are responsible for obtaining appropriate assurances that such third parties have an obligation to conduct themselves in accordance with the applicable provisions of this Privacy Shield Principles, including any applicable contractual assurances required by Privacy Shield.
Privacy Shield Principles
MeritDirect commits to subject to the Privacy Shields’ Principles all Personal Data received by MeritDirect in the U.S. from European Union member countries and Switzerland in reliance on the respective Privacy Shield framework.
MeritDirect’s Clients notify Data Subjects covered by this Privacy Shield Policy about its data practices regarding Personal Data received by MeritDirect’s clients in the U.S. from European Union member countries and Switzerland in reliance on the respective Privacy Shield framework, including the types of Personal Data it collects about them, the purposes for which it collects and uses such Personal Data, the types of third parties to which it discloses such Personal Data and the purposes for which it does so, the rights of Data Subjects to access their Personal Data, the choices and means that MeritDirect offers for limiting its use and disclosure of such Personal Data, how MeritDirect’s obligations under the Privacy Shield are enforced, and how Data Subjects can contact MeritDirect with any inquiries or complaints.
For personal information, MeritDirect’s client will offer individuals the opportunity to choose (opt-in) whether their personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. (Opt-in may be provided to data subjects by the MeritDirect client with whom the data subject placed their personal information.)
If Personal Data covered by this Privacy Shield Policy is to be used for a new purpose that is different from that for which the Personal Data was originally collected or subsequently authorized, or is to be disclosed to a third party, MeritDirect will notify their client who is the data controller, and update this policy accordingly.
In the event we transfer Personal Data covered by this Privacy Shield Policy to a third party agent, we will do so consistent with any notice provided to Data Subjects and any consent they have given, and only if the third party has given us contractual assurances that it will (i) process the Personal Data for limited and specified purposes consistent with any consent provided by the Data Subjects, (ii) provide at least the same level of protection as is required by the Privacy Shield Principles and notify us if it makes a determination that it cannot do so; and (iii) cease processing of the Personal Data or take other reasonable and appropriate steps to remediate if it makes such a determination. If MeritDirect has knowledge that a third party acting as a controller is processing Personal Data covered by this Privacy Shield Policy in a way that is contrary to the Privacy Shield Principles, MeritDirect will take reasonable steps to prevent or stop such processing.
With respect to our agents, we will transfer only the Personal Data covered by this Privacy Shield Policy needed for an agent to deliver to MeritDirect the requested product or service. Our current business model does not transfer data to third parties. In the course of providing contractual services, however, we may have to transfer data to a third party who provides address hygiene services. Furthermore, we will (i) permit the agent to process such Personal Data only for limited and specified purposes; (ii) require the agent to provide at least the same level of privacy protection as is required by the Privacy Shield Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the Personal Data transferred in a manner consistent with MeritDirect’s obligations under the Privacy Shield Principles; and (iv) require the agent to notify MeritDirect if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles. Upon receiving notice from an agent that it can no longer meet its obligation to provide the same level of protection as is required by the Privacy Shield Principles, we will take reasonable and appropriate steps to stop and remediate unauthorized processing.
MeritDirect remains liable under the Privacy Shield Principles if an agent processes Personal Data covered by this Privacy Shield Policy in a manner inconsistent with the Principles, except where MeritDirect can prove it is not responsible for the event giving rise to the damage.
MeritDirect takes reasonable and appropriate measures to protect Personal Data covered by this Privacy Shield Policy from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the Personal Data.
MeritDirect limits the collection of Personal Data covered by this Privacy Shield Policy to information that is relevant for the purposes of processing. MeritDirect does not process such Personal Data in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the Data Subject.
MeritDirect takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete, and current. MeritDirect takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data in identifiable form only for as long as it serves a purpose of processing, which includes MeritDirect’s obligations to comply with professional standards, MeritDirect’s business purposes and unless a longer retention period is permitted by law, and it adheres to the Privacy Shield Principles for as long as it retains such Personal Data.
Data Subjects whose Personal Data is covered by this Privacy Shield Policy have the right to access such Personal Data and to correct, amend, or delete such Personal Data if it is inaccurate or has been processed in violation of the Privacy Shield Principles (except when the burden or expense of providing access, correction, amendment, or deletion would be disproportionate to the risks to the Data Subject’s privacy, or where the rights of persons other than the Data Subject would be violated). These requests can be made directly to the applicable MeritDirect client. As a data processor MeritDirect is contractually bound to forward requests received directly from an individual covered by the Privacy Shield Frameworks to the appropriate MeritDirect client, who remains the data controller. MeritDirect will update the MeritDirect client marketing database with correct data and will make any changes MeritDirect receives from that MeritDirect client
MeritDirect’s participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission.
In compliance with the Privacy Shield Principles, MeritDirect commits to resolve complaints about your privacy and our collection or use of your Personal Data. Data Subjects with inquiries or complaints regarding this Privacy Shield Policy should first contact MeritDirect at: email@example.com
MeritDirect has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU Privacy Shield. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
Under certain conditions detailed in the Privacy Shield, individuals with residual complaints may be able to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
MeritDirect agrees to periodically review and verify its compliance with the Privacy Shield Principles, and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. MeritDirect acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.
Changes to this Privacy Shield Policy
This Privacy Shield Policy may be amended from time to time consistent with the requirements of the Privacy Shield. Appropriate notice regarding such amendments will be given.
