Legal Policies

You should review these Terms of Use carefully, and be sure you understand them, prior to using the Site. If you do not agree to these Terms of Use, you must immediately exit the Site.

If you breach any of our Terms of Use, or any of the other terms and policies referred to in our Terms of Use, your ability to access and use our Site may be terminated by us immediately, where possible by giving written notice to you using the contact details you provide to us.

The Site is provided for promotional and informational purposes only, and Company does not provide any client services through the Site. You may only use the Site if you are a current or prospective customer of Company, or otherwise interested in learning more about Company for a legitimate business purpose. The Site may not be used for any unlawful, fraudulent, harassing, objectionable or other non-legitimate business purpose.

Our Site is intended for use only by those who can access it from the United States of America. If you choose to access our Site from locations outside United States of America, you are responsible for compliance with local laws.

We do our best to make sure that our Site is accurate, up-to-date and free from bugs, but we cannot promise that it will be and you are responsible for putting in place your own internet security and safety measures.

Our Site is provided free of charge and has not been developed to meet your specific requirements. We cannot promise that it will be fit or suitable for your specific purposes. 

Materials posted on our Site are provided for general information purposes only and to inform you about us and our news, features, products and services. This information is not intended as any form of advice and should not be relied on as such. Any reliance that you may place on the information on this Site is at your own risk.

Access to our Site is permitted on a temporary basis and we reserve the right to suspend or terminate access to any part of it at any time without notice.

We update our Site regularly and reserve the right to add, remove and otherwise change its content at any time without notice.

The Site and all content on the Site (collectively "Content"), plus all copyrights, trademarks, service marks and other intellectual property rights in the Site and such Content, are owned or licensed by Company.  We and our licensors expressly reserve all rights in and to our Site and its contents. In particular, we reserve all rights in the name “TBWA” the tbwa.com domain name and all related domain names, trademarks, logos, brand names and/or trading names appearing on our Site. Nothing in these Terms of Use grants you any legal rights in our Site or its contents other than as necessary to enable you to access and use our Site in accordance with these Terms of Use. The use of any trademarks on our Site is strictly prohibited unless you have our prior written permission.

You are responsible for making all arrangements necessary to access our Site (and for any costs of doing so). In particular, you are responsible for ensuring that your computer and/or portable device is compatible with our Site.

You are responsible for ensuring that all persons accessing the Site through your internet connection are aware of these Terms of Use. 

We want you and others to enjoy using our Site. When doing so, we ask that you observe the following rules:

1. You may access, use and copy Content only as expressly permitted herein.  In particular, you may only view, print out, use, quote from and cite our Site and its contents for your own personal, non-commercial use on the condition that you give appropriate acknowledgment to us where appropriate and you do not remove our copyright or other proprietary notices  Except as expressly stated herein, no provision of these Terms of Use, and nothing contained on the Site, grants to you, whether expressly, implicitly or otherwise, any license or other right to copy, disclose, distribute, retransmit, use or create derivative works of any Content without the written permission of Company or its licensee (as the case may be), and any such copying, disclosure, distribution, retransmission, use or creation of derivative works is strictly prohibited; 

1. You are not permitted to use, or cause others to use, any automated system or software to extract content or data from our Site for commercial purposes;
2. You agree not to use our Site for any illegal or unauthorised purpose and you agree to comply with all laws and regulations applicable to your use of our Site, including copyright and other intellectual property laws;
3. You must not attempt to restrict another user of our Site from using or enjoying our Site and you must not encourage others to breach our Terms of Use;
4. You must not interfere with our Site or any servers or networks connected to our Site, including by transmitting any worms, viruses, malware, spyware or any other code of a destructive, malicious or disruptive nature. You must not inject content or code or otherwise alter or interfere with the way any page of our Site is rendered or displayed in a user’s browser or device; 
5. You must not change, modify or alter our Site or change, modify or alter another Site so as to inaccurately imply an association with our Site or with us; 
6. You must not access our Site via a means we have not authorised in writing in advance, including automated devices, scripts, bots, spiders, crawlers or scrapers (except for standard search engine technologies); and
7. You must not use, or cause others to use, any automated system or software to extract content or data from our Site except where you or any applicable third party has entered into a written agreement with us that permits such activity.

You may link to any page of our Site, provided that you do so for non-commercial purposes and in a way that is fair and legal and which does not damage our reputation or take advantage of it. For the avoidance of doubt, the linking site must not contain any adult or illegal material or any material that is offensive, harassing or otherwise objectionable. We reserve the right to withdraw linking permission at any time and without notice.

You must not link to our Site in such a way as to suggest any form of association, approval or endorsement on our part where none exists and you must not remove, obscure or modify in any way any advertisements, copyright notice, or other information on our Site. Our Site must not be framed on any other Site. 

The Site may contain links to websites maintained by third parties (individually a “Third-Party Site”).  Company is not responsible for the operation of such Third-Party Site and/or any content on a Third-Party Site (including, but not limited to, any opinions contained on a Third-Party Site), and does not necessarily endorse or otherwise approve of such Third-Party Site and/or content.  No link from the Site to a Third-Party Site, or from a Third-Party Site to the Site, is an endorsement, sponsorship or recommendation by Company of such Third-Party Site, and the link is provided only for your convenience.  In addition, your use of a Third-Party Site will be subject to its terms of use and other provisions, for which you are responsible if you proceed to such Third-Party Site.

