Privacy and Security Policies

We may collect and use your information when you use our B2B Sites. This Privacy Policy is part of our Terms of Use that apply to our B2B Sites (available here). We may update this Privacy Policy from time to time to reflect changes to our privacy practices, and when we do, we will update the “Last Updated” date at the top of the Privacy Policy. Your continued use of our B2B Sites after the “Last Updated” date constitutes your acceptance of the changes. If you do not agree to the changes, you should immediately stop using our B2B Sites. For material changes, we will provide additional notice as required by law. This Privacy Policy does not apply to information collected outside of our B2B Sites, where a separate privacy policy applies, or where information is governed by a separate agreement.

When you use our B2B Sites, you may provide us with information that identifies you or could be linked to you. We call this information your “Personal Information.” We and our Service Providers and Business Partners (see Section 4) may collect this Personal Information in several ways:

User-Provided Information. We may collect Personal Information directly from you, including the following:

• Contact Information, such as your name, email address, business phone number, and business address.
• Account Information, such as your username, password, and organization details if applicable.
• User-Generated Content and Feedback, such as information or content that you submit to us, including comments, photos, videos, audio, and text, that you send through our B2B Sites.

Automatically Collected Information. We may collect information from you automatically when you use our B2B Sites, including the following:

• Internet and Service Usage Information and Device Information, such as IP address, general location, unique ID number associated with your device, web browser and operating system information, device language, wireless connections you are using, referring page that linked you to our B2B Sites, your activities on our B2B Sites (including browsing and transaction history, pages, content), the next website you visit after leaving our B2B Sites, and search terms you enter on our B2B Sites or a referral site.
• Location Data, such as approximate location inferred from IP address or geographic location of your mobile device if you have consented to location services generally through your device’s settings or accepted our request for geolocation access.

Information Received from Third Parties. We may collect Personal Information from third parties, such as our Service Providers and Business Partners, including:

• Information from Public and Commercial Sources. In some instances, we may receive Personal Information and/or anonymous data about you from other parties, including our affiliates, Business Partners, Service Providers, and public or commercial data providers. Such information may be obtained online, offline, or from publicly available resources. We may combine this information with the information you provide and other data we already maintain. For example, we may use third-party services such as ZoomInfo to better understand and engage with businesses that visit our B2B Sites.

Sensitive Personal Information. We generally do not collect or process information classified as “Sensitive Personal Information” (as that term or analogous terms are defined under applicable privacy laws), such as data concerning health, race, ethnicity, or precise geolocation. We may allow for online payment for certain products and services, and you may be asked to provide financial or banking details to process such payments. This information is collected and processed directly by our third-party payment processor, Cybersource. We do not receive or store this information ourselves. Cybersource handles all payment information in accordance with its own Privacy Policy, available here.

We, along with our Service Providers and Business Partners, may use the Personal Information we collect from or about you for the following purposes:

• To Provide our B2B Sites: To operate, deliver, and maintain our B2B Sites and any other services you may request from us.
• To Monitor and Maintain Our B2B Sites: We may use limited Personal Information (such as IP address) to monitor system performance, diagnose issues, administer and troubleshoot our B2B Sites, analyze trends and usage patterns, and generate statistics.
• To Respond to Your Requests: To answer your questions, fulfill your requests, and provide customer support.
• To Communicate with You: We may send you marketing communications about our B2B Sites, promotions, and other information that may be of interest to you.
• To Improve Our B2B Sites: We may use your Personal Information to make our B2B Sites more stable and user-friendly, analyze service issues, improve the design and content of our B2B Sites, analyze how our B2B Sites are used, offer new sites, and develop new services and programs relating to our B2B Sites.
• To Provide Customer Service and Notices: To respond to your feedback, provide support, and send administrative updates, legal notices, or changes to this Privacy Policy or our Terms of Use.
• To Support Business Operations: For internal uses such as audits, market research, analytics, security, and performance monitoring.
• To Enforce Our Agreements: To uphold our Terms of Use, this Privacy Policy, and any other agreements between you and us.
• To Promote Safety and Prevent Fraud: To help protect the security of our B2B Sites and users by detecting, preventing, and responding to fraud, abuse, unauthorized access, and other security-related issues.
• To Comply with Legal Obligations: We may share your Personal Information when we have a good faith belief that disclosure is required by law, legal process, or regulatory authorities, including responding to lawful requests from public authorities.
• To Identify Business Visitors and Opportunities: We may use third-party service providers, such as ZoomInfo, to better understand and engage with businesses that visit our B2B Sites. These providers may collect information about site usage and match that information with data in their own databases.
• For Other Legitimate Purposes: Including
  • Any other purpose for which you provide Personal information;
  • Compliance with internal policies or legal/regulatory obligations;
  • Any other use disclosed at the time of collection;
  • Any use with your consent;
  • Any other purpose described in this Privacy policy.
• Use of Non-Personally Identifiable Information. We may aggregate and de-identify your data to operate, analyze, and improve our B2B Sites. We may share such non-personally identifiable information with third parties (including affiliates, agents, Service Providers, and Business Partners) for their own use.

