Updated: August 27, 2021

Privacy Policy

This Privacy Policy (Policy) describes the information we process to support the Services available through our website https://www.daizy.com (Website), and the Daizy Application (DAIZY App, Application, App) (together referred to as the Service). This policy applies to the entire DAIZY ecosystem. If you do not accept this policy, you may not use the service. Your trust is a top priority to us and as such we take privacy extremely seriously.

The Service is operated by or on behalf of Daizy, Inc., (We, Us, Our, DAIZY).

According to data protection laws, DAIZY is a “Data controller” of your personal data. It is important that you read this Privacy Policy (“Policy”) so that you know what we do with your personal data. This Policy explains what information we collect, how we use it, and your rights if you want to change how we use your personal information.

If you have any questions or concerns about how we use your personal information, you can contact us at privacy@daizy.com.

When, How, and Why We Collect Data

We will collect personal information when you:

  • Use the DAIZY website,
  • Create an Account through the Website or the App,
  • Use the Daizy App,
  • Interact with the Daizy Chatbot or a public Daizy GPT
  • Correspond with the team at DAIZY, or
  • Engage with any of the DAIZY Services.

We only share your personal data in cases in which it is necessary for us to provide our services. As outlined below, DAIZY may use your information for several purposes, including providing, improving and developing our services, communicating with you about our services, protecting our services and maintaining a trusted environment, advertising, and marketing.

WHEN YOU BROWSE OR VISIT THE WEBSITE

DATA WE COLLECT

  • The Internet Protocol (IP) address used to connect your computer or access device to the internet
  • Your geographic location
  • Your browser information
  • Your operating system
  • Your device types
  • Cookies, analytic tools, and log files.
  • Your device tokens to send push notifications if you allow us to do this.

For more information, please read our cookies policy which is available here.

WHY AND FOR WHAT PURPOSE?

  • Marketing
  • Analytics
  • Statistics
  • To improve our Website

LEGAL BASIS

  • Consent
  • Legitimate interest (e.g. essential cookies)

3RD PARTIES WE SHARE DATA WITH

  • Google Analytics (provides web analytics service)
  • Hubspot.com (marketing tool)
  • AppsFlyer (provides attribution and marketing analytics services)
  • Hotjar (provides web analytics tools to analyze traffic data)

STORAGE PERIOD

  • Until we no longer need the information and proactively delete it or you send a valid deletion request.
  • Please note that we reserve the right to retain any Anonymous Data collected up to the point of cancellation and to continue using it in accordance with this policy and data retention laws.

For more information, please read our cookies policy.

WHAT IF I DON’T PROVIDE DATA?

You cannot use or access some parts of the website.

WHEN YOU CREATE A DAIZY ACCOUNT THROUGH OUR WEBSITE OR THE DAIZY APP

DATA WE COLLECT

  • Full name
  • Email address
  • Your DAIZY login information (NOTE: can be manually specified password or unique identifier provided by trustful social authorization services such as Google, Facebook, Twitter, or Microsoft)
  • Any other information you decide to supply/provide us

WHY AND FOR WHAT PURPOSE?

  • Create your DAIZY account and profile, which allows you to securely access your account and connect your portfolio analysis information
  • Personalize your visits to the Site and provide enhanced services
  • Notify you about changes to the Service
  • Enable you to share our content with others e.g., using an “invite a friend” or “share this” functionality

LEGAL BASIS

  • Performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
  • Legitimate interest (e.g., to create an account)

3RD PARTIES WE SHARE DATA WITH

  • Amazon Web Services provide IT hosting and database services for DAIZY. We securely store your portfolio holdings and portfolio analysis information on Amazon Web Services systems in order to provide DAIZY services. Amazon employees do not have access to this information (which is securely encrypted)
  • HubSpot (Customer Relationship Management software)
  • Google Analytics (provides web analytics service to DAIZY)

STORAGE PERIOD

  • Until we no longer need the information and proactively delete it, or you send a valid deletion request
  • Please note that we reserve the right to retain any Anonymous Data collected up to the point of cancellation and to continue using it in accordance with this policy and data retention laws

WHAT IF I DON’T PROVIDE DATA?