Company may collect certain personal and analytical information from you, among other ways, through the Site, and will handle such information in accordance with its privacy and cookie policy, which is contained on the Site (the “Privacy Policies”).  You should contact Company as set forth in the Privacy Policies with all complaints, questions and requests for additional information relating to Company’s handling of such information.

If you believe that any content on the Site (including any content posted by you) has been copied or otherwise used in a manner that constitutes copyright infringement, you may notify Company’s designated agent pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA”).  The name and contact information for Company’s designated agent for purposes of DMCA are set forth in Section 15.  For your notice to be valid under DMCA, you must provide the following with respect to your claim of copyright infringement:

• a physical or electronic signature of a person authorised to act on behalf of the copyright owner;
• identification of the material that is claimed to be infringing or to be the subject of the infringing activity, and that is to be removed or access to which is to be disabled, as well as information reasonably sufficient to permit Company to locate the material;
• information reasonably sufficient to permit Company to contact the complaining party, such as an address, telephone number, and if available, an e-mail address;
• a statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorised by the copyright owner, its agent, or applicable law; and
• a statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorised to act on behalf of the owner of an exclusive right that is allegedly infringed.

THE SITE AND ALL CONTENT ARE PROVIDED "AS IS" AND WITHOUT ANY WARRANTY OR REPRESENTATION OF ANY KIND, WHETHER EXPRESS OR IMPLIED (INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE).  WITHOUT LIMITING THE GENERALITY OF THE IMMEDIATELY PRECEDING SENTENCE, COMPANY DOES NOT WARRANT OR REPRESENT THAT THE SITE OR ANY CONTENT (A) WILL ALWAYS BE AVAILABLE FOR USE, (B) ARE FREE FROM SPYWARE, MALWARE, ADWARE, VIRUSES, WORMS OR OTHER MALICIOUS CODE, (C) WILL MEET YOUR REQUIREMENTS, (D) DO NOT INFRINGE THE INTELLECTUAL PROPERTY RIGHTS OF A THIRD PARTY, OR (E) ARE ERROR-FREE OR THAT ANY DEFECTS THEREIN WILL BE CORRECTED.

TO THE MAXIMUM EXTENT PERMITTED BY LAW, COMPANY SHALL NOT HAVE ANY LIABILITY FOR (A) ANY PERSONAL INJURY; (B) LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF GOODWILL, LOSS OR CORRUPTION OF DATA, OR COMPUTER CRASHES OR OTHER DENIALS OF SERVICES; OR (C) ANY OTHER INCIDENTAL, SPECIAL, INDIRECT, CONSEQUENTIAL OR OTHER DAMAGES WHATSOEVER, IN EACH CASE ARISING FROM OR RELATED TO YOUR USE OF, OR INABILITY TO USE, THE SITE, OR ANY CONTENT THEREON, HOWEVER CAUSED, REGARDLESS OF THE THEORY OF LIABILITY (INCLUDING, BUT NOT LIMITED TO, BREACH OF CONTRACT, TORT, OR OTHER), AND EVEN IF COMPANY KNEW, OR SHOULD HAVE KNOWN, OF THE POSSIBILITY OF SUCH DAMAGES. OUR MAXIMUM LIABILITY TO YOU IN RESPECT OF YOUR USE OF OUR SITE OR ANY MATTER ARISING UNDER OR IN CONNECTION WITH THESE TERMS OF USE IS $50.

Any use by you of the Site or its contents in a manner not expressly permitted by these Terms of Use may mean that you are infringing our rights and/or the rights of our licensors. We and our licensors reserve all rights and remedies available in respect of any such infringement.

Further, you must indemnify, defend and hold harmless Company, its subsidiaries and other affiliates, and its officers, employees and other agents, from all costs, expenses, damages, liabilities, losses and other monetary payments (including, but not limited to, attorneys' fees and disbursements) in connection with (a) your access to, and use of, the Site, (b) your failure to perform any obligation pursuant to these Terms of Use, (c) your violation of any rights of a third party (including, but not limited to, infringement of a third party’s intellectual property rights, or rights of privacy and publicity, and claims of defamation), and (d) any information or other content submitted by you to Company through the Site.

You grant to Company a non-exclusive, perpetual and fully-paid license to copy, distribute, modify, and create derivative works of all information and other content submitted by you to Company through the Site.  All information provided to you through the Site must be accurate and complete in all respects, unless by its nature such information is not intended to be accurate or complete.  In addition, you must at all times immediately update any such information to maintain its accuracy and completeness.

These Terms of Use will be governed by, and construed in accordance with the law of the England and Wales without regard to principles of conflict of laws. 

Except for any dispute covered by the Privacy Policy, you and Company (a) will submit any dispute relating to the Site, any Content or these Terms of Use exclusively to a court located in England and Wales and having subject matter jurisdiction over such dispute, and (b) consent to any such court being a proper venue, and waive any objection to its not being a proper venue (including, but not limited to, any such objection based on convenience), for such dispute

These Terms of Use contain the entire agreement, and supersede all prior oral and written proposals, understandings and agreements, between you and Company with respect to the Site and any Content.

Whenever possible, each provision of these Terms of Use shall be interpreted to be effective and valid under applicable law.  If, however, any such provision shall be prohibited by or invalid under such law, it shall be deemed modified to conform to the minimum requirements of such law, or if for any reason it is not so modified, it shall be prohibited or invalid only to the extent of such prohibition or invalidity without the remainder of such provision, or any other provision of these Terms of Use, being prohibited or invalid.

