25 May 2018
Meronimi offers a supplier monitoring service, allowing its customers to analyse information for supplier monitoring and analytics purposes.
In order to accomplish this, we crawl and index publicly available information on the Internet. We also process public information provided to us, in accordance with their terms and conditions, by social media networks. This data is then analysed and stored in our database and search index, similar to the way public search engines, such as Google, would operate.
This allows us to provide public supplier-related posts, trends, and statistics to our customers allowing them to manage their suppliers and analyse related communications and topics.
Within the meaning of the GDPR, Meronimi is a data controller in relation to crawling and the processing of your personal data. Our customers become data controllers for the data we process on their behalf when they sign up for our Meronimi Service.
Meronimi is Meronimi Limited, a company incorporated in England & Wales (registration number 08743042) whose registered office is at Thistle House, 12 Market Place, Woodstock, Oxfordshire, OX20 1TA (“Meronimi”).
What public data do we collect and process?
We only process data which has been published or made public by the authors and users of social and web media platforms themselves, through social media or other Internet platforms.
As an author of this data, you at all times have full control on how data is published through the privacy settings of the Internet platforms you use.
In the context of the Meronimi Service, we process the following information to the extent it has been made public by you:
Identification data (name, username, user id, geographical area);
Personal characteristics (age, gender, family status);
Hobbies and interests;
Professional and educational background;
Pictures and videos;
Any other brand monitoring related information published by the you as a data subject on a publicly accessible Internet website or on a third-party platform that provides Meronimi with data.
We may also process this data in order to detect the general sentiment, language, age, and gender (e.g. based on writing style, your name, or language), or other supplier specific interests based on your public data.
We have no control over the correctness of your data, as you are the author of your data and, as such, you have control over what you post and share. You may also at any time change or delete your public posts on social media platforms or alternatively change the privacy controls on social networks to make your posts private, which will prevent any additional collection of your data.
We analyse your data in order to compute, among others, statistics about sentiment, gender, age or general topics of interest. If we ever deduce or conclude something from your data about you, then this is done automatically by our algorithms when performing an analysis. Any such inferences are based on algorithms that analyse the data that you have provided to third-party platforms. Under no circumstances do we make any decisions about you based on the data that we process about you, whether deducted or otherwise, as such data is only made available to our customers.
How are we using your data?
The legal basis for the processing of your data is the legitimate interests pursued by Meronimi and its customers.
We provide services based solely on information and personal data that you decide to post and share publicly. Your public data is used to offer supplier monitoring services to our customers on the basis of their legitimate interests to monitor the reputation and other issues affecting their suppliers on social and web media platforms. Given the large and growing commercial importance of social and web media platforms, our customers legitimately need to know what is published about their suppliers on such platforms, in addition to what is being said about their suppliers in the traditional press. Our customers also have a legitimate interest to timely know about any issues which may affect their suppliers products and services in order to enable them to react to any issues, such as fake news or safety related issues, to adapt their suppliers products’ or services’ offering or to optimise the provision of goods or services.
The information that is processed is public information. Any user of social media may freely decide not to publicly share his/her personal data at any time by putting in place the appropriate privacy settings on the social networks. To the extent a user is willingly making this information public in order to be accessed or shared over the internet (even outside of the European Union), the interests, fundamental rights and freedoms of such a user is respected taking into account that the processing of personal data concerns data made publicly available by the data subject.
Are we sharing your data?
In the context of the Meronimi Service, we may share your data with:
our customers for the purpose of supplier monitoring
our partners in order to provide the Meronimi Service
We may also show your public data to potential business partners if they want to test our Service.
If any third-party processes any of your public data, we ensure there are sufficient contractual and operational safeguards protecting your data.
We put technical and organizational security and contractual safeguards in place to protect your personal data. If third parties process your data, we make sure their security measures are no less protective than our own. For more information regarding the contractual terms in place with our customers and third party sub processors used, please see our Terms of Service and Data Processing Agreement available at https://www.meronimi.com/termsofservice
The Meronimi Service is hosted and provided from within the European Union. Our customers may be located outside of the European Union and may thus request us to transfer your data to them in another country than your own, which may not provide the same level of data protection as the European Union. In such case, we will take steps to assure that adequate safeguards are in place in order to impose the appropriate protection of personal data. For more information, please see our Data Processing Agreement.
We only keep your data for as long as needed to perform supplier monitoring services and then we automatically delete it. Wherever technically possible, we also detect the deletion or removal of your data at its source and delete it from our processing servers. For Twitter data, we accomplish this in near real time.
Under GDPR you have the following rights:
The right to request access your data
The right to request that your data is updated or rectified
The right to request that we refrain from further use of your personal data
The right to request that your personal data is deleted
You may at any time change or delete your public posts on social media platforms or alternatively change the privacy controls on social networks to make your posts private, which will prevent any additional collection of your data.
Wherever technically possible, we also detect the deletion or unpublication of your data at the source and also delete it from our processing servers. For Twitter, we do this in near real time.
To exercise any rights listed above, please email us at firstname.lastname@example.org, or write to us at the address listed on our website.
We will handle all requests in a timely manner but we may in our discretion ask for additional information in order to confirm your identity.
We may not always be able to immediately remove all your personal data, for example, if the law requires us to keep such data (e.g. for compliance or legal retention purposes).
This Agreement shall be governed by English law.
This privacy statement only addresses the processing of your data by Meronimi. Our customers and other third parties, which may have access to your data, may process your data differently in accordance with their laws, their own privacy policies and the different social media platform policies.