1. How we collect Personal Data
When we use the term “Personal Data,” we mean information that can be used to identify you as an individual person. We collect limited categories of Personal Data through our Services, including through:
• Data you provide: for example, if you register or create an account on our site, we need to collect your name and email address. Similarly, when you contract with us for our Services, we need to collect your name, contact details and payment information. In addition, we collect Personal Data you provide to us through optional, voluntary submissions (e.g. when contacting us to inquire about our Services or submit complaints, to provide feedback or to receive our electronic newsletters, to participate in our blog(s), and to participate in polls and surveys). For further information, please see Section 2 below.
• Data collected automatically: for example, information collected through Cookies on our website or through aggregated tracking information derived mainly by tallying page views throughout our sites. This information allows us to best tailor our content to users’ needs and to help improve our website functionality. For further information, please see Section 2 below.
• Data we receive from third-party sources: for example, as part our Services, we may lawfully collect or license (including from national and international trade mark registries and authorized licensors) information about individual registered trade mark owners and applicants, as well as individual domain name registrants and administrative/technical contacts – this information may contain limited (and publically available) Personal Data, including names, mailing addresses and other contact information published as part of trade mark and domain name registrations. In addition, if your employer is our client or a client of one of our partners, they may have provided us with your Personal Data in order for us to contact you about the Services we perform for your employer, to register you as a user of our Services and/or to manage the contract between us and your employer. For further information, please see Section 2 below.
• Data collected from publically-available and other third-party sources: as part our Services, we may collect on behalf of our clients limited Personal Data about sellers and advertisers of certain products from publically-available and other third-party sources, including from websites, social media, online stores and marketplaces and other similar sales channels. For further information, please see Section 2 below.
2. How we use Personal Data
We will only use your Personal Data when and how the law allows us to. We rely on separate and overlapping bases to process your Personal Data lawfully (as described in the tables below). By way of example only, it may be necessary for us to process your Personal Data in order to provide Services you have requested and to perform the contract between us, or we may process your Personal Data where necessary to further Corsearch’s or its clients’ legitimate business interests, always taking into account that those legitimate interests will not be overridden by your personal rights and interests.
In certain circumstances we may ask for your consent to process your Personal Data. In such circumstances you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing undertaken by us prior to the withdrawal of your consent.
DATA YOU PROVIDE
We collect the following Personal Data you provide (for example when you enter the information into form fields when registering or ordering Services, or when you contact or engage with us directly):
|Category of Personal Data||Purposes of Processing||Legal Bases for Processing|
|Contact Information including your name, address, email address, user name and phone number.||To activate and administer your account and the Services requested, authenticate you as a user, and communicate with you, including where you have requested information from us about us or our Services, and as described below in Additional Uses of Personal Data and Legitimate Interests.||To provide Services requested by you and to meet our contractual obligations (Art. 6 para. 1 (b) GDPR). Our legitimate interests (Art. 6 para. 1 (f) GDPR). Your consent (Art. 6 para. 1 (a) GDPR), where required and obtained.|
including your name and email
|To provide you with our newsletters and updates to our blogs, where you have opted-in to receive such newsletters and|
|Your consent (Art. 6 para. 1 (a) GDPR),|
where required and obtained.
|Financial Information including payment or financial account information.||To process payments for the Services requested and to provide purchased Services. To meet statutory tax or other applicable legal requirements.||To process transactions requested by|
you and meet our contractual obligations (Art. 6 para. 1 (b) GDPR). Compliance with legal obligations (Art. 6 para. 1 (c) GDPR).
|Purchase or Subscription Information including details of Services purchased.||To improve our platform and as described below in Additional Uses of Personal Data and Legitimate Interests.||Our legitimate interests (Art. 6 para. 1 (f) GDPR).|
|Information provided in response to voluntary surveys, polls and inquiries including response and poll information.||To conduct voluntary market research, surveys, polls and similar inquiries to help us understand trends and client needs, and as described below in Additional Uses of Personal Data and Legitimate Interests. |
Where the site offers voting functionality, we may use a system to “tag” users after they have voted, so they can vote only once on a particular question. This tag is not correlated with information about individual users.
|To provide the Services requested by you and to meet our contractual obligations (Art. 6 para. 1 (b) GDPR). Our legitimate interests (Art. 6 para. 1 (f) GDPR).|
Where we need to collect Personal Data by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have entered (or are trying to enter) into with you. In such cases, we may be unable to provide the Services you have requested.