Company may revise these Terms of Use from time to time by posting the revised Terms of Use on the Site, with the revised Terms of Use taking effect as of the date of such posting.  It is your responsibility to periodically check these Terms of Use on the Site for such revisions.  Your use of the Site following the posting of any revisions to these Terms of Use on the Site will be deemed an irrevocable acceptance by you of such revisions.

If you have any questions or desire additional information regarding the Site, any Content or these Terms of Use, or if you would desire to contact Company for any other reason, please write to:

General Counsel and Secretary

TBWA Worldwide Inc.

220 East 42^nd Street 

New York, NY 100217

Effective Date:  December 2022

This Privacy Notice (“Privacy Notice”) sets out how DotDotDash (TBWA) processes your personal data in connection with our business, including the provision of our websites at https://www.dotdotdash.io (“Site[s]”) and the services we offer (“Services”).

In particular, this Privacy Notice explains our approach to any personal data that we might collect from you (i) when you use our Site or Services (ii) during any other interactions with us,  or (iii) which we might otherwise process when providing Services to our clients (including the personal data we collect, why we collected it and  your rights in respect of our processing of your personal data). 

This Privacy Notice is intended to assist you in making informed decisions when using the Site and our Services. Please take a moment to read and understand this Privacy Notice.  It is intended to be read in conjunction with our Terms of Use.

Finally, this Privacy Notice is intended to meet the requirements of the Regulation (EU) 2016/79 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (known as “GDPR”), as well as the “UK GDPR” (as defined in the UK Data Protection Act 2018). When we say GDPR, we mean both the EU and UK versions.

This Privacy Notice only applies to the use of your personal data obtained by us, whether from you directly or from a third party. It does not apply to personal data collected by third parties during your communications with those third parties or your use of their products or services (for example, where you follow links on our Site to third party websites over which we have no control).

Further, this Privacy Notice is not intended to cover the processing of workplace personal data.  Accordingly, if you are engaged as a worker for us, please see our Workplace Privacy Notice which sets out further information about how we may process your personal data in connection with your employment and/or engagement.

We will update this Privacy Notice from time to time to reflect any changes or proposed changes to our use of your personal data, or to comply with changes in applicable law or regulatory requirements. We may notify you by email of any significant changes to this Privacy Notice, but we encourage you to review this Privacy Notice periodically to keep up to date on how we use your personal data. If we update this Privacy Notice, we will update the effective date at the top of the page.

The Site and Services are made available by DotDotDash (“TBWA”, “we”, “us, “our”). TBWA is the data controller responsible for your personal data. TBWA is an US company with its registered office at 5353 Grosvenor Blvd, Los Angeles, CA 90066 USA.

For the purpose of this Privacy Notice and the GDPR, unless we state otherwise we shall be considered a data controller of your personal data in connection with use cases identified in this Privacy Notice. Please note that in many cases where we process data in relation to Services that we provide, we may carry out the activities referred to in this Privacy Notice in our capacity as a data processor acting on behalf of our clients. We have made this distinction clear in the Privacy Notice.

If you have any questions about this Privacy Notice or want to exercise your rights as a data subject set out in this Privacy Notice, you can contact us using the following methods:

Email: privacy@tbwa.com

Post: 5353 Grosvenor Blvd, Los Angeles, CA 90066 USA

When we talk about personal data we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:

Identity Data: First name; last name.

Contact Data: Delivery address; billing address; email address; telephone number; social media handle.

Applicant Data: Date of birth; gender; country; nationality; CVs, work experience; dietary requirements any other personal data that you may provide in advance of/during your supply of services to us.

Image Data: Photos; video recordings.

Financial Data: Bank account details; partial payment card details.

Transaction Data: Details about payments made between you and us; details of services purchased from us.

Profile Data: Interests and preferences; contact preferences; whether you have participated in any promotions or competitions; feedback and survey responses; the content of any messaging you send using any Enquiry Form or Chat function on the Site.

Behavioural Data: Data relating to your browsing activity, obtained through the use of pixel tags and other similar technologies; information about when your current or previous sessions started; details about any services you viewed through the Site.

Technical Data: IP address; browser type and operating system; geolocation, to ensure we’re showing you the correct notices and information; any other unique numbers assigned to a device.

Marketing and Communications Data: Marketing preferences; service communication preferences. 

Publicly Available Data: Information about articles (or similar) that you may have published; Information about your interests or affiliations or publicly stated positions on political matter, corporate matters and similar.

For more information about the personal data we collect please refer to section ‘HOW WE USE PERSONAL DATA’ below.

We may collect and receive your personal data using different methods:

Personal data you provide to us: You may give us your personal data directly, for example, when you obtain services via our Site, contact us with enquiries, complete forms on our Site, subscribe to receive our marketing communications or provide feedback to us.

Personal data received from third parties: We may receive personal data about you from third parties. Such third parties may include analytics providers, data brokers, third party directories and third parties that provide technical services to us so that we can provide our Site and our Services.

Publicly available personal data: From time to time, we may collect personal data about you (Identity Data, Contact Data, or Publicly Available Data) that is contained in publicly available sources (including open source data sets or media reports) or that you or a third party may otherwise make publicly available (for example through speeches at events or publishing articles or other news stories or posts on social media platforms).

We collect and process personal data from the following people:

Site visitors: We will collect and process your personal data in connection with your interaction with us and our Site.

People who contact us with enquiries: If you contact us with an enquiry through our Site, submit a complaint or provide any feedback to us in our surveys and feedback forms, we will collect and process your personal data in connection with your interaction with us and our Site.

Client personnel: We may collect and process your personal data in connection with the supply of services to you and/or your organization.