We may sell, share, rent, or otherwise disclose (we refer to these actions together as “share”) your Personal Information with the following categories of third parties:

Subsidiaries and Affiliates. We may share your Personal Information with our subsidiaries and affiliates for operational, administrative, and business purposes consistent with this Privacy Policy.

Service Providers. We may share your Personal Information with third-party service providers, contractors, and vendors (together, “Service Providers”) who help us provide our B2B Sites and support our business. These Service Providers may perform functions such as hosting, data storage, analytics, customer support, email delivery, payment processing, marketing services, and security operations.

Business Partners: We use the term “Business Partners” to refer to our Marketing Partners and Analytics Providers, as detailed below:

Marketing Partners. We work with marketing partners who assist us in promoting our content, products, or services. We may share information about visitors to our B2B Sites with third-party business intelligence providers, such as ZoomInfo. These providers may use information collected from our site in combination with their own databases to provide us with enriched company and professional contact information. We use this information to identify and engage with prospective business customers.

Analytics Providers. We work with third-party analytics providers to understand user behavior and improve our B2B Sites. These providers may collect information such as IP address, device type, operating system, browser type; pages visited, time on site, links clicked, and search activity; session data such as heatmaps, click paths, and user flows. These providers may use Tracking Technologies (defined in Section 5) to analyze usage patterns and site performance; provide reports on user behavior and engagement; support product optimization; capture behavioral data.

Authorized Representatives. If you authorize another person to access your account or an associated email account, we may provide that person with access to your Personal Information in accordance with applicable laws.

Business Transfers. In the event of a merger, acquisition, divestiture, reorganization, bankruptcy, or sale of assets, we may transfer your Personal Information to a successor entity or buyer as part of that transaction.

With Your Consent. We may share your Personal Information for other purposes with your consent or at your direction.

We and our Service Providers and Business Partners may use cookies, pixels, tags, and other similar technologies (“Tracking Technologies”) on our B2B Sites to support essential site functions, understand how our B2B Sites are used, perform analytics, improve our services, maintain user preferences, and provide targeted marketing. This section outlines how we use these technologies and rights under the California Consumer Privacy Act (CCPA).

Information Collected Through Tracking Technologies. Tracking Technologies may collect the following categories of Personal Information:

• Unique identifiers (e.g., IP address, device ID, cookie ID)
• Internet or other electronic network activity (e.g., browsing history, clicks, usage data)
• Geolocation information (where available and permitted by your device settings)

For a complete list of categories of Personal Information we collect and their sources, refer to Section 2, Personal Information We Collect.

Purposes of Use. We use Tracking Technologies to:

• Operate and improve the functionality of our B2B Sites
• Analyze traffic patterns and user behavior
• Personalize your experience
• Deliver and measure targeted marketing (NOTE: We do not engage in targeted advertising on our B2B Sites.)

You can learn more about how we use Personal Information in Section 3, How We Use Your Personal Information

Some Tracking Technologies may be deployed by third-party Service Providers and Business Partners. These third parties may collect or receive data about your use of our B2B Sites over time and across different websites and online services for measurement purposes. To learn about the third parties with whom we may share Personal Information, see Section 8, Third Party Services and Sites.

Sale or Sharing of Personal Information. We do not sell or share (as those terms are defined under the CCPA and CPRA) your personal information to third parties in connection with our B2B Sites. We may share your information with Service Providers who perform services on our behalf. These parties are contractually bound to process personal information only as instructed and to implement appropriate security measures.