DATA COLLECTED AUTOMATICALLY
As is true of most digital platforms, we gather certain information automatically when you use our Services. This information may include browser, device and/or similar data that we collect as follows:
|Category of Personal Data||Purposes of Processing||Legal Bases for Processing|
including IP addresses, browser type, referring/exit pages, operating system, date/time stamp and/or
clickstream data. We may collect this information
|To set up the connection of your device with our services in order to provide you our Services and to resolve technical issues with the Services.|
To maintain the security of the Services, for fraud detection, and to protect our rights and as described below in Additional Uses of Personal Data and Legitimate Interests.
|To provide Services requested by you and to meet our contractual obligations (Art. 6 para. 1 (b) GDPR). |
Compliance with legal obligations (Art. 6 para. 1 (c) GDPR).
Our legitimate interests (Art. 6 para. 1 (f) GDPR).
including IP addresses, browser
type, referring/exit pages, operating
system, date/time stamp and/or
We may collect this information
from cookies, analytics and related
For more information, including on
please see Section 7 below.
|To collect information about your use of the Services and to improve the Services and as described below in Additional Uses of Personal Data and Legitimate Interests.||Our legitimate interests (Art. 6 para. 1 (f) GDPR).|
Your consent (Art. 6 para. 1 (a) GDPR), where required and obtained.
DATA WE RECEIVE FROM THIRD-PARTY SOURCES
As described above, as part of our Services, we may collect and process certain Personal Data from publically available sources and third parties in respect of registered trademark owners and applicants, as well as domain name registrants and related administrative/technical contacts (“IP Owners”). For further information about the types of Personal Data we process in respect of IP Owners, together with the source(s) and our related purposes and legal bases for processing such data, please see the table below.
In addition, we may obtain certain Personal Data about you from our corporate clients, partners and the clients of our partners. In particular, if your employer has contracted with us for our Services, we may receive Personal Data about you directly from your employer or from our partner. For further information about the types of Personal Data we process about you in such circumstances as well as the related purposes and legal bases for processing such data, please see the table below.
|Category of Personal|
|Source of Personal|
|Legal Bases for|
|IP Owner Information including your name, mailing address and other contact information published as part of your application or registration (including, where applicable, your email address and fax/phone number).||National and international|
Publically available Trademark and Domain Name registers.
|To provide the Services requested by our clients, including to assist our clients to register, defend and/ or enforce their intellectual property rights, and where applicable, as described below in Additional Uses of Personal Data and Legitimate Interests||Our legitimate interests (Art. 6 para. 1 (f) GDPR). Our clients’ (and where applicable, their customers’) legitimate interests (Art. 6 para. 1 (f) GDPR), including to register, defend and/ or enforce their intellectual property rights.|
|Client Employee / Partner|
Client Employee Contact
including your name and work contact details, such as your job title, work address, email address and phone number.
|Your employer or our partners.||To activate and administer your employer’s or your account, provide the Services requested and meet our related contractual obligations, authenticate you as a user, communicate with you, including where you have requested information from us about us or our Services, and as described below in Additional Uses of Personal Data and Legitimate Interests. To provide you with updates to our blogs, where you have opted-in to receive such updates.||Our legitimate interests (Art. 6 para. 1 (f) GDPR). Your consent (Art. 6 para. 1 (a) GDPR), where required and obtained.|
DATA COLLECTED FROM PUBLICALLY-AVAILABLE AND OTHER THIRD-PARTY SOURCES
As described above, as part of our Services, we may collect and process limited Personal Data from publically-available and other third-party sources about online sellers and advertisers of potential or confirmed counterfeit products (“Sellers”). Such Personal Data may include names, contact information and the types and quantity of products advertised, sold or otherwise made available (“Seller Information”).
We act as a data processor in respect of Seller Information and our clients (or our partners’ clients) are the data controllers of this information. This means that we process Seller Information on behalf of our clients (or our partners’ clients) and in accordance with their instructions. In such circumstances, our clients (or our partners’ clients) are the data controllers of the Seller Information processed by us on their behalf and, where applicable, they are responsible for providing you with (or making available) any fair processing information required under relevant data protection laws and otherwise complying with any rights you may have regarding any Seller Information relating to you.
However, we may also collect and process limited Seller Information independently of our client relationships, including in order for us to conduct research and statistical analysis in relation to counterfeiting trends and developments in the industries and markets in which our clients and other third parties operate, and to improve and optimize our Services. We collect this information, which may include, to the extent publicly available, your seller/account name, your name and contact details, such as your email address, phone/fax number, from publically available sources, including websites, social media, online stores, marketplaces and other similar sales channels. In accordance with the GDPR’s principle of data minimization, we limit the amount of Seller Information collected as much as reasonably possible. We also anonymise or delete all copies of Seller Information before producing any reports, materials or other work products or otherwise sharing the results of our research and analysis with any third parties. We do not retain Seller Information (or copies thereof) following its anonymization or deletion.