Talent: If you supply services and/or content to us and/or work with us to provide services to our clients (including featuring in content we produce), we may collect or process your personal data, such as your Identity Data, Contact Data, Financial Data, CVs in connection with such supply of services and/or content to us and our clients.

Partner/supplier personnel: If you (or your organisation) supply products or services to us or otherwise partner with us, we may collect and process your personal data in connection with our receipt of those products and services and/or partnership. This may include personal data included in any email or telephone communications or recorded on any document relating to an order for the products or services, such as your Contact Data.

Visitors to our offices, studios, production sites: If you attend one of our physical offices or other locations, we may process personal data that you volunteer in connection with your visit and any enquiries you make. For example, you may volunteer personal data when signing in as a guest, or when you register for and access our guest Wi-Fi network at our premises. CCTV footage may also be collected for security purposes.

Event attendees: If you attend one of our events, we will process personal data about you in connection with your attendance at the event. For example, we may ask you to complete a registration or feedback form, or other documents relating to the event.

Job applicants: If you apply for a job with us, whether through the Site or otherwise, we will collect and process your personal data in connection with your application.

Members of the public: We may process your data in connection with the provision of the Services to our clients.

A: OPERATION OF SITE, PROVISION OF SERVICES AND MARKETING

I. Operation of the Site

If you browse our Site:

When you browse our Site, we may process Technical Data, including through our use of essential cookies and other similar technologies, to provide our Site to you.  

Our legal basis for processing

It is necessary for us to use your data to perform our obligations in accordance with any contract that we may have with you for the Services, or it is in our legitimate interest to use data in such a way to ensure that we provide access to our Site in a secure and effective way.

If you link to social media sites and interact with our social media pages:

If you click on one of the social media links on our Site or otherwise interact with our social media pages such as on Facebook or Instagram (including interacting with any ‘like’ or similar embedded features on our Site), we and the relevant social media platform may receive information relating to such interaction and may share your personal data in connection with this purpose. Where that data is collected through your use of our Site, the data may include certain Behavioral Data and Technical Data. For more information about how we use this personal data, please see the ‘Website insight and analysis’ section.

Our legal basis for processing

It is in our legitimate interest to use personal data in the ways described above to ensure that we provide the Site in an effective way and to promote our Site via social media.

Website insight and analysis:

We and our third-party partners use cookies, web beacons, pixel tags and other similar technologies (which we generically refer to as “Cookies”) to collect data from the devices that you use to access our Site. The data that is collected includes Behavioral Data and Technical Data, and certain Profile Data. Please see our Cookie Notice for further information, including details of our third-party partners.

We and our third-party partners use this data to analyse how you use our Site and our Services and the effectiveness of our Site and Services, including:

·       to analyse how you use, and the effectiveness of, our Site and Services;

·       to improve our Site and Services;

·       to count users who have visited our Site and collect other types of information, including insights about visitor browsing habits, which helps us to improve our Site and Services;

·       to measure the effectiveness of our content;

·       to learn what parts of our Site are most attractive to our users, which parts of our Site are the most interesting and what kind of features and functionalities our visitors like to see;

·       to help us understand the type of marketing content that is most likely to appeal to our visitors and customers.

Our legal basis for processing:

Where your data is collected through the use of non-essential Cookies, we rely on consent to collect your personal data and for the onward processing purpose. Please see our Cookie Notice for further details.

In certain circumstances, we may rely on another lawful basis when we use your personal data collected via the use of Cookies.  For example, where we use personal data collected through the use of analytics cookies to analyse how you use our Site, it is in our legitimate interest to use your personal data in such a way to improve our Site and Services.]  

II. Provision of our Services

Content creation and managing talent:

As part of our content creation services to clients, we maintain talent databases which includes Identity Data, Contact Data, Applicant Data and Publicly Available Data as well as biography and personal preferences of individuals we may use for a particular campaign.  We use this information for the purpose of selecting talent for a particular campaign and working with that talent.  We may obtain this information directly from the individual, via third party recruiters or agents, or publicly available sources.

As part of creating the content featuring the talent, we will process their Image Data as well as Identity and Applicant Data.

Our legal basis for processing

It is in our legitimate interests (or those of our clients) to process talent personal data in this way to enable us to provide our services. 

Where we process special category data in connection with this purpose that was collected from you directly, we will only do so with your explicit consent.  Where we obtain this special category from publicly available sources, we will rely on the fact that the individual made such information manifestly public.  Where we do this on behalf of our clients as a data processor, we do not require a legal basis for such processing.

Client data insight and analysis:

We may, acting on our own behalf and on behalf of our clients, collect data about you in connection with the provision of our Services to carry out insight and analysis on an anonymised and/or aggregate basis so that we can improve our services and help our client to better understand their own customers’ interests and improve their products/ services. The data that is collected includes Behavioural Data and Technical Data, and certain Profile Data.

Our legal basis for processing

To the extent the above involves personal data, it is in our legitimate interests (or those of our clients) to process personal data in this way to enable us to provide our services.  Where we do this on behalf of our clients as a data processor, we do not require a legal basis for such processing.

Please note that often such services will relate to anonymous data sets (aggregated data sets, statistical data sets and similar) and are used for high-level market analytics or understanding macro consumer habits (amongst other things).  When we do this, we and our clients are not processing personal data.

III. Marketing and Media Enquires

Marketing:

We may use your Identity Data, Contact Data and Marketing and Communications Data to send you (or the organisation you represent) marketing communications by email or via phone. Our marketing will include press releases and information about us.  