Your Privacy Requests. California residents may have rights under the CCPA, including the rights to:

• Know what Personal Information we collect
• Access, delete, or correct your Personal Information
• Limit the use of certain Personal Information, including data collected via Tracking Technologies

To learn more about how to exercise your rights, go to Section 9, Your Personal Information Choices.

Retention. We retain Personal information collected via Tracking Technologies as long as necessary for the purposes described above or as otherwise described in Section 12, Data Retention.

Below is a summary of the types of Tracking Technologies we use and how they may be applied:

Cookies. These are small text files stored by your browser on your device. They help us remember your login preferences, improve site performance and usability, and understand which areas of our B2B Sites are popular or need improvement. Similar to many other websites, if you have enabled cookies in your browser, we and our Service Providers and Business Partners may collect certain technical information using cookies to support these purposes. We may use the following types of cookies:

• First-party cookies, which are set directly by us when you interact with our B2B Sites; Second-party cookies, which are cookies set by a partner (such as a Business Partner or Service Provider) that we work with directly; and Third-party cookies, which are cookies set by third parties that do not operate the B2B Sites, such as analytics providers. These cookies are used for services such as analytics and authentication.
• Some cookies are essential cookies that are necessary for the B2B Sites to function. They enable core features such as secure login, session management, and access control. These cookies are always active and cannot be disabled. Some cookies are analytics cookies that collect aggregate information about B2B Site usage to help us improve our services. We do not use this data for targeted advertising. IP anonymization is enabled in our analytics configuration.
• Cookies may be session cookies, which expire when you close your browser, or persistent cookies, which remain on your device until deleted or they expire. You can remove persistent cookies by following directions provided in your web browser’s “help” file.

Pixels. Also known as web beacons or clear GIFs, pixels are tiny, transparent images embedded in web pages or emails that track your interaction with content. They help us: determine whether pages were viewed; set and read cookies; understand usage and engagement for analytics.

JavaScript. We use JavaScript and similar scripting languages to collect data about how you interact with our B2B Sites, such as mouse clicks, scrolling behavior, and page visits.

Identifiers. We may use various identifiers to recognize your device or browser, such as: device identifiers; hashed identifiers (created from data such as email addresses using cryptographic techniques); first-party identifiers (created and used internally by us). These identifiers may support user recognition and personalization.

Local Storage and HTML5. We may use HTML5 or other browser-based storage methods to save information about your use of our B2B Sites. This helps us tailor your experience and understand user behavior.

Tracking Technologies and Consent Management. We use a consent management platform to display cookie banners, record your Tracking Technology, preferences, and honor your choices. Depending on your location, you may also have the right to opt out of the “sale” or “sharing” of your personal information for marketing or business development purposes. Our use of third-party business intelligence providers, such as ZoomInfo, may constitute such a “sale” or “sharing” under California law.

For information about how to manage Tracking Technologies (including how to opt out of certain data uses), see Section 9, Your Personal Information Choices.

We take the security of your Personal Information seriously and are committed to protecting it. We implement at least commercially reasonable technical, administrative, and physical security measures designed to protect Personal Information collected through our B2B Sites against unauthorized access, use, or disclosure.

While we take steps to help safeguard your information, no method of transmission over the internet or electronic storage is completely secure. As such, we cannot guarantee the absolute security of your Personal Information. You use our B2B Sites, and provide your Personal Information, at your own risk.

If you create an account with us, you are responsible for maintaining the confidentiality of your account credentials, including your password. You are also responsible for any activity that occurs under your account. Please notify us immediately if you suspect any unauthorized use of your account or any other security incident.

Links to Third-Party Sites. Our B2B Sites may contain links or integrations with third-party websites, applications, or services, including hyperlinks, banners, embedded content, widgets, or plug-ins (“Third-Party Sites”). These Third-Party Sites operate independently from us and may have their own privacy policies and terms of use. We are not responsible for the content, privacy practices, or data handling policies of these Third-Party Sites. When you interact with Third-Party Sites, including by clicking a link or engaging with embedded content, any Personal Information you provide is subject to those parties’ privacy policies (and not ours). We strongly encourage you to review their policies to understand how your information is collected, used, and shared.