In such circumstances, we are the data controller of your information and we rely on our legitimate interests (Art. 6 para. 1 (f) GDPR), including as described below in Additional Uses of Personal Data and Legitimate Interests, for such processing.
ADDITIONAL USES OF INFORMATION AND LEGITIMATE INTERESTS
- operating our business, administering the Services and managing client accounts;
- contacting you to respond to your requests, inquiries or complaints;
- processing and completing transactions you have requested, including, as applicable, order confirmation, processing payments and delivering products or services;
- operating, managing and securing certain site functionality;
- enabling you to register for our Services;
- improving and optimizing our Services and other products, including for the benefit of Corsearch, its users and clients;
- conducting industry and market research, surveys, polls and similar inquiries to help us understand trends and client needs in order to better provide content to our clients and others;
- ensuring the security of the Services and the protection of our systems and networks;
- preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Data, our sites or data systems;
- enforcing our User Agreement, Services Terms and Conditions and other agreements; and
- providing you with newsletters, articles, Service alerts or announcements and other information about the Services or our other products that we believe may be of interest to you where your consent is not required under applicable law. In such circumstances, you may remove yourself from our mailing lists by following the link provided in every newsletter or marketing email we send to you.
3. Disclosures of your Personal Data
We may share your Personal Data with the following parties for the business purposes set out in Section 2 (above):
- other Corsearch group companies, including, Corsearch Luxembourg S.a.r.l., Corsearch Europe S.A., Corsearch
Deutschland GmbH, Corsearch UK Limited, Corsearch France S.A.S., Corsearch US Holdings Inc., Corsearch Intermediate, Inc., CitizenHawk, Inc., Corsearch Mexico, LLC and Avantiq Oceania Pty Ltd., Yellow Brand Protection Inc., Corsearch AB, Corsearch Shanghai Co., Ltd., Yellow Brand Protection Ltd., Yellow Brand Protection S.r.L., Corsearch B.V., Pointer USA B.V., Pointer Brand Protection & Research Ltd, Entura International UK Ltd., Marketly LLC, Incopro UK Limited, Incopro, Inc., Incopro Information Tech, Co., Incopro Deutschland GmbH, Corsearch Domains LLC, Principium TMW LLC, Corsearch Australia Pty Ltd, Corsearch Sweden Holding AB, Corsearch UK Limited, TrademarkNow Oy, TrademarkNow, Inc., Pointer Brand Protection & Research Ltd, Syngience Business Solutions Private Limited;
- our service providers or processors who provide IT, system administration and other support services to us and who act as our data processors;
- our professional advisers, including, lawyers, auditors, insurers and accountants; and
- third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets on a confidential basis.
In addition, Personal Data regarding IP Owners may be shared with our clients (and where applicable, our partners’ clients) to the extent necessary for the provision of the Services. Our clients and our partners’ clients are required to process such Personal Data in accordance with all applicable data protection laws, including the GDPR.
We do not sell personal information subject to the CCPA (other than as part of the sale,transfer, or merger of all or parts of our business or our assets, as disclosed above) and have not done so in the last 12 months.
We do not transfer personal information subject to the PIPL to any foreign law enforcement and/or judicial bodies.
In compliance with applicable data protection requirements, we require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We do not allow our processors to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our authorization and instructions. Where applicable, our contracts with our data processors also include certain additional obligations required under the GDPR.
4. International Transfers
We transfer your Personal Data within the Corsearch group of companies for business purposes only. This may involve transferring your data outside the European Economic Area (EEA), UK or China to other jurisdictions, which have not been deemed to offer adequate protection for your Personal Data by the European Commission or the UK Government or the Cyberspace Administration of China (as applicable).
In addition, some of our processors are based outside the EEA, UK or China, so their processing of your Personal Data will involve a transfer of data outside the EEA, UK and China respectively.
