Privacy Policy

Introduction

Profound ("Company," "we," "us," or "our") operates the Profound platform (the "Service"), a B2B market research and business intelligence platform. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal data in connection with our Service.

We are committed to protecting your privacy and ensuring transparency about how we handle your information. This policy applies to all users of Profound, including subscribers, trial users, and visitors to our website.

Information We Collect

We collect various types of information in connection with the services we provide. The categories of information we collect include:

Personal Information

When you register for an account or use our Service, we collect personal information that you voluntarily provide, including:

• Name and email address
• Company name and industry
• Job title and department
• Contact information (phone number, address)
• Account credentials and authentication information
• Billing and payment information (processed securely through third-party payment providers)
• Communication preferences and opt-in/opt-out choices

Usage Data

We automatically collect information about how you interact with our Service:

• IP address and device information
• Browser type and version, operating system
• Referring/exit pages and URLs
• Pages visited and time spent on each page
• Reports accessed and search queries
• Features used and actions taken within the platform
• Click patterns and interaction data
• Date and time of access

Cookies & Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to:

• Maintain your session and remember your preferences
• Understand how you use our Service and improve functionality
• Provide personalized content and recommendations
• Measure campaign effectiveness and marketing performance
• Detect and prevent fraud or security issues

You can control cookie preferences through your browser settings. However, disabling cookies may limit your ability to use certain features of the Service.

How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: Providing, maintaining, and improving the Profound platform and customer support
• Account Management: Creating and managing your account, authentication, and password recovery
• Billing: Processing payments, invoicing, and managing subscriptions
• Communication: Sending transactional emails, security alerts, policy updates, and support responses
• Marketing: Sending promotional content, newsletters, and product updates (with your consent)
• Analytics: Understanding usage patterns, platform performance, and user behavior to optimize service delivery
• Compliance: Fulfilling legal obligations, enforcing our terms, and resolving disputes
• Security: Protecting against fraud, unauthorized access, and security threats
• Business Improvement: Developing new features, conducting research, and improving existing services

Data Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: We share data with third-party vendors who provide services on our behalf, including hosting providers, payment processors, analytics services, and email service providers. These providers are contractually obligated to protect your data.
• Consent: We share data when you explicitly authorize us to do so for specific purposes.
• Legal Requirements: We may disclose information when required by law, court order, subpoena, or government request, or to enforce our rights and protect our business.
• Business Transfers: In the event of merger, acquisition, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will provide notice of such changes.
• Aggregated Data: We may share aggregated, de-identified data for industry benchmarking, research, and marketing purposes.

We do not sell your personal information to third parties. Profound does not engage in the sale of personal data as defined under GDPR, CCPA, or similar privacy regulations.

Data Security

We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security practices include:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest using industry-standard algorithms
• Access controls and role-based permissions limiting employee access to data
• Regular security audits and vulnerability assessments
• Secure authentication mechanisms and password policies
• Incident response procedures and breach notification protocols
• Regular employee training on data privacy and security practices

While we implement strong security measures, no system is completely immune to breaches. We will notify you of any material security incident affecting your information in accordance with applicable law.

Your Rights and Choices

Access and Correction

You have the right to access, review, and correct your personal information. You can update your account information directly through your account settings, or contact us to request a copy of your data.

Data Deletion

Under GDPR, CCPA, and other privacy laws, you have the right to request deletion of your personal information. Upon receipt of a verified deletion request, we will delete or de-identify your data within 30 days, except where we are required to retain it for legal, contractual, or legitimate business purposes.

Opt-Out Rights

You may opt out of marketing communications by clicking the "unsubscribe" link in our emails or by managing your communication preferences in your account settings. You can also control cookie preferences through your browser or by managing your cookie settings on our website.

Data Portability

Upon request, we can provide your personal information in a structured, machine-readable format for transfer to another service provider.

GDPR Rights

If you are located in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR), including the right to withdraw consent, object to processing, and lodge complaints with your supervisory authority.

CCPA Rights

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information.

International Data Transfers

Your personal information may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have different data protection laws than your home country.

When we transfer information internationally, we implement appropriate safeguards, including:

• Standard Contractual Clauses approved by relevant authorities
• Binding Corporate Rules for intra-company transfers
• Your explicit consent to the transfer
• Data Processing Agreements with third-party processors

By using Profound, you consent to the transfer of your information to countries outside your country of residence as described in this policy.

Data Retention

We retain your personal information for as long as necessary to provide services, fulfill the purposes outlined in this policy, and comply with legal obligations. Retention periods vary based on the type of information and the purposes for which we use it:

• Account Information: Retained while your account is active and for a reasonable period after closure
• Billing Records: Retained for the duration of your subscription plus 7 years for tax and accounting purposes
• Marketing Communications: Retained until you unsubscribe or request deletion
• Usage Data: Typically retained for 12 months for analytics purposes
• Legal/Compliance Data: Retained as required by applicable law

When information is no longer needed, we securely delete or anonymize it.

Children's Privacy

Profound is not intended for users under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that a child has provided us with personal information, we will take steps to delete such information and terminate the child's account.

Parents or guardians who believe their child has provided personal information to Profound should contact us immediately at the contact information provided below.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date at the top of this policy.

Your continued use of Profound after any modifications constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions about this Privacy Policy, requests regarding your personal information, or concerns about our privacy practices, please contact us at:

Profound Privacy Team
Email: contact@profound.com
Address: Will be provided upon request

We will respond to all inquiries within 30 days or as required by applicable law. If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.