Google Analytics. We use Google Analytics, a web analytics service provided by Google LLC, to help us understand how users interact with our B2B Sites and to improve functionality, performance, and user experience. Google Analytics uses cookies and similar technologies to collect and analyze usage information, such as your browser type, pages visited, time spent on pages, and other data. We have configured Google Analytics to anonymize IP addresses before they are stored by Google. We do not use Google Analytics for advertising purposes, and we do not share personal data with Google through the B2B Sites. You can prevent your data from being used by Google Analytics by installing the Google Analytics Opt-out Browser Add-on (available here).

A- U.S. Residents:

Consent. By using our B2B Sites, you consent to the collection and use of your Personal Information as described in this Privacy Policy. Residents of many US States have state-law rights regarding use of their Personal Information. While some of these laws may not apply to not-for-profit organizations, we voluntarily honor privacy-related requests from residents of states with active comprehensive privacy laws.

Notice to California Residents. If you are a California resident, including when acting in a business-to-business context, you may have the following rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

• To Make Requests:

• • Right to Know – You may request information about the categories of Personal Information we collect, the sources of that information, our purposes for collection, and with whom it is disclosed.
  • Right to Delete – You may request that we delete certain Personal Information, subject to legal and operational exceptions.
  • Right to Correct – You may request that we correct inaccurate Personal Information we maintain about you.
  • Right to Limit Use of Sensitive Personal Information – We do not collect or use Sensitive Personal Information in our B2B Sites. We may allow for online payment for certain products and services, in which case Personal Information will be collected and processed through our third-party payment processor.

To make a request: (1) Submit a request by email or phone (see Section 13, Contact Us); (2) We may need to verify your identity before fulfilling the request; (3) Once you have verified your identity, we will comply with your request unless a legal exemption applies. You may also designate an authorized agent to submit requests on your behalf. We may request documentation to verify your identity and the authority of your agent before responding to certain requests.

• To Opt Out of Sale or Sharing
  • We do not sell or share (as those terms are defined under the CCPA and CPRA) Personal Information in connection with our B2B Sites.
  • You can opt out of our use of Tracking Technologies (other than those that are strictly necessary) through either the “Manage Your Privacy Choices” link or the Cookiebot icon (a small toggle logo) in the footer of the B2B Sites.
• To Non-Discrimination. We will not discriminate against you for exercising your privacy rights or choices contained in this Privacy Policy.
• To Data Retention Information. See Section 12, Data Retention.

Rights for Residents of Other U.S. States. If you are a resident of a U.S. state with comprehensive privacy law in effect (as of the Last Updated Date of this Privacy Policy, these states include: California, Colorado, Connecticut, Delaware, Florida, Iowa, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia), you may have rights similar to those provided under California law, including:

• To Make Requests:
• • Right to Know/Access – Request a summary of the personal data we collect, use, or disclose.
  • Right to Delete – Request deletion of personal data we hold about you, subject to lawful exemptions.
  • Right to Correct – Request correction of inaccurate personal data.
  • Right to Appeal – If we deny your request, you may have the right to appeal our decision.

To make a request: (1) Submit a request by email or phone (see Section 13, Contact Us); (2) We may need to verify your identity before fulfilling the request; (3) Once you have verified your identity, we will comply with your request unless a legal exemption applies. You may also be permitted to designate an authorized agent to submit requests on your behalf. We may request documentation to verify your identity and the authority of your agent before responding to certain requests.

• To Opt Out of Targeted Advertising, Sale, or Profiling:
  • We do not sell or share (as those terms are defined under applicable data privacy laws) Personal Information in connection with our B2B Sites.
  • You can opt out of our use of Tracking Technologies (other than those that are strictly necessary) through either the “Manage Your Privacy Choices” link or the Cookiebot icon (a small toggle logo) in the footer of the B2B Sites.
• To Non-Discrimination. We will not discriminate against you for exercising your privacy rights or choices contained in this Privacy Policy.

States without Comprehensive Privacy Laws in Effect. If you reside in a state that does not currently have an active comprehensive privacy law, you may not be able to make these privacy choices at this time. As state and federal laws change, we will be updating our privacy program.

B. Residents Outside the U.S.:

Consent and Tracking Technologies. A cookie banner will be displayed to you, which will invite you to give your consent, where applicable, and will provide further options about the management of Tracking Technologies.