Our legal basis for processing

It is in our legitimate interest to use your personal data in this way to ensure the promotion of our services is tailored and/or appealing to you and/or the organisation you work for. Please note that we will only send you marketing with your consent.

Media and informational inquiries:

We may collect personal data (including Identity Data, Contact Data and Publicly Available Data) about journalists, client contacts or industry contacts for interview requests, for media questions, or requests for information about TBWA. We may also provide individuals with the opportunity to sign up for newsletters or to receive copies of blogs and other information that we make available.  Where an individual signs up to receive such information, Contact Data may be requested in each case, together with details of other personal data that is relevant to these inquiries. This information is used in order to enable us to respond to individual requests or media requests.

Our legal basis for processing

It is in our legitimate interests (and those of our clients) to process personal data in this way to ensure we provide the services requested by our clients in an effective and efficient way and that we provide the right information to those who request it.

B: BUSINESS ADMINISTRATION, FINANCIAL AND LEGAL

Receipt of services:

If we have engaged an organisation to provide us or our clients with services (for example, IT support or financial advice), we will collect and process your personal data (including Contact and Identity Data) if you are a contact within the relevant organisation in order to manage our relationship or our clients with the organization, to receive services from the organisation and, where relevant, to provide our services to others including our clients.

Our legal basis for processing

It is necessary for us to use personal data in this way to perform our obligations in accordance with any contract that we may have with the organisation, or it is in our legitimate interest to use personal data in such a way to ensure that we have an effective working relationship with the organisation and are able to provide our services to others in an effective way.  Where we do this on behalf of our clients as a data processor, we do not require a legal basis for such processing.

Recruitment:

If individuals apply for a job with us or otherwise express an interest in working for us, we will collect contact details and CV or resume information from the individual.  We use such personal data for the following purposes: a) to assess the individual’s suitability for any position for which they applied (or future positions for which we think the individual may be suitable) including employment or freelancer positions, summer placements or internships and also any business support or services role whether such application has been received by us online, via email or by hard copy or in person application; b) to take any steps necessary to enter into any contract of employment (or otherwise) with the individual; c) to comply with any regulatory or legal obligations in relation to any such application; and d) to review our equal opportunity profile in accordance with applicable legislation. We do not discriminate on the grounds of gender, race, ethnic origin, age, religion, sexual orientation, disability or any other basis covered by local legislation. 

What is our legal basis?

Where we use personal data in connection with recruitment and talent management it will be in connection with us entering into a legal contract with them or it is in our legitimate interest to use personal data in such a way to ensure that we can make the best recruitment and talent management decisions for TBWA , or it is our legal obligation to use such personal data to comply with any legal obligations imposed upon us.  We will not process any special data except where we are able to do so under applicable legislation or with the individual’s explicit consent.

Visiting our premises, studios or production sites:

If an individual visits any of our premises, studios and/or production sites we may collect personal data including Identity or Contact Data as part of our sign in process.  We may also capture their image on our surveillance camera or CCTV. We may also collect data relating to Covid-19 vaccination or testing in accordance with government regulation or guidance.

If an individual registers as a guest user for free Wi-Fi access at any of our premises, we may collect personal data including Identity and Contact Data as part of the registration process. We may also process Behavioural and Technical Data in connection with any use of this free Wi-Fi service for monitoring and record-keeping purposes, including to identify the source of service requests, optimise and maintain performance of the Wi-Fi service, and investigate and prevent system abuse. For more information about how we might process your personal data in this regard, please see our Portal Privacy Notice at the applicable location.

Our legal basis for processing

It is in our legitimate interests to process personal data in this way for security reasons and we collect data relating to Covid-19 in order to comply with our legal obligations in relation to health and safety, or other legal obligations introduced in relation to the Covid-19 pandemic.

Where we process personal data in connection with providing access to our free Wi-Fi service, it is in our legitimate interests to process personal data in this way to provide the service. Where we monitor use of our free Wi-Fi service to ensure proper use of the system, we process personal data for monitoring and record-keeping purposes based on guest user consent. 

Business administration, finance, and legal compliance:

We may use an individual’s personal data (including Identity Data, Contact Data, Financial Data, Transaction Data, Publicly Available Data) for the following business administration and legal compliance purposes:

·       to facilitate the operation or effective management of our group of businesses;

·       for financial, accounting and tax purposes;

·       to comply with our legal obligations;

·       to enforce or protect our legal rights;

·       to deal with complaints;

·       to protect the rights of third parties (including where health or security of an individual is endangered (e.g. a fire); and

·       in connection with a business transition or sale such as a merger, re-organisation, acquisition by another company, or sale of all or a portion of our assets.

Our legal basis for processing

Where we use personal data in connection with a business transition, to enforce our legal rights or to protect the rights of third parties, it is in our legitimate interest to do so. For all other purposes described in this section, we will rely on our obligation to comply with law (including any court order) to process such personal data.

We will not process any special (or sensitive) categories of personal data or personal data relating to criminal convictions or offences except where we are able to do so under applicable legislation or with the individual’s explicit consent.

Where we are required by law to collect your personal data, or we need to collect your personal data under the terms of a contract we have with you, and you fail to provide that personal data when we request it, we may not be able to perform the contract we have or are trying to enter into with you. This may apply where you do not provide the personal data we need in order to provide the Services you have requested from us or to process an application for employment with us. In this case, we may have to cancel your application or the provision of the relevant Services to you, in which case we will notify you.