We cannot perform the agreement.

You cannot:

  • Create an account
  • Access the Web App

WHEN YOU USE THE DAIZY APP

DATA WE COLLECT

  • Your Portfolio holdings provided either by yourself or through our third-party service providers, such as Plaid.  This data is collected to enable our services and includes but is not limited to, investment security identifiers, quantities, holdings dates, online broker name. (NOTE: For linked broker accounts, our third-party service providers, such as Plaid, have secure agreements in place with your online broker for the management of your account information.)
  • Information about how you use our Products, such as the types of content you view or engage with; the features you use; the actions you take; the people or accounts you interact with; and the time, frequency and duration of your activities. For example, we log what content you like on the App.
  • The Internet Protocol (IP) address used to connect your access device to the internet
  • Your geographic location
  • Your browser information
  • Your operating system
  • Your device types
  • Cookies, analytic tools, and log files.
  • Your device tokens to send push notifications, if you allow us to do this

WHY AND FOR WHAT PURPOSE?

  • Create your investment portfolio for daily analysis based on the holdings information provided either by yourself or by your linked broker account through our third-party providers (only applicable for linked broker accounts)
  • Create notifications and alerts based on the settings you define to alert you to changes in your investment portfolio
  • Personalize your visits to the Site and provide enhanced services
  • Create anonymized, non-personally identifiable data to create a universe of investment information for analysis and publication by DAIZY
  • To communicate with you
  • To learn how many times you have connected to DAIZY,
  • To learn who your online broker is
  • To send marketing communications
  • Carry out technical and statistical analysis to measure the performance of our services and the Site.
  • Conduct market research
  • Inform you about the latest changes to the Site, products, services, or promotional offers that you might find interesting

LEGAL BASIS

  • Performance of a contract to which the data subject is a party
  • Consent

3RD PARTIES WE SHARE DATA WITH

  • Amazon Web Services provide IT hosting and database services for DAIZY. We securely store your portfolio holdings and portfolio analysis information on Amazon Web Services systems in order to provide DAIZY services. Amazon employees do not have access to this information (which is securely encrypted)
  • HubSpot (Customer Relationship Management software)
  • Hotjar (provides web analytics tools to analyze traffic data)

STORAGE PERIOD

  • Until we no longer need the information and proactively delete it or you send a valid deletion request
  • Please note that we reserve the right to retain any Anonymous Data collected up to the point of cancellation and to continue using it in accordance with this policy and data retention laws

WHAT IF I DON’T PROVIDE DATA?

We cannot perform the agreement

You cannot:

  • Create an account
  • Access the Daizy App

WHEN YOU INTERACT WITH THE DAIZY CHATBOT OR A PUBLIC DAIZY GPT

DATA WE COLLECT

  • Full name (Daizy Chatbot only)
  • Email address (Daizy Chatbot only)
  • Your DAIZY login information (Daizy Chatbot only)
  • Current session conversation history
  • Question history

WHY AND FOR WHAT PURPOSE?

  • To interact with the Chatbot
  • To improve future responses

LEGAL BASIS

  • Performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
  • Legitimate interest (e.g., to interact with the chatbot)
  • Consent

3RD PARTIES WE SHARE DATA WITH

  • Cognigy GmbH (chatbot development platform)
  • Hubspot.com Inc. (Customer Relationship Management software)
  • OpenAI

STORAGE PERIOD

  • Until we no longer need the information and proactively delete it, or you send a valid deletion request.
  • Please note that we reserve the right to retain any Anonymous Data collected up to the point of cancellation and to continue using it in accordance with this policy and data retention laws

WHAT IF I DON’T PROVIDE DATA?

You cannot:

  • Use the Daizy chatbot
  • Use the public Daizy GPT
  • Create a Daizy account

WHEN YOU SIGN UP FOR OUR EMAIL LIST  

DATA WE COLLECT

  • Email address

WHY AND FOR WHAT PURPOSE?