Data Subject Access Requests (DSARs). Residents of some countries outside the US (such as the EEA, the UK, Switzerland, and other countries with similar privacy frameworks), may have the right to:

• Right to Access – Request access to the personal information we hold about you.
• Right to Rectify – Request correction of inaccurate or incomplete data.
• Right to Erasure – Request deletion of your personal data in certain circumstances.
• Right to Restrict Processing – Request restriction of processing under certain conditions.
• Right to Object – Object to our processing based on legitimate interests or direct marketing.
• Right to Data Portability – Receive a copy of your personal data in a structured, commonly used format.
• Right to Withdraw Consent – You may also withdraw any previously granted consent at any time without affecting the lawfulness of processing based on that consent prior to withdrawal.

To make a request: (1) Submit a request by email or phone (see Section 13, Contact Us); (2) We may need to verify your identity before fulfilling the request; (3) Once you have verified your identity, we will comply with your request unless a legal exemption applies. We will respond to your request without undue delay and within one month, unless an extension of up to two additional months is necessary  due to complexity or number of requests. If an extension applies, we will inform you within one month.

You may also designate a representative (authorized agent) to submit requests on your behalf. We may request documentation to verify your identity and the authority of your representative before responding to certain requests.

If you are not satisfied with our response, you may have the right to lodge a complaint with a supervisory authority. In the EU/EEA, this may be in the member state where you live, work, or where the alleged infringement occurred. In the UK, the supervisory authority is the Information Commissioner’s Office (ICO).

C. Choices Available to All Users:

Browser Settings. You can manage website cookies in your browser settings. All browser settings are slightly different, so to manage cookies, you should refer to the relevant settings within your browser. Refer to the links below for instructions:

• Mozilla Firefox
• Microsoft Internet Explorer 
• Microsoft Edge
• Google Chrome  
• Safari Mac
• Safari iPhone, iPad

Note: If you choose to change your settings, you may find that certain functions and features will not work as intended on our B2B Sites.

Third-Party Services and Sites. When you interact with third-party services as you use our B2B Sites, these third parties may collect and use your Personal Information independently of us, and your interactions with these third-party services are governed by their own privacy policies and terms of use. We encourage you to review them carefully. See Section 8, Third-Party Services and Sites, to learn more.

Our B2B Sites are not intended for use by individuals under the age of majority (typically 18 but may be higher in some jurisdictions). We do not knowingly allow anyone under the age of majority to submit Personal Information or User Content, make purchases, or otherwise engage meaningfully with the B2B Sites. We do not knowingly collect Personal Information from individuals under the age of majority. If we become aware that we have inadvertently collected Personal Information from someone under this age, we will delete it in accordance with applicable law. These restrictions apply globally, even if local laws would otherwise allow younger individuals to consent to data collection.

Certain data privacy laws, such as those in the European Economic Area (EEA), the United Kingdom (UK), and other jurisdictions, require us to explain the legal grounds on which we rely when processing your Personal Information. Where these laws apply, we may rely on one or more of the following legal bases:

• Consent: We may process your Personal Information where you have given us your clear, informed consent to do so, such as when you opt in to receive marketing emails. Where we rely on consent, you may withdraw it at any time. (see Section 9, Your Personal Information Choices).
• Contractual Necessity: We may process your Personal Information when it is necessary to enter into or perform a contract with you. This includes, for example, processing of Personal Information required to provide you with access to our B2B Sites or to respond to your service-related requests.
• Legal Obligation: We may process your Personal Information where we are required to do so by law, such as for tax, accounting, or compliance purposes, or to respond to valid legal requests.
• Legitimate Interests: We may process your Personal Information where it is necessary for our legitimate interests, or those of a third party, and where such interests are not overridden by your rights and freedoms. Our legitimate interests include:
  • Providing, maintaining, and improving our B2B Sites
  • Understanding and analyzing how users interact with our B2B Sites
  • Enhancing user experience and developing new features
  • Detecting and preventing fraud, abuse, and security threats
  • Marketing and promoting our content and services
  • Conducting business operations, compliance, and risk management
  • Ensuring the security of our systems and networks

Note: we rely on legitimate interests, you may object, and we will assess whether those interests override your rights or whether we must stop processing.

