Privacy Policy for Data Quality Co-Op Tools
Overview
At Data Quality Co-Op ("DQC", "we", "our", "us"), we are committed to protecting the privacy and data security of our users and customers. This Privacy Policy outlines how we collect, use, disclose, and safeguard information, including data gathered through our device fingerprinting tool and third party API's. This policy is intended to comply with applicable privacy regulations, including the General Data Protection Regulation (GDPR) (EU) 2016/679 for users located in the European Economic Area (EEA).
Scope
This Privacy Policy applies to all users of our services and platforms, including those interacting with our device fingerprinting technology. In most cases, DQC acts as a data processor on behalf of clients (data controllers) who utilize our tools to ensure the quality and integrity of their data collection efforts. These clients are responsible for informing data subjects of processing activities where required.
Information We Collect
We use your browser's API to collect and analyze technical information about users' devices to support fraud detection, quality scoring, and identity validation. The following categories of data may be collected:
1. Identification and Session Data
- Timestamps and session durations
- Referring URLs and current page URL
- Incognito browsing detection
2. Device and Browser Information
- Browser name, version, and user agent string
- Operating system and device type
- Screen resolution, color depth, architecture, and fonts
- Cookie and JavaScript support
3. Network and IP Geolocation
- IP address (v4 and v6)
- Geolocation metadata: city, country, postal code, latitude/longitude, timezone
- ASN (Autonomous System Number) and ISP information
4. Security and Fraud Detection Signals
- VPN, Proxy, TOR usage
- Emulator and virtual machine
- Device tampering and developer tools usage
- Bot detection status
- Jailbroken or rooted status
- Anomaly scores and spoofing attempts
5. Behavioral and Usage Signals
- Session activity velocity across IPs and countries
- Device reuse and session frequency patterns
- High activity or automation detection
We use profiling techniques to generate fraud scores based on behavioral and technical patterns. These scores may be shared with clients to support decision-making (e.g., filtering invalid survey entries). Fully automated decisions with legal or similarly significant effects are not made by DQC, and individuals may request further information or contest decisions.
How We Use the Data
The data collected via our javascript library is used strictly for:
- Identifying unique visitors and distinguishing fraudulent traffic
- Enforcing quality controls across surveys and data transactions
- Preventing abuse, automation, and bot traffic
- Enhancing the security and integrity of our platform
- Conducting analytics and improving user experience (in aggregate and anonymized form)
Legal Basis for Processing
We process personal data based on the following lawful bases under GDPR and other applicable privacy regulations:
- Legitimate Interest: To ensure the security, integrity, and quality of our services
- Consent: When legally required, we seek user consent for fingerprinting
The specific legal basis may vary depending on whether DQC is acting as a data controller or a processor on behalf of a client.
Data Sharing and Disclosure
We do not sell, rent, or lease personal data to third parties. Data may be shared only in the following circumstances:
- With trusted third-party processors (e.g., hosting or security providers) under strict confidentiality agreements
- When required by law, regulation, or legal process
- In the case of a merger, acquisition, or asset sale, where users will be notified in advance
Data Retention
We retain device fingerprinting and associated data for as long as necessary to:
- Fulfill the purposes outlined above
- Comply with legal obligations
- Resolve disputes and enforce agreements
Where possible, data is anonymized and/or aggregated to reduce sensitivity over time.
Data Subject Rights
Depending on your location, you may have rights including:
- Accessing the personal data we hold about you
- Requesting correction, deletion, or restriction of processing
- Objecting to processing for legitimate interest
- Withdrawing consent (where applicable)
- Filing a complaint with a supervisory authority
To exercise your rights, please contact us at: contact@dataqualityco-op.com
If your data was collected by one of our clients using our services, we may direct your request to the appropriate data controller for handling.
Cookies and Tracking Technologies
We do not rely on cookies for fingerprinting. Our fingerprinting tool operates independently of browser storage, using passive signals from the device and browser environment.
In jurisdictions that require cookie banners or consent tools, we expect our clients to integrate consent mechanisms as appropriate.
International Data Transfers
Our services involve data processing in the United States. We ensure appropriate safeguards are in place when transferring data internationally, including Standard Contractual Clauses where necessary.
We regularly assess data transfer mechanisms in accordance with the GDPR and applicable regulatory guidance (e.g., Schrems II).
Security Measures
We implement technical and organizational measures to protect data, including:
- End-to-end encryption
- Secure storage and transmission protocols
- Strict access controls
- Security audits
Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or regulatory obligations. The latest version will always be available on our website.
Contact Us
If you have any questions or concerns regarding this Privacy Policy or our data handling practices, please reach out to:
Data Quality Co-op
Email: contact@dataqualityco-op.com
Website: https://dataqualityco-op.com