  • To send you marketing communications
  • Notify you about changes to the Service

LEGAL BASIS

  • Consent
  • Legitimate interest (e.g. send you more information about DAIZY)

3RD PARTIES WE SHARE DATA WITH

  • Hubspot.com Inc. (Customer Relationship Management software)
  • Google Analytics (provides web analytics service to DAIZY)
  • Hotjar (provides web analytics tools to analyze traffic data)

STORAGE PERIOD

  • Until we no longer need the information and proactively delete it, or you send a valid deletion request.
  • Please note that we reserve the right to retain any Anonymous Data collected up to the point of cancellation and to continue using it in accordance with this policy and data retention laws

WHAT IF I DON’T PROVIDE DATA?

  • Cannot receive product updates or marketing content from DAIZY

WHEN YOU CONTACT US (E.G. CUSTOMER SUPPORT, HELP, SUBMIT A ‘TRAIN’ REQUEST)

DATA WE COLLECT

  • Full name
  • Email address
  • Message
  • Any other information that you decide to provide/supply us

WHY AND FOR WHAT PURPOSE?

  • To process and answer questions
  • To provide support (e.g., to solve problems, bugs, or issues)
  • To customize your experience
  • Carry out technical and statistical analysis to measure the performance of our services and the Site.

LEGAL BASIS

  • Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract
  • Legitimate interest (e.g. to answer your questions)

3RD PARTIES WE SHARE DATA WITH

  • Hubspot.com Inc. (Customer Relationship Management software)
  • Google Analytics (provides web analytics service to DAIZY)
  • Hotjar (provides web analytics tools to analyze traffic data)

STORAGE PERIOD

  • Until we no longer need the information and proactively delete it or you send a valid deletion request.
  • Please note that we reserve the right to retain any Anonymous Data collected up to the point of cancellation and to continue using it in accordance with this policy and data retention laws.

WHAT IF I DON’T PROVIDE DATA?

We cannot

  • Process and answer questions
  • Provide support (e.g., to solve problems, bugs, or issues)
  • Customize your experience

Finally, please note that some of the above mentioned personal data will be used for fraud detection and prevention, and for security purposes. The above mentioned personal data may also be used to comply with applicable laws, with investigations performed by the relevant authorities, law enforcement purposes, and/or to exercise or defend legal claims.

In certain cases, we may or will anonymize your personal data. “Anonymous Data” means information which does not enable identification of an individual user, such as aggregated information about the use of our services. We may use Anonymous Data and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them).

Your rights

Under the EU General Data Protection Regulation (GDPR), you have certain rights over your personal data. Not all the rights listed below are engaged in all circumstances. On receipt of a rights request, we will assess whether the right you are seeking to exercise is engaged.

Under GDPR, you have the right to:

ACCESS YOUR PERSONAL DATA

You may request access to your personal information, which enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

UPDATE YOUR PERSONAL DATA

You may request to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

ERASE YOUR PERSONAL DATA

You may ask us to delete or remove personal information where there is no good reason for us continuing to process it or where you successfully exercised your right to object to processing (see below). Please note that we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

OBJECT TO THE USE OF YOUR PERSONAL DATA

You may object to the processing of your personal information where we are relying on a legitimate interest (of our own or of a third-party). You also have the right to object where we are processing your personal information for direct marketing purposes.

RESTRICT THE USE OF YOUR PERSONAL DATA

You may request that we suspend the processing of your personal information in the following scenarios:

  • If you want us to establish the data’s accuracy.
  • Where our use of the data is unlawful, but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
  • You have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.

TRANSFER YOUR PERSONAL DATA

You may request that we transfer your personal information to you or to a third party in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

WITHDRAW CONSENT

You may withdraw consent at any time where we are relying on consent to process your personal information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. Furthermore, if you withdraw your consent, we may not be able to provide certain, or any, products or services to you. We will advise you if this is the case at the time you withdraw your consent.

HOW DO YOU EXERCISE YOUR RIGHTS?

You may exercise any of your rights in relation to your personal data by email to privacy@Daizy.com, or written notice to the address provided above.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to your request to speed up our response.