We retain your Personal Information for as long as necessary to fulfill the purposes for which it was collected, including to provide our B2B Sites, comply with legal obligations, resolve disputes, enforce our agreements, and protect our legal rights. Once retention is no longer necessary, we will securely delete or de-identify your Personal Information so that it can no longer be used to identify you.

To submit requests to access, correct, or delete Personal Information, whether for yourself or as an authorized agent, please do so via email ([email protected]) or by phone at 212.621.1599.

If you have any questions about this Privacy Policy or how your Personal Information is handled, you may contact us as follows:

The personal data processed by us in connection with your engagement includes names, postal addresses, email addresses, telephone numbers, bank details, passport details, visa information, VAT ID information, transaction details, next of kin information, Cintra ID, national insurance number, contribution to pension scheme.

We process this personal data for the following purposes and relying on the legal bases described below:

• As required to establish and fulfill a contract with you. This may include verifying your identity, allowing you to sign a contract with us, making payments, communicating with you, and providing support and assistance for your assignment or as you request;
• As required by AP to enable our business and pursue our and your legitimate interests, in particular:
  • we will use your information to provide services that AP or you have requested, and respond to any comments or complaints you may send us;
  • we may use your information to analyse previous reporting, assess resource levels, and make strategic decisions about AP priorities;
  • we monitor use of our systems, and may use your information to help us monitor, improve and protect the services we offer through our systems;
  • we may process your personal data in operating and enforcing the Bring Your Own Device to Work Policy;
  • we may share your information within AP to allow for your selection for various AP assignments and roles;
  • we may monitor any freelancer/independent contractor account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law; and
  • we may use information you provide to investigate and respond to any complaints received from you or from others.
• Compliance with applicable laws and protection of AP’s legitimate business interests and legal rights, including, but not limited to, use in connection with legal claims, compliance, regulatory, investigative purposes (including disclosure of such information in connection with legal process or litigation).
• Sometimes we will ask for your express consent for the processing of your personal data.

In addition, we may send you information about relevant assignments. If you wish to opt-out of receiving further communications from us, you will be able to advise the AP representative that retained you to close out your account or to make it inactive..

We may share your personal data within AP to allow for your selection for assignments and positions relevant to your interests and experience. We also share personal data within AP in the United States and the United Kingdom to administer the engagement of freelancers/independent contractors and manage operations and payroll, and analyze AP’s performance and the provision of the services.

Personal data may be shared with government authorities, law enforcement officials, legal advisors and other professionals, if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws. Personal data may also be shared with third party service providers, who will process it on behalf of the AP for the purposes above. Such third parties will include the providers of our systems, SAP and may also include providers of website hosting, maintenance, call center operation and identity checking.

In the event that the part of AP’s business which is relevant to the services you provide is sold or integrated with another business, your details may be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.

For the purposes described above, we may transfer your personal data to countries outside of your country of residence. For individuals in the UK or the European Economic Area (“EEA”), this may include countries that do not have equivalent data protection laws to the UK or the EEA. We take steps to ensure that your personal data is adequately protected, even when transferred outside the UK or the EEA. For more information on how we safeguard personal data that we transfer, please contact [email protected].

AP will retain information you provide in connect with your engagement for the length of any contractual relationship you have with us, and, to the extent permitted, after the end of that relationship for as long as necessary to perform the purposes set out in this notice, or for one of these reasons:

• to respond to any questions, complaints or claims made by you or on your behalf;
• to show that we treated you fairly;
• to keep records required by law.

Where provided for by law, you may be entitled to ask the AP for a copy of your information, to correct it, erase or restrict its processing, or to ask us to transfer some of this information to other organizations. You may also have rights to object to some processing. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data. In some instances, this may mean that we are able to retain data even if you withdraw your consent.

Where we require personal data to comply with legal or contractual obligations, then the processing of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship, or to meet obligations placed on us. In all other cases, provision of requested personal data is optional.

We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data or wish to exercise any of the rights referred to above, please contact [email protected]. You also have the right to complain to data protection authorities., in particular in the UK or the EEA member state in which you normally live or work, if applicable, or where any alleged infringement of data protection laws occurred. For example, the supervisory authority in the UK is the Information Commissioner, who may be contacted at ico.org.uk.

