This Privacy Notice is for the individual social media users (who we call Authors) included in the searches our customers use us to perform, which allows them to manage their brands on social media, via our brand Falcon.io.
We at Cision are committed to letting you know how we deal with your personal data, to giving you control over how it is used, and to protecting it. Here you will find information about what sort of information we hold about you, how and why we collect it, how we use it, and how we keep it secure. This Privacy Notice also tells you about your rights, how you can exercise those rights, and how the law protects you. Finally, it tells you how you can exercise your preferences to manage the information we have about you, and, if for any reason you do not want to be in our media database, how to ask us to take you out.
The Listen Platform
Falcon.io operates in the capacity of a Data Controller for its ‘Listen’ platform.
This is a listening and monitoring service we provide to our customers whereby they can enter search terms to retrieve mentions from the below sources, to be held and accessed on our database;
- social media channels (Facebook, Twitter),
- other online media sources (e.g. online news outlets, blogs or forums) from our third-party provider, Lexis Nexis.
Typically, these search terms will relate to our customers’ brand or topics linked to it.
What personal information we collect
We will collect personal data relating to Authors who have made mentions on those platforms which may include:
- Profile picture
- User name/handle (artistic pseudonym)
- Amount of followers
- The country of residence defined by author
- Content published by that Author
Content published about that Author by others
How we collect your personal data
We obtain the information we hold about you from publicly available sources where you have posted content, including your publicly available social media profiles on Facebook, and Twitter.
We also receive it from a third party called, Lexis Nexis, who obtain information from publicly available sources such as news sites, forums and blogs where content related to the customer’s Listen search has been posted
For more information on this please visit their privacy notice here.
As our platform pulls data from the social media platforms and other online sources via API , the personal data we hold in your profile is updated in accordance with them.
The purposes for which we will use your personal data
Our customers enter their search terms and the Listen platform will search from the sources mentioned above and present results to them based on which Authors have mentioned those search terms.
If a customer then chooses to create a profile on a particular Author, it can do so only using Twitter and Facebook mentions (it’s not possible for Instagram as all mentions come in anonymous from the network).
Our customer may decide to create a profile in our other platform (called Audience) using personal data retrieved via Listen searches. To do this they will use Falcon.io’s functionality and in this capacity Falcon.io is operating as a Data Processor for the customer.
The only personal data provided by Falcon.io for the profile is what it receives from the social networks along with the content of the mention itself. Nothing else.
Any further mentions created by the same Twitter profile or Facebook page and retrieved through our customers’ Listen searches would be added to the same profile.
In the Audience platform our customers may choose to further enrich the profiles manually themselves by sourcing additional information e.g. by labelling the profile, adding additional information acquired from outside of Falcon.io, merging with other social profiles pertaining to the same Author or adding notes.
Our customers may use Author profiles in Audience to get a better overview of all mentions that have been retrieved through their Listen searches and keep track of specific Author profiles more easily. They may do this to:
- identify Authors they work with or
- identify Authors they would like to work with or
- identify thought leaders they want to follow and other personalities/entities important to them and their business.
Legal basis for processing your personal data
We process your personal data in order to provide our services to our customers. We believe that it is in our legitimate business interests to do so as it helps our customers to view and measure what is being said about them on online media, brand pages and popular social networks.
Processing your personal data in this way also benefits you by helping you to communicate more directly with the brands you are interested in (our customers), allowing you to effectively explain your feedback or needs, which may lead to better issue resolution and product or service improvements. If you are an influencer or have an audience, then you may build relationships with brands of relevance to you or your audience and receive greater publicity as a result.
How to have your profile amended or removed
We want you to be in control, so if at any time you want to see or amend your profile, please email us at Privacy@falcon.io
Similarly, if at any time you want us to take you out of our platform altogether please email us at Privacy@falcon.io and we will process your request as soon as possible.
Our platform is not intended for children and we do not knowingly collect personal data relating to children. If you are under the age of 16, please let us know and we will take you out of our media database.
How we share your personal data and who we share it with
We may share your personal data with our customers, companies within the Cision Group, and other parties detailed below and in our sub-processor list here
External Third Parties:
These include service providers who work on behalf of the Cision group of companies for the performance of any contract we enter into with them, for example:
Professional advisors including lawyers, accountants and insurers where we need to do so in order to comply with our legal obligations or for other business reasons.
Authorities who require reporting of processing activities in certain circumstances.
We may also share your personal data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with binding contractual obligations which satisfy the requirements of the data protection legislation.
We may also transfer your personal data outside of the European Economic Area (EEA), but only when specific safeguards have been put in place in order to protect your personal data.
We may share your personal data with entities within the Cision group of companies. This may involve transferring your personal data outside of the European Economic Area (EEA). Some of the third parties to whom we may transfer your personal data (including some of our customers) are also based outside of the EEA, so their processing of your personal data will likewise involve a transfer outside the EEA. Where your personal data is transferred outside of the EEA we do so in accordance with model contracts approved by the European Commission to ensure that there is an adequate level of protection for your personal data.
Our security measures
We are committed to protecting your personal data. We put in place safeguards including robust and appropriate technologies, processes, and contractual arrangements, so that the data we have about you is protected from unauthorized access and improper use, and we will also not keep your personal data for longer than is necessary.
The safeguards we have put in place to protect your personal data include:
How long will we use your personal data?
We will keep your personal data only for as long as is necessary for the purposes set out in this privacy notice and to fulfil our legal obligations, but not longer than one year.
Under certain circumstances, if you reside in the EU or if your data is processed in connection with one of our European businesses, you have rights under data protection laws in relation to your personal data, including the right of access; the right to rectification; the right to erasure; the right to restrict processing; the right to data portability; and the right to object. If you wish to exercise your rights please contact Privacy@cision.com
We respect and honour these rights and will help you to exercise them insofar as we are able. These rights are not absolute – in some cases they will not apply to you, or to the particular use that we are making of your data, and there are exceptions (for example if we have to process the data to comply with our own legal obligations) but if that is the case we will let you know.
Your rights include the right to:
Access your personal information (via what is commonly known as a "data subject access request").
Require us to correct any mistakes in your information which we hold.
Require the erasure of personal information concerning you in certain situations.
Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations.
Object at any time to processing of personal information concerning you for direct marketing.
Object to decisions being taken by automated means (including profiling) which produce legal effects concerning you or similarly significantly affect you.
Object in certain other situations to our continued processing of your personal information.
Otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual rights under the General Data Protection Regulation.
You also have the right to make a complaint at any time to your local Supervisory Authority (EU Supervisory Authority list).
We hope that we would be able to resolve any concerns that you may have before you approach your Supervisory Authority so please do contact us in the first instance.
LAST UPDATED: 26th JUNE 2020