Where applicable, to protect your Personal Data under the applicable laws, we ensure your Personal Data is adequately protected and that such transfers are carried out in accordance with the law by ensuring at least one of the following safeguards is implemented:
- the country to which a transfer is made has been deemed to provide an adequate level of protection by the European Commission, the UK Government, the Cyberspace Administration of China or other supervisory authorities (as applicable);
- there are specific contracts in place with the recipient of your Personal Data which have been approved by the European Commission, the UK Government, the Cyberspace Administration of China or other supervisory authorities (as applicable) as providing your Personal Data with an adequate level of protection; or
- in certain circumstances, where you have given us your explicit consent to the transfer of your Personal Data outside the EEA, UK and/or China.
Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data outside the EEA and UK or China.
5. Retention of Personal Data
We will only retain your Personal Data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or tax requirements.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
If you are a user of the Corsearch Platforms, please see set out below additional information about how long we keep your Personal Data.
RETENTION OF CORSEARCH PLATFORM USERS’ PERSONAL DATA
The Personal Data we collect about you in connection with our software will be saved whilst your license to use the Corsearch Platform(s) is active. When the applicable Corsearch Platform account is terminated, we may retain the associated Personal Data for an additional period, taking into account statutory limitation periods in the event of a breach of contract or our terms and conditions.
Our Services are not directed to, and we do not intend to or knowingly collect or solicit Personal Data from children. If you are a minor, do not provide us with any Personal Data.
Cookies may collect certain limited Personal Data, such as your IP address. However, generally most of the information we collect through cookies is not Personal Data.
We use the following cookies:
Strictly necessary Cookies. These are cookies that are required for the operation of our sites and may be set automatically. They include, for example, cookies that enable you to log into secure areas of our sites and complete purchases for Services. The legal basis for using such cookies is the provision of the service you have requested (Art. 6 para. 1 (b) GDPR).
With your consent (under Art. 6 para. 1 (a) GDPR) where required by law, we also use the following cookies for the purposes described below:
Analytical/performance Cookies. These cookies allow us to recognize and count the number of visitors to our sites and to see how visitors move around our sites. This helps us to improve the ways our sites work, for example, by ensuring that users are finding what they are looking for easily.
- Functionality Cookies. These cookies are used to recognize you when you return to our sites. This enables us to personalize our content for you and remember your preferences (for example, your choice of language or region).
- Targeting Cookies. These cookies provide us with information about your visit to our sites, including the pages you have visited and the links you have followed. We use this information to make our sites and any advertising displayed on them more relevant to you.
- You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
|Corsearch Global Platform|
|These cookies are used for “Remember|
Me” functionality on our platform
|Corsearch Global Platform|
|These cookies are used to store user|
preferences on our platform and to ensure
our content works on your device
|Corsearch Global Platform|
|These cookies are used for storing user|
session information. These cookies expire
when your browsing session ends
|Corsearch Global Platform|
|CORSEARCHAUTHENTICATION||This cookie is used by our platform to|
support single sign on functionality
|These cookies are used to collect|
information about how visitors use our site,
including to keep track of visitor sessions
and to recognize when visitors return to the
hssc* expires after 30 minutes
hssrc* expires at the end ofthe browser
hstc* expires after 2 years
hubspotutk* expires after 10 years
wp4234* expires after 1 year
cfduid* expires after 1 year
_ga* expires after 2 years
_gid* expires after 1 day
ak_bmsc* expires after 1 day
bm_sv* expires after 1 hour
hs-ard* expires after 3 months
messagesUtk* expires after 2 years
|Universal Analytics (Google)||utma*|
|These cookies are used to collect|
information about how visitors use our site.
We use the information to help us improve
utma* expires after 2 years
utmb* expires after 30 minutes
utmc* expires at the end of the browser
utmd* expires after 10 seconds
utmt* expires after 10 minutes
utmz* expires after 6 months
_ga* expires after 2 years
|These cookies are used for to keep our site|
secure and to recognize visitors when they
return to the site.
CMSCsrfCookie* expires at the end of your
CMSCurrentTheme* expires after 24 hours
CMSPreferredCultureexpires after 1 year cookiesDirective expires after 1 year
|We embed videos on our site using|
YouTube. This may set cookies on your
computer once you click on the YouTube
PREF* expires after 8 months
YSC* expires at the end of your session
VISITOR_INFO1_LIVEexpires after 6 months remote_sid expires at the end of your
|These cookies are used to improve any|
advertising on our site, for example, to
avoid showing an ad that a user has
already seen. There is no personally
identifiable information in these cookies.
IDE* expires after 2 years
x_axis_main* expires after 1 year
Your web browser can be set to allow you to control whether you will accept cookies, reject cookies, or to notify you each time a cookie is sent to you. If you’ve set your browser to warn you before accepting cookies, you will receive the warning message with each cookie. Generally, you do not need to have cookies turned on to use this site. However, you may need cookies to enable you to log into secure areas of our sites, to complete purchases for Services and to participate actively in message boards, forums, polling and surveys.