ACCESSING YOUR PERSONAL INFORMATION

If you wish to review or receive copies of the personal information we hold about you, change your marketing preferences, or have any other privacy queries, please write to us (including full details of your request) at the following email address: privacy@Daizy.com

As noted above, any access request may be subject to a reasonable fee to meet our costs in providing you with details of the Personal Information we hold about you.

TRANSFERRING YOUR INFORMATION

As outlined below, our data storage is located within the European Economic Area. We may transfer your personal information outside of the European Economic Area (which may not provide the same protection for such information as the European Economic Area provides). We utilize standard contract clauses, rely on the European Commission’s adequacy decisions about certain countries, as applicable, and obtain your consent for these data transfers to the United States and other countries.

Storage:

AWS – [Frankfurt EU]– Amazon Web Services, Inc. participates in the EU-US and Swiss-US Privacy Shield frameworks. To learn more about how AWS protects your information click here.

Internal transfers:

We ensure that transfers within DAIZY will be covered by an agreement entered by members of DAIZY (an intra-group agreement) which contractually obliges each member to ensure that Personal Data receives an adequate and consistent level of protection wherever it is transferred to.

External Transfers:

Where we transfer your personal data outside of EU/EEA (for example, to third parties who provide us with services), we will obtain contractual commitments from them to protect your personal data.

SHARING YOUR INFORMATION

We also share your information with the following third parties:

Hubspot, Inc provides Customer Relationship Management software to DAIZY. Data transferred to HubSpot is securely processed and stored in the United States. Transfers to the United States require that appropriate safeguards are put in place, in order for the transfer to be lawful, namely via the use of standard data protection clauses approved by the European Commission and the UK Information Commissioner. We have adopted the standard EU data protection Model Clauses which are standardized contractual clauses used in agreements between service providers and their customers to ensure that any personal data that leaves the EEA will be transferred in compliance with EU data-protection law and meet the requirements of the EU Data Protection Directive 95/46/EC.

Amazon Web Services, Inc (AWS) provide IT hosting and database services for DAIZY. We securely store your portfolio holdings and portfolio analysis information on Amazon Web Services systems in order to provide DAIZY services. Amazon employees do not have access to this information (which is securely encrypted).

Google Analytics, which provides web analytics service to DAIZY. Google maintains servers around the world and your information may be processed on servers located outside of the country where you live. Data protection laws vary among countries, with some providing more protection than others. To learn more about Google’s privacy practices, please visit https://policies.google.com/privacy?hl=en-US#intro

AppsFlyer provides attribution and marketing analytics services to DAIZY. AppsFlyer may need to transfer Customer Data to countries other than the country from which the Data originated. Any such transfer shall be done in compliance with all applicable laws. With regards to the collection, use and retention of personal data transferred from the European Economic Area or Switzerland to the United States, AppsFlyer Inc. complies with the EU-U.S. and Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce. To learn more about AppsFlyer’s privacy practices, please visit https://www.appsflyer.com/services-privacy-policy/

Hotjar, Ltd., which provides web analytics tools to analyze traffic data. Personal Data collected by Hotjar is stored in the EU. However, in some limited cases, customer information may be accessed from, or other Personal Data (e.g., email) may be transferred, outside of the EU. These countries may have different data protection laws. Hotjar endeavors to ensure appropriate safeguards are in place requiring that Personal Data will remain protected. Hotjar has concluded Standard Contractual Clauses with entities whom they share Personal Data with outside of the EU. Further details about this can be found in their article on Data Storage. To learn more about HotJar’s privacy practices, please visit https://www.hotjar.com/legal/policies/privacy/

Dashbot, Inc., which provides App analytics and marketing services. Information collected by Dashbot may be stored and processed in the United States or any other country in which Dashbot or its affiliates or service providers maintain facilities. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that Dashbot, Inc. may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and they will take all steps reasonably necessary to ensure that any personal information is treated securely and in accordance with this Privacy Policy. Such transfers are made pursuant to appropriate safeguards. comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information received from European Union countries and Switzerland. To learn more about Dashbot’s privacy practices, please visit https://www.dashbot.io/legal/privacy