We only share personal data with others when we are legally permitted to do so. When we share personal data with others, we put contractual arrangements and security mechanisms in place to protect the personal data shared and to comply with our data protection, confidentiality and security standards and obligations.

We are part of the Omnicom Group of marketing and advertising firms and (subject to the above) may share data within Omnicom Group companies, Omnicom Networks, or with our partner agencies. For more information about the Omnicom Group, please see here: Advertising and Marketing Agencies | Omnicom Group.

Further (again subject to the above) we may share your personal data with third parties, as set out in the table below. This list is non-exhaustive and there may be circumstances where we need to share personal data with other third parties.

Our clients: We may share personal data with our clients for the purposes of providing them with Services. 

Third-party IT suppliers: We may share personal data with third parties who support us in providing our Site and help provide, run, and manage our internal IT systems. Such third parties may also include, for example, providers of information technology, cloud-based software-as-a-service providers, identity management, website design, hosting and management, data analysis, data back-up, security, and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.

Payment providers and banks: We may share personal data with third parties who assist us with our invoicing and/or making/receiving payments.

Third-party post/email marketing and CRM specialists: We may share personal data with specialist suppliers who assist us in managing our marketing database and sending out email marketing communications.

Recruitment agencies and related organisations: We may share personal data with external recruiters, third-party providers that undertake background checks on our behalf and other entities within our group of companies for recruitment purposes.

Auditors, lawyers, accountants and other professional advisers: We may share personal data with professional services firms who advise and assist us in relation to the lawful and effective management of our organisation and in relation to any disputes we may become involved in.

Law enforcement or other government and regulatory agencies and bodies: We may share personal data with law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with, applicable law or regulation.

Other third parties: Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, or to establish, exercise or defend legal rights. We will only fulfill requests for personal data where we are permitted to do so in accordance with applicable law or regulation.

Transfers by us – where we disclose personal data

We may transmit personal data to certain third parties (as listed in the ‘Sharing your personal data’ section) that are located in countries that do not protect personal data to the same standard as the GDPR, including to: (1) our different global offices; and (2) our different offices in the Omnicom Group entities, networks or partners agencies.

These countries may not give you the same rights in relation to your personal data and may not have a data protection supervisory authority to help you if you have any concerns about the processing of your personal data.

However, when transferring your personal data, we will ensure that, where required by the GDPR, at least one of the following applies: (1) we will only transfer your personal data to countries or organisations that have been deemed to provide an adequate level of protection for personal data by the UK Government or the European Commission; or (2) we may use specific contracts approved by the UK Government or the European Commission referred to as the “Standard Contractual Clauses” or “SSCs” which give personal data the same protection it has in the UK and EU.

To find out more about the SCCs we use, please see: Standard contractual clauses for international transfers | European Commission (europa.eu) or please email us at privacy@tbwa.com.

In addition, where we disclose personal data that we process in connection with our participation in the EU-U.S. Data Privacy Framework, the UK Extension to that framework, and/or the Swiss-U.S. Data Privacy Framework, we remain liable under those frameworks in relation to our onward transfer of personal data to these countries, unless we can show that we are not responsible for the event giving rise to the damage.

Transfers to us – where we receive personal data

As we are headquartered in New York, USA, any data that you provide directly to us, or that we receive from third parties, may be stored in the USA. In addition, it may be transferred by us to other countries (as described above).

TBWA complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  TBWA has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  TBWA has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.

If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Where our use of your personal data requires your consent, you can provide such consent:

·       at the time that we collect your personal data following the instructions provided; or

·       by informing us by e-mail, post or phone using the contact details set out in this Privacy Notice.

Please note that if you specifically consent to additional uses of your personal data, we may use your personal data in a manner consistent with that consent.

We are committed to keeping the personal data you provide to us secure and we have implemented information security policies, rules and technical measures to protect the personal data under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. In addition, all our employees and data processors (i.e. those who process your personal data on our behalf) are obliged to respect the confidentiality of the personal data of all users of our Site and those who purchase our Services.

You have the following rights in relation to the personal data we hold about you under certain circumstances:

·       To obtain the confirmation that we process personal data about you, to access and obtain copies of the information, as well as information relating to the processing we carry out.

·       To request your personal data be corrected where appropriate.

o    If personal data we hold about you is inaccurate or incomplete, you may request that data be amended. However, please be aware that it is every person’s responsibility to provide us with accurate personal data and to inform us of any changes (e.g. new home address or change of name).

·       To request your personal data be deleted, where appropriate.

o    If you demonstrate that the purpose for which the personal data is being processed is no longer legal or appropriate, the data will be deleted, unless we can demonstrate that we are required to retain the personal data by applicable law or otherwise.

o    If we have shared your personal data with others, we will let them know about the deletion where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.

·       To request that we restrict the processing of your personal data in some circumstances, such as where you contest the accuracy of the personal data, while we investigate your concern.

o    It will not prevent us from storing your personal information.

o    We will tell you before we lift any restriction.

o    If we have shared your personal information with others, we will let them know about the restriction where it is possible for us to do so.

o    If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal information with so that you can contact them directly

·       Where processing is based on your consent, to receive your personal data in a commonly used electronic format or ask that we move your personal data in that format to another provider, where your request relates to the personal data that you gave us directly and where technically possible.

·       To object to your personal data being processed where we are relying on ours or a third party’s legitimate interest to do so or for the purpose of direct marketing.

·       To withdraw your consent at any time when processing relies upon consent.