For more information about cookies, including how to see what cookies have been set and how to manage or delete them, visit www.allaboutcookies.org. To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.
We take appropriate steps to protect your Personal Data against loss, misuse, and unauthorized access, disclosure, alteration, or destruction.
Corsearch employees who handle Personal Data are subject to policies and procedures to protect your Personal Data, are required to treat it confidentially and may not disclose it to unauthorized third parties. You should keep in mind that no Internet transmission is ever 100% secure or error-free. In particular, emails sent to or from this site or to Corsearch may not be secure, and you should therefore take special care in deciding what information you send to us. Moreover, we have reasonable technical safeguards and security measures in place functionally with the site, but where you use passwords, ID numbers, or other special access features on this site, it is your responsibility to safeguard them.
9. Links to Other Websites
10. User Generated Content
Some of our Services may enable users to submit their own content to participate online or through social media, and/or other functions. Please remember that any information you submit or post as user-generated content to the Services may be seen by other registered users. You should exercise caution when deciding to disclose your personal, financial or other information in such submissions or posts. We cannot prevent others from using such information in a manner that may violate this Privacy
Policy, the law, or your personal privacy and safety. We are not responsible for the results of such postings.
11. Your Duties and Rights
Your duty to inform us of changes
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your engagement with us.
Your rights in connection with Personal Data
If your Personal Data is protected under the GDPR, CCPA or other similar data protection laws, under certain circumstances, you may have the right to:
- Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to request a copy of the Personal Data we hold about you and to check that we are processing it lawfully.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it.
- Object to the processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and, other than for the purposes of direct marketing, there is something about your particular situation which makes you want to object to processing on this ground.
- Withdraw your consent from our use your Personal Data for direct marketing purposes. This enables you to opt-out from any direct marketing communications, at any time. You have the right to opt (i) not to register to receive our electronic newsletters; and not to be contacted by telephone, direct mail or email.
- Opt-out of the sale of your Personal Data. Since we do not sell your Personal Data, you are already opted-out of such sales.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Data to another party. This right will only apply in limited circumstances, where we process your Personal Data based on your consent or where the processing of Personal Data is necessary for the performance of a contract between us.
Where applicable, to exercise any of these rights, please contact us.
The rights described herein are not absolute and we reserve all of our rights available to us under applicable law in this regard.
We do not discriminate against you, for example, by charging you a different price or offering a different level of service, for exercising any of these rights.
You also have the right to lodge a complaint with your competent Data Protection Supervisory Authority. We would, however, appreciate the opportunity to address your concerns before you approach a supervisory authority, so please contact us in the first instance.
No fee usually required
You will not usually have to pay a fee to access your Personal Data (or to exercise any of the other rights above, where applicable). However, in accordance with the GDPR and other similar data protection laws, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights) and, in some instances, provide a signed declaration under penalty of perjury that you are the individual whose personal information is the subject of the request. If it is necessary to collect additional information from you, we will use the information only for verification purposes and will delete it as soon as practicable after complying with the request. For requests related to particularly sensitive information, we may require additional proof of identification. This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
If you make a request through an authorized agent, we will require written proof that the agent is authorized to act on your behalf.
Time to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
California Residents – “Shine the Light”
We do not provide your Personal Data to third parties for such third parties’ direct marketing purposes. Please note that California Civil Code Section 1798.83 permits California residents to request certain information regarding disclosure of such individuals’ personal information to third parties for such third parties’ direct marketing purposes. As noted in the “How We Use Personal Data” section above, your Personal Data may be subject to certain third parties’ privacy policies.
12. CCPA Categories of Personal Data Collected
|Categories of Personal Data||Examples|
|Identifiers.||Name, address, email address, telephone number, fax number, IP address, username and password, or other similar identifiers.|
|Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||Name, address, telephone number, financial information.|
|Commercial information.||Products or Services purchased, obtained or considered.|
|Internet or other similar network|
|Information on your interaction with our Services.|
14. Contact Us
Through our dedicated email address: [email protected]
- By our toll-free phone number: 1-800-732-7241
- By completing the Privacy Webform on our website to exercise your rights
- By contacting our U.S. or European office by mail, attn Privacy Team:
- 111 Broadway, Suite 603, New York, NY 10006, United States;
- Corsearch B.V. Naritaweg 114 1043CA Amsterdam / The Netherlands.