We may change this privacy notice from time to time, so please review it periodically. When we do, we will publish the new version in a place readily accessible to you.

ACCURACY

We hate inaccuracies, carelessness, bias or distortions. We will not knowingly introduce rumor or false information into material for publication or broadcast; nor will we distort visual content. Quotations must be accurate and precise. We preserve appropriate professional distance from those we cover.

TRANSPARENCY

We identify all the sources of our information in stories. We allow anonymous information from sources only under limited circumstances. Any use of anonymity must be approved by a news manager familiar with AP’s strict standards and who must be told the identity of the source of the information.

RESPECT OF COPYRIGHT

We never plagiarize content, and we respect others’ copyrights.

INDEPENDENCE

We guard our independence. We avoid any behavior or activities that create a conflict of interest, that compromise our ability to report the news fairly and accurately, free from outside influence or pressure.

Freelance journalists working for AP should work to remain impartial and avoid expressions of opinion in public forums or on social media that might compromise AP’s reputation as an unbiased and fair news source, such as commenting on public figures or public controversies.

HONESTY

We don’t misrepresent ourselves to get a story. When we seek an interview, we identify ourselves as AP journalists.

PRIVACY AND SAFETY

We balance the newsworthiness of a story with a reasonable respect for individuals’ privacy and safety interests. Freelance journalists working for AP are expected to conduct themselves in a way that does not cause undue risk or danger to themselves or others.

INTERVIEWS

We never pay newsmakers for interviews, to take their photographs or to film or record them. We do not provide full lists of questions in advance or allow interview subjects to approve our stories or images before publication.

FAIRNESS AND BALANCE

We work to be fair. Whenever we portray someone in a negative light, we must make a real effort to obtain a response from that person in the story. We work to provide balance in stories to reflect all important viewpoints and perspectives on a news event.

CORRECTIONS

When mistakes are made, they must be corrected – fully, quickly and transparently. Alert your manager immediately if you learn of an error in your work.

IMAGE INTEGRITY

We do not manipulate photos or video, adding or subtracting elements. If in doubt about permissible editing techniques, consult an AP editor or manager.

It is the responsibility of every freelance journalist or contractor working with AP to ensure that these standards are respected and reflected in their work.

If you perceive a conflict, or realize that you have, in the past, been involved in some conflict that would reflect badly on your work for AP, you must immediately notify your AP editor and the AP shall then determine whether your assignment may go forward. Examples of conflicts of interest are set forth below and include, but are not limited to the following:

1. You may not accept gifts or payments from sources, public relations agencies, corporations or others hoping to encourage or influence AP news coverage. You may accept trinkets of nominal value, $25 or less – for example, caps or mugs.
2. You may not sell for personal gain books, tapes, recordings or other items received for review or provided as promotional material for an event, person or company.
3. You may not accept free transportation, lodging, food or related goods or services, or any media discounts, or any preferential treatment (such as upgrades on flights or hotels) that may be offered because you are a contractor for the AP. You may accept shuttle bus rides or food at a news event, since the effect is to make it easier to do your job, without having to absent yourself.
4. You may not refer to books or commercial enterprises within your AP stories, with the intent to benefit the promoters of those books or enterprises – or for any other purpose other than their relevance to your AP assignment.
5. You may not own a financial interest in any company, enterprise or industry about which you write.
6. You may not buy or sell stocks or other securities with knowledge of a story that might affect their price, or while in possession of other nonpublic information; nor can you pass that information along to others who engage in stock transactions.
7. You may not engage in openly partisan or political behavior or expressions of opinion on contentious public issues, being mindful that positions you express publicly may damage the AP’s reputation as an unbiased source of news.

AP Playbook may store and process certain personally identifiable information which is necessary for the provision and support of AP Playbook. This may include, without limitation, user-provided phone numbers for opt-in SMS text notifications; user email addresses for login authentication; user location data, where the user has opted to share their location with other users via AP Playbook; and mobile device identifiers.

Other information (such as names, phone numbers, and email addresses) may be stored regarding non-users of AP Playbook, where such data has been entered into the system by an authorized user for the purpose of facilitating coverage of a news story.

Location Data

When using AP Playbook from a mobile device, users may share the geographic location of their device with the system. Such device location may be transmitted to AP Playbook whenever the AP Playbook mobile app is running (even if you are not actively using the app or it is running in the background on your device). Your device may continue to transmit its location to AP Playbook until you change your device settings.