OMNI ChannelBase International – a MeritDirect LLC Product
Privacy & Fair Processing Notice
MeritDirect’s global business database contains records from individuals and countries residing in the EU as well as other regions. Some of the information we collect may be classified as “personal data” under European Union (EU) law as it is information relating to an individual (e.g. a sole trader, a partnership, a company director, a beneficial owner, a trustee, a professional contact etc). This privacy notice provides the information we are required to give in relation to the processing of personal data under EU law.
MeritDirect LLC is the data controller of your personal data for the purposes of creating the OmniChannelBase International Database. Our group companies are as follows: MeritDirect LLC and Dovetail, A Division of MeritDirect – “MeritDirect LLC”
MeritDirect is committed to protecting and respecting your privacy and will comply with the applicable EU data protection laws in all our dealings with your personal data.
MeritDirect provides marketing services and products to our customers to enable them to engage with their chosen audience of individuals and/or businesses. We enter into commercial agreements with our customers to help them market and grow their business and to further our comp
In order to create OmniChannelBase International Database, we work with carefully screened, third party data partners who may have collected and processed data about you as an individual.
Security – Where We Store Your Personal Data
MeritDirect has procedures and technologies in place to safeguard our data assets which may contain your personal information. Access to data is only by authorized employees for legitimate business purposes. We use reasonable measures to ensure that partners with whom we work also have sufficient security processes are in place to ensure secure transfer
The data that we collect from our partners may be transferred to, and stored at, a destination outside the United Kingdom and the European Economic Area (“EEA”). We will store all information about you on secure servers and our data processors are members of Privacy Shield and upholds standards approved by the EU and Swiss Data Protection Authorities or have committed to be bound by theStandard Contractual Clauses for the Transfer of Personal Data to Processors Established in third countries under EU Directive 95/46 (pursuant to Commission Decision 2010/87/EU, currently available at . To learn more about the Privacy Shield program, and to view our certification page, please visit .
Such data may also be processed by staff operating outside the UK or the EEA who work for us or for one of our suppliers. We will take all steps reasonably necessary to ensure that any personal data transferred outside the UK or the EEA is treated securely and in accordance with the applicable data protection laws.
Legal Basis to Process Your Personal Data
Under the applicable EU data protection laws we need a lawful basis to collect and use your personal data. The law allows for six lawful bases to process people’s personal data, and one of them allows personal data to be legally collected and used if it is necessary for a legitimate interest of the organization – as long as on balance does not unduly impact the privacy rights and freedoms of individuals.
Due to the nature of The OmniChannelBase Database as we do not collect data from individuals directly, but rely on our third party data providers, it is not practical for us to ask every individual for his/her consent. We have assessed our and our clients’ business interests in carrying out marketing activities and we have carefully considered the impact the collection and use of personal data could potentially have on individuals’ rights. Our OmniChannelBase database contains only business data, which is used to promote business to other businesses and such activities are unlikely to affect the fundamental rights and freedoms of individuals concerned. We do not collect, process or retain any financial or sensitive personal data which could impact your rights or threaten your security. We have therefore concluded that the most appropriate lawful ground for the processing of your personal data is our and our client’s legitimate interests.
In technical, legal terms we process personal data under the ground of “legitimate interest”. MeritDirect’s legitimate business interest is the supply of commercial data (and the marketing of our business.)
In certain limited circumstances we may also rely on a specific consent provided by you for the processing of your personal data. MeritDirect respect your individual data rights, at any time you can withdraw your consent or be removed from our databases, as is your legal right, at any time by contacting us at the contact information below. We reserve the right to verify your identity as a condition to such removal. Further, we may retain certain personal data where we have an important legal reason to do so, such as for accounting or auditing persons.
Uses Made of the Information
We may use information held about you to:
When contacting you for the above purposes we may do so by phone, post, email or other electronic means, unless you tell us otherwise. You may contact us to specify which if any channels are acceptable to contact you or to remove your information in its entirety as is your legal right.
We may share information, including personal data, with the following categories of third parties (which will allow your business to be found via online search engines or online directories, and also by prospective customers):
Suppliers of business to business goods and services, such as:
We collect and store personal data for the purpose of our business database. As such, we will only retain your personal data for as long as we believe it is up-to-date, i.e. as long as it is associated with a business that is included in our database. We verify our data periodically and if we learn that you are no longer involved with a business that is in our database, we will remove your data from our records.
You have the right to:
You may exercise these rights by contacting us at our contact information listed below. Please note that your exercise of these rights is conditioned by us exercising reasonable processes to verify your identity, and by us exercising our rights to keep certain data so long as we require it for an important reason, such as for accounting, auditing or legal purposes.
If you have any concerns or complaints about our privacy activities relating to OMNI ChannelBase International – a MeritDirect LLC Product , you can contact us by email firstname.lastname@example.org. Or you can write to us at Privacy Officer, MeritDirect The Clubhouse, 8 St. James’s Square, St.James’s London, SW1Y 4JU, United Kingdom or to our Head Office – Privacy Officer, MeritDirect LLC, 2 International Drive, Rye Brook, NY 11573 United States of America
You can also contact the UK’s Information Commissioner’s Office on + 44 (0) 303 123 1113 (www.ico.org.uk).