Data Subject Rights

Data subjects may exercise these rights verbally or in writing using our contact information provided in the ‘How to contact us’ section. We will endeavor to promptly respond to your requests.  Where you ask us to provide a copy of your personal data, we are legally obliged to respond within one month of such request. If your request is denied, we will inform you about the reasons for denial.

Please note that in order for you to assert these rights, we may need to verify your identity to confirm your right to access your personal data.  This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. In order to verify your identity, we may need to gather more personal data from you than we currently have.

Lodging Complaints

In addition, you may have the right to lodge certain complaints in relation to our processing of your personal data with regulators in your jurisdiction.

If you have a concern about any aspect of our privacy practices, including the way we have handled your personal data, we encourage you to first contact us using our contact information provided in the ‘How to contact us’ section.

If the GDPR applies, you can report your concerns to the following organisations:

European Economic Area: You can find a list of supervisory authorities and their contact details for the EEA at https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

United Kingdom: The Information Commissioner’s Office (“ICO”) is the supervisory authority in the United Kingdom. Contact details for the ICO can be found at https://ico.org.uk.

Switzerland: The Federal Data Protection and Information Commissioner (“FDPIC”) is the supervisory authority in Switzerland. Contact details for the FDPIC can be found at https://www.edoeb.admin.ch/.

United States of America: In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, TBWA Worldwide Inc. commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. 

If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information or to file a complaint.  The services of JAMS are provided at no cost to you. 

Following the dispute resolution process, JAMS or you may refer the matter to the U.S. Federal Trade Commission, which has investigatory and enforcement powers over us. Under certain circumstances, you also may be able to invoke binding arbitration to address complaints about our compliance with DPF Principles.

To opt-out of any future promotional or marketing communications or any other commercial communications from us, you should send a request to us at the contact information in the ‘How to contact us’ section.  

This Site contains links to third party websites and services. Please remember that when you use a link to go from our Site to another website or you request a service from a third party, this Privacy Notice no longer applies to these third-party websites and third-party service providers unless we are acting as joint controllers in respect of your personal data with such third party.

Your browsing and interaction on any other websites, or your dealings with any other third-party service provider, is subject to that website’s or third-party service provider’s own rules and policies. We do not monitor, control, or endorse the privacy practices of any third parties.

This Site may integrate with social networking services. You understand that we do not control such services and are not liable for the manner in which they operate.  While we may provide you with the ability to use such services in connection with our Site, we are doing so merely as an accommodation and, like you, are relying upon those third-party services to operate properly and fairly.

We retain personal data only for as long as is necessary for the purposes described in this Privacy Notice, after which it is deleted from our systems.

If any personal data is only useful for a short period (e.g. for a specific event or marketing campaign or in relation to recruitment), we will delete it at the end of that period.  Please note that if you are an unsuccessful candidate we may keep your information for a short period.

If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list so that we know not to send you further marketing communications in the future.

Our Site is not intended for use by, or targeted at, minors (individuals under the age of 18) and we do not knowingly collect personal data of minors. However, due to the nature of our organisation and the Services we provide, we may from time to time collect and process personal data relating to minors. If we do collect personal data of minors, we will comply with all applicable laws and regulations relating to the processing of personal data of minors.

UNITED STATES

CCPA

This Cookie Notice explains how we use “cookies” and similar technologies (such as “web beacons, “pixels” or “tags”) on the DotDotDash website at www.dotdotdash.io (“Site”).  It is designed to assist you in making informed decisions when using our service. Please take a moment to read and understand this Cookie Notice. This Cookie Notice should also be read in conjunction with our Privacy Notice and our Website Terms of Use.

Cookies are very small text files or pieces of code, which often include an unique identifier. When you visit a website, the website will request to store this text file on your device in order to remember information about you, such as your language preference or login information.  Other information gathered through cookies may include the date and time of visits and how you are using our website. 

We also use similar technologies to cookies known as “web beacons”, “pixels” or “tags”. These technologies do a similar job to cookies, allowing website operators to count page views and understand how visitors interact with and respond to certain content on a webpage. 

For the purposes of the remaining sections of this Cookie Notice, we refer to all cookies and similar technologies using the above features as “cookies”.  

You should be aware that applications you use to access our Site, such as your website browser, may also place cookies on your device when visiting our Site, or other websites. An example of this would be where you sign in to Google Chrome using a Google Account (see Section 7 below). We do not have control over these third party cookies, so you will need to manage these cookies in the settings of the relevant applications. 

For more details on cookies and similar technologies, please visit All About Cookies. 

We use “first party cookies” and “third party cookies” in connection with our Service. First party cookies are cookies placed by us to collect information about you. Third party cookies are cookies placed by third party website operators. Information about you collected by those third party cookies will be shared with the relevant third party. Please refer to the relevant third party website operator’s privacy notice for more details about the information they collect and how they use it.

All cookies have expiration dates that determine how long they stay in your browser:

Session Cookies – these are temporary cookies that are placed on your device during your browsing session and then expire (and are automatically erased) whenever you close your browser.

Persistent Cookies – these are designed to last for a pre-defined period of time which varies depending on the nature of the cookie.  Persistent cookies stay in your browser until they reach their individual expiry date or until you manually delete them (see Section 6 below).

Strictly Necessary – Please note, we do not need your consent to store and access strictly necessary cookies on your device, although you can still block or delete them (see Section 6 below).

Non-essential – Please note, these are all cookies that do not fall into the Strictly Necessary category (See Section 4 for all categories).  

We may only store and access non-essential cookies on your device with your permission. You are not obliged to give consent to our use of non-essential cookies.  If you do give your consent and then change your mind, you can block or delete them (see Section 6 below).