If a user sets their device not to transmit location information to AP Playbook, the staff location mapping feature will be unable to show authorized colleagues the user’s location.

Service Usage Information

As is typical of many web sites and mobile applications, when you use AP Playbook, we may collect information about your device and your usage of AP Playbook including:

• Your IP address (which we may associate with your domain name or that of your Internet access provider or wireless carrier, and your location);
• Unique ID number associated with your device;
• Web browser and operating system information;
• Language of your device;
• Wireless connections you are using;
• Elements of the AP Playbook service you click or tap on during your use of AP Playbook.
• In addition, we may deploy tracking technologies to collect additional information about your use of AP Playbook, as set out in the “Cookies and other tracking technologies” section of the AP Privacy Policy.

How is your information used?

We may use the information we collect from or about you to perform the following functions:

• Enable you to use AP Playbook and its features;
• Conduct market research;
• Improve or develop new features and offerings in our provision and support of AP Playbook;
• Generate analytics reports on the usage of AP Playbook.

The uses specified above are necessary for the performance of a contract for the provision and support of AP Playbook or are based on our legitimate interests in improving the provision and support of AP Playbook and/or developing new AP services.

Some of the data we gather, including how users are using AP Playbook, and their unique IDs, may be shared with third-party providers of services to us, such as guided help or analytics, to assist with the purposes specified above.

Cookies and other tracking technologies

We, and/or our service providers or partners on our behalf, may use tracking technologies which may run on your device when you use AP Playbook. The circumstances in which we may deploy tracking technologies include:

• We may use cookies or local shared objects, such as “Flash cookies.” Cookies are small data/text files that store information, such as your preferences and account settings, on your computer. Similar to many other websites, if you have enabled cookies in your browser, we, independently and through enabled third- party tools and programs, collect certain technical information using cookies, such as browser type, browser language, the date and time of AP Playbook usage; and how it is being used.
• We may send instructions to your computer or device using JavaScript or other computer languages to gather the sorts of information described above and other details about your interactions with AP Playbook.

You can manage website cookies in your browser settings. You always have the choice to have your device warn you each time a cookie is being sent or change these settings by accepting, rejecting, or deleting cookies. If you choose to change your settings, you may find that certain AP Playbook functions and features will not work as intended.

Data Retention

Upon the termination of a contract governing a customer’s use of AP Playbook, AP will decommission the customer instance of AP Playbook. This will generally result in the destruction and/or return of customer data to the customer as agreed and detailed in the customer contract.

AP Systems and Security Obligations:

 AP implements the following security measures with respect to customer data processed or stored in AP Playbook:

• Encryption of data at rest using AES256 or higher (or equivalent technology), with the encryption key rotated on an annual basis.
• Encryption of data in motion using HTTPS/SSL, with TLS 1.2 or higher.
• Deployment of web application firewall(s), or equivalent technology, in the hosted environment in which AP Playbook is running.
• Provides continuous system monitoring with notifications of adverse events.

Data Security Breach:

A “data breach” is defined as any incident where the security or integrity of personal information or customer data in our care has been or may have been compromised.

In the case of such a data breach, AP’s corporate incident response plan will be activated, as appropriate, and we will notify any customer who may be impacted as promptly as possible given the specific circumstances. Where legally required to do so, we will also notify any applicable regulator.

In the event of a security issue identified by a customer, AP will investigate as soon as possible and provide a written response. AP will liaise with the customer to determine if the provision and support of AP Playbook need to be suspended until the issue is resolved and/or if a software update is required and agree an appropriate resolution path.

All personnel and contractors are obligated to follow the procedures detailed in this AP Playbook information security policy.

All personnel and contractors have a responsibility for reporting security incidents and any identified weaknesses.

Any deliberate act to jeopardize the security of information that is the property of The Associated Press or their customers or contractors will be subject to disciplinary and/or legal action as appropriate.

Review

The policy is reviewed regularly and, in the event of influencing changes, updated to ensure it remains appropriate for the business and ensures our ability to serve our customers.

Contact

Playbook Support at: [email protected]

Telephone:    +44 207 482 7707 (International – EMEA/APAC)

+1 202 641 9641 (Americas)