Privacy Policy

Welcome to Threat Matrix App! We are committed to safeguarding your privacy, especially in compliance with the UK General Data Protection Regulation (UK GDPR). This Privacy Policy explains the data we collect, why we collect it, and how we handle your personal information.

Such information includes:

  • the IP address from which you visit

  • referral address

  • browser type

  • operating system

  • other technical information

  • your email address is not automatically logged without your knowledge.

We will not distribute, sell, trade or rent your personal information to third parties. Signfy may provide aggregate statistics about our website’s users, traffic patterns and related site information to reputable third-parties. Such statistical information will not include personally identifying information.

Signify follows the relevant legal requirements and takes all reasonable precautions to safeguard personal information.

1.    INTRODUCTION

The Threat Matrix App is designed to scan and detect abuse and threat sent to you via attempted Direct Message contact. It only processes message requests from people you have not conversed with and will not process data from inbox conversations, ensuring your private conversations remain so at all times.

Questions?

For any concerns or to exercise your rights, contact our Data Protection Officer at: data@signify.ai.

2.  ABOUT US

Your personal data (i.e. any information which identifies you, or which can be identified as relating to you personally) will be collected and used by Signify Group Limited (Signify), UK company registration no: 10814854, 1st Floor Gallery Court, 28 Arcadia Avenue, N3 2FG, London, England. 

3.  THE INFORMATION WE COLLECT

Personal data you provide":

  • Login Information: We collect your username, password, and any other details you provide during the login process.

  • Device Information: Device type, operating system, unique device identifiers, and mobile network information.

  • Log Information: Date and time of access, app features used, and any errors encountered.

4.  HOW WE USE INFORMATION

We only ever use your personal data with your consent, or where it is necessary in order to:

  • provide the requested services through the app;

  • Authentication: To verify your identity and provide you access to the Threat Matrix App.

  • Service Improvement: Enhance functionality, security, and user experience.

  • Communication: Notify you about updates, security alerts, and support matters.

  • Analytics: Understand user behavior to optimize our services.

  • comply with a legal duty;

  • protect your vital interests;

  • for our own (or a third party’s) lawful interests, provided your rights don’t override these.

Whatever the case, we’ll only use your information for the purpose or purposes it was collected for (or else for closely related purposes).

5.    DISCLOSING AND SHARING DATA

Your personal data – which may include your name, organisation, position, and email address may be held by our newsletter processing service. This, along with contact information is currently processed internally. We will notify anyone who has contacted us or asked to receive newsletter updates in the event of a change.

Occasionally, where we partner with other organisations, we may also share information with them (for example, if you register to attend an event being jointly organised by us and another organisation). We’ll only share information when necessary and we will never share your contact information (e.g. email or telephone).

 

7.  HOW WE PROTECT DATA

We employ a variety of physical and technical measures to keep your data safe and to prevent unauthorised access to, or use or disclosure of your personal information. 

Electronic data and databases are stored on secure computer systems and we control who has access to information (using both physical and electronic means). We have a set of detailed data protection procedures which personnel are required to follow when handling personal data.

Of course, we cannot guarantee the security of your home computer or the internet, and any online communications (e.g. information provided by email or our website) are at the user’s own risk.

 

8.  STORAGE

Where we store information

Signify’s operations are based in England and we store our data within the European Union.

How long we store information

We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).

We continually review what information we hold and delete what is no longer required. We never store payment card information.

 

9. KEEPING YOU IN CONTROL

We want to ensure you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:

  • the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as subject access request);

  • the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason);

  • the right to have inaccurate data rectified;

  • the right to object to your data being used for marketing or profiling; and

  • where technically feasible, you have the right to personal data you have provided to us which we process automatically on the basis of your consent or the performance of a contract. This information will be provided in a common electronic format.

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.

If you would like further information on your rights or wish to exercise them, please contact us by emailing contact@signify.ai.

Complaints

You can complain to Signify directly by contacting our Data Team using the details set out above.

If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you can complain to the UK Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to do this can be found at www.ico.org.uk

 

11.  CHANGES TO THIS PRIVACY POLICY

We’ll amend this Privacy Policy from time to time to ensure it remains up-to-date and accurately reflects how and why we use your personal data. The current version of our Privacy Policy will always be posted on our website.

Note on compliance with the UK General Data Protection Regulation as pertaining to use of social media data within Signify research and work.

Signify often conducts research which involves the collection and analysis of publicly available data from social media platforms.  Much of this data, including usernames, is considered personal data under the General Data Protection Regulation (UK GDPR). In order to ensure this data is processed lawfully and transparently, the following procedures are followed by Signify.

  • All data collected from social media platforms is accessed through the official application programming interface (API) of that platform (or a licenced provider), and stored and used in compliance with that API’s terms of service.

  • Data is only collected from platforms for which users have provided clear consent, as defined in Article 4(11) of the UK GDPR, to provide that platform with published data

  • Signify often applies techniques in artificial intelligence to social media data, in order to conduct research on this data. As we have throughout our history as a research centre, we ensure that the reasons for applying these techniques, the methodology used to analyse data, and the conclusions drawn from our analysis are presented clearly and fully in each report. This includes publishing detailed accuracy scores for any machine learning algorithms applied as part of the research.

  • This data is securely stored on a monitored server, accessible only to Signify staff, and encrypted in transit. In the event that a data breach is discovered, Signify will act swiftly to ensure that damage from this breach is minimised, including informing relevant supervisory authorities and acting to identify and resolve any security issues allowing the breach.

  • Data collected from social media sites is not stored for longer than is necessary to complete each project

  • In order to respect the rights of data controllers to maintain control of their personal data, Signify will remove from any dataset personal data pertaining to an individual who requests such deletion. This includes taking reasonable measures to ensure that content deleted from social media platforms is also removed from datasets used by Signify. 

  • Signify does not publish any personal data collected during its research, nor is personal data shared with third parties external to Signify or transferred out of the UK, without the explicit consent of the data subject. Any data published or shared with a third party is aggregated, anonymised or altered to prevent identification a natural person.

  • Where quotes from social media users are published in reports, these quotes are bowdlerised – altered in a way which preserves meaning but prevents retroactive identification of the original post through e.g an online search. An occasional exception to this policy is observed when the user is publically known to the extent that they would not reasonably expect their social media posts to be private. It should be noted here that the GDPR only applies to natural persons, and not companies or organisations. 

  • The above is caveated where there is clear public interest or evidence of criminality in which case we will pass data to the relevant law enforcement. 


This Privacy Policy was last updated on 01.09.2023