You can block the use of cookies generally (not just in respect of our Site) by activating the relevant settings in your browser.  For more information on cookie management and blocking or deleting cookies for a wide variety of browsers, visit All About Cookies. 

Further, if you do not want to be tracked by Google Analytics, you can install the Google Analytics opt-out browser add-on (but this will only work on certain browsers).  For further information on Google Analytics and its use of cookies, please consult the Google Analytics cookie policy. 

Please be aware that in order to use some parts of our Site you will need to allow certain functional cookies.  If you block or subsequently delete those cookies, some aspects of our Site may not work properly, and you may not be able to access all or part of our Site.

Separately to our use of Google Analytics cookies, when you access the Site via Google applications such as Google Chrome, Google may collect user information for the purpose of Google serving personalized advertising across your devices.  Google is able to place these advertising cookies on the devices used by visitors to the Site because we use Google services to run the Site.  However, these cookies are dropped for Google’s own purposes and as such we do not have any control over how or when they are dropped. You will need to opt out of receiving these cookies via your Google settings.  

For further information about these cookies please see: Google Settings.  Please note that other browsers may use similar tools.

Please note that our Site links to third party websites that are not operated by us.  Where you follow links from our Site to the website of a third party, that website may place different cookies on your device. You should check the relevant privacy notice and/or cookie notice for more information about how that third party uses cookies.

We may update our Cookie Notice from time-to-time.  We recommend that you check here periodically for any changes to our Cookie Notice.

This California Consumer Privacy Statement supplements the TBWA Privacy Policy and applies solely to California consumers. This section provides information about our online and offline privacy practices. This Statement does not apply to TBWA personnel.

This California Consumer Privacy Statement uses certain terms that have the meaning given to them in the California Consumer Privacy Act of 2018 and its implementing regulations (the “CCPA”).

We may collect the following categories of personal information about you:

• Identifiers: identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers

• Additional Data Subject to Cal. Civ. Code § 1798.80: signature, physical characteristics or description, state identification card number, insurance policy number, education, bank account number, credit card number, debit card number, and other financial information, medical information, and health insurance information

• Protected Classifications: characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status

• Commercial Information: commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies

• Online Activity: Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements

• Sensory Information: audio, electronic, visual, and similar information

• Employment Information: professional or employment-related information

• Education Information: education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)

• Inferences: inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

We may use the categories of personal information listed above for the purposes described in our Privacy Policy. In addition, we may use these categories of personal information for certain business purposes specified in the CCPA, as described in this table:

In addition, we may also use the following categories of personal information for purposes of managing our career opportunities: Identifiers; Additional Data Subject to Cal. Civ. Code § 1798.80; Protected Classifications; Employment Information; Education Information and Inferences.

We may have collected and used your personal information, as described in section 1 above, during the 12-month period prior to the effective date of this California Consumer Privacy Statement. For the personal information collected during that timeframe, we describe below: (a) the categories of sources from which we may have obtained the personal information, and (b) the categories of third parties with whom we may have shared the information, and (c) the categories of personal information we may have disclosed for a business purpose.

1. Sources of Personal Information

We may have obtained personal information about you from various sources, as described below.

2. Sharing of Personal Information

We may have shared your personal information with certain categories of third parties, as described below.

3. Sale of Personal Information

We do not and will not sell your personal information.

4. Disclosure of Personal Information for a Business Purpose

We may have disclosed to third parties the following categories of personal information for a business purpose:

• Identifiers such as a real name, alias, postal address, unique personal identifier (such as a device identifier; cookies, beacons, pixel tags, mobile ad identifiers and similar technology; customer number, unique pseudonym, or user alias; telephone number and other forms of persistent or probabilistic identifiers), online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number, passport number, and other similar identifiers

• Signature, physical characteristics or description, state identification card number, insurance policy number, education, bank account number, credit card number, debit card number, and other financial information, medical information, and health insurance information

• Characteristics of protected classifications under California or federal law, such as race, color, national origin, religion, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, ancestry, genetic information, disability, citizenship status, and military and veteran status

• Commercial information, including records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies

• Internet and other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding your interaction with websites, applications or advertisements

• Professional or employment-related information

• Education information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Sec. 1232g; 34 C.F.R. Part 99)

• Inferences drawn from any of the information identified above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

You have certain choices regarding our use and disclosure of your personal information, as described below.

Access: You may have the right to request, twice in a 12-month period, that we disclose to you the personal information we have collected, used, and disclosed about you during the past 12 months.

Deletion: You have the right to request that we delete certain personal information we have collected from you.

Opt-Out of Sale: We do not sell your personal information in exchange for monetary compensation, nor have we done so in the preceding 12 months.

Verifying Requests: To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your request. If you request access to or deletion of your personal information, we may require you to provide any of the following information: name, address, state-issued photo identification. In addition, if you ask us to provide you with specific pieces of personal information, we will require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. If you designate an authorized agent to make an access, deletion or opt-out of sale request on your behalf (1) we may require you to provide the authorized agent written permission to do so, and (2) for access and deletion requests, we may require you to verify your own identity directly with us (as described above).

Additional Information: If you choose to exercise any of your rights under the CCPA, you have the right to not receive discriminatory treatment by us. To the extent permitted by applicable law, we may charge a reasonable fee to comply with your request. This Statement is available in alternative formats upon request.

CCPA Contact Information: Please contact privacy@tbwa.com or (833) 520-0506, Monday to Friday, 9 am – 5 pm EST, to request this Statement in an alternative format.