In addition to the recipients described above, we may share your personal data as follows:

  • To the extent necessary, with regulators, courts or competent authorities, to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), and requests of law enforcement, regulatory and other governmental agencies or if required to do so by court order.
  • If in the future, we sell or transfer, or we consider selling or transferring, some or all our business, shares, or assets to a third party, we will disclose your personal data to such third party (whether actual or potential) in connection with the foregoing events.
  • In the event that we are acquired by, or merged with, a third-party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your personal data in connection with the foregoing events; and/or
  • Where you have provided your consent to us sharing or transferring your personal data (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality);

We reserve the right to revise, add, remove, or replace any third parties with whom we share your data with

If you want to receive the list of the current recipients of your Personal Data, please make your request by contacting us at privacy@Daizy.com

HOW WE PROTECT YOUR PERSONAL INFORMATION

We take the security of your personal information very seriously and have appropriate physical, technical and administrative procedures in place to help protect your personal information from unauthorized access, use, or disclosure. Once we have received your user Information, we will use strict procedures and security features to try to prevent unauthorized access including:

  • Only using encrypted connections to transfer data between DAIZY and all third-party providers.
  • Encrypting all personal information held at rest in any DAIZY or third-party databases.
  • Only working with third-party providers who have demonstrated a mature information security practice and policy by being certified to the ISO27001 and SOC2 information security standards.

However, please note that we cannot guarantee that the information will not be compromised as a result of unauthorized penetration of our servers and those of our third-party service and data providers. As the security of information depends in part on the security of the computer, device, or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

THIRD-PARTY PROVIDERS DATA SECURITY PRACTICES

More information on Plaid data security can be found here: https://plaid.com/security

More information on HubSpot data security can be found here: https://www.hubspot.com/security

More information on Amazon Web Services data security can be found here: https://aws.amazon.com/products/security/?nc=sn&loc=2

More information on Google Analytics data security can be found here: https://services.google.com/fh/files/misc/ga360_privacy-and-security_feature-brief_final.pdf

More information on AppsFlyer data security can be found here: https://www.appsflyer.com/product/security-and-privacy/

More information on HotJar data security can be found here: https://www.hotjar.com/security/

More information on Dashbot data security can be found here: https://www.dashbot.io/legal/privacy

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

When you choose to close your DAIZY account, we delete all information about you from our database and our backup database within a reasonable time frame or as required by laws and regulation, except that which is required for fraud detection.

For deletion policies of our third-party service providers please refer to their privacy practices through the links shared above.

In addition to the retention periods mentioned above, in some circumstances, we may store your personal data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, or (ii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iii) if we reasonably believe there is a prospect of litigation relating to your personal data or dealings. We have an internal data retention policy to ensure that we do not retain your personal data perpetually. Regarding the retention of cookies, you can read more about our cookie policy here.

Updates to the Privacy Policy

As things are always changing, we reserve the right to revise or add to this Privacy Policy on occasion. We encourage you to bookmark and review this page periodically to ensure you are familiar with the most current version of this Policy and that you are aware of what information we collect, how we use it, and under what circumstances we disclose it.

You can determine when this Privacy Policy was last revised by checking the “Updated” section at the top of this Privacy Policy. You will be alerted by email or App notification about any major amendments to this Policy.

If we change the Policy and collect more information from you, we will notify you at the time we collect that information on what our policy is at that time.

If you have any questions or comments about the content of this Privacy Policy, please contact us at: privacy@Daizy.com

Cookies and Other Similar Technologies

You can find more information about the individual cookies we use and the purposes for which we use them in our Cookie Policy by clicking here.

We also may collect information using web beacons. Web beacons are electronic images that may be used in our Services or emails. We use web beacons to deliver cookies, track the number of visits to our website, understand usage, and campaign effectiveness, and determine whether an email has been opened or acted upon.

Contact Us

If you have questions about this policy, you can contact us via email at privacy@Daizy.com