Privacy Notice
Last updated: September 2024
1. WHO DOES THIS PRIVACY NOTICE APPLY TO?
1.1. This Privacy Notice applies to Frontier Strategy Group, LLC (FrontierView) with registered offices at 77 Marsh Wall, London E14 9SH England, company number 07028379. We provide a subscription-based market intelligence platform as well as bespoke marketing strategy plans. We are a wholly owned subsidiary of Fiscal Note Inc. with registered offices at 1201 Pennsylvania Avenue NW, 6th Fl. Washington D.C. 20004. Fiscal Note Inc.is a global technology and media company that provides policy data, news, analytics, and workflow tools to help organizations assess and act on risk. FrontierView and Fiscal Note act as Joint data controller’s for the processing of personal data covered within this privacy notice.
1.2. We are committed to protect and process personal data entrusted to us in a correct and transparent manner, in particular in accordance with the applicable legislation and, in particular, the General Data Protection Regulation 2016/679 of 27 April 2016 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
Please follow the links below for further information:
2. WHAT IS COVERED BY THIS PRIVACY NOTICE?
2.1. This notice relates to the collection and processing of personal data where FrontierView and Fiscal Note Inc. are Joint Data Controllers. It does not cover processing we do in relation to the Software as a Service and other services that we provide to our client’s employees, in that regard FrontierView is the data processor acting on the instruction of our client.
2.3. Our website may contain links to other websites. While we try to link only to websites that share our high standards regarding data protection, we are not responsible for the content or policy regarding data protection of those websites. This Privacy Statement only relates to data collected by us. When linking to the Sites, we strongly recommend you to first review the Privacy Statements on these websites, before disclosing any personal information. Please be aware that, when you visit our page on Facebook, Instagram, LinkedIn or Twitter whether or not using the shortcut on our website, cookies are used by Facebook and Instagram. In this way, we can obtain more information – in a complete anonymised way – about the public that visits our Facebook, Instagram, LinkedIn and Twitter pages.
For more information about why and how personal data are processed in this respect, we refer to the privacy and cookie policies of both Facebook and Instagram:
Privacy and cookie policy Twitter
3. FOR WHAT PURPOSES DO WE PROCESS PERSONAL DATA?
3.1. I AM A WEBSITE VISITOR, LEAD OR OPPORTUNITY
We only process your personal data for legitimate business reasons. These purposes include, but are not limited to:
dealing with enquiries, requests and complaints sent to general contact addresses or via online forms;
sending newsletters;
gathering statistics about the use of the Sites;
Sending you marketing materials regarding our products and services
improving this Sites’s performance and design.
3.2. I AM (A CONTACT PERSON OF) A CLIENT, A SUPPLIER OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT OR A CONSUMER)
We process your personal data for legitimate business reasons. These purposes include, but are not limited to:
customer and supplier management;
consumer management;
business contacts management;
orders and supply management;
invoicing and accounting;
providing information on our company, products, services and special offers;
the good organisation of our services;
direct marketing and sales;
marketing purposes;
dealing with enquiries, requests and complaints;
dispute management;
public relations;
statistics and market research;
safety;
access control;
respecting our legal obligations.
4. WHAT DATA DO WE COLLECT AND ON WHAT LEGAL GROUNDS DO WE PROCESS YOUR PERSONAL DATA?
4.1. I am a website visitor Lead or Opportunity
4.1.1. WHEN YOU VISIT OUR WEBSITE OR CONTACT US VIA A GENERAL CONTACT ADDRESS OR VIA AN ONLINE CONTACT FORM, (E.G. FOR REQUESTING A DEMO) OR HAVE BEEN IDENTIFIED AS A LEAD OR OPPORTUNITY WE WILL COLLECT THE FOLLOWING INFORMATION:
Contact Details e.g. your Name, email address, telephone number, your job role, your company so we can respond to your enquiry and provide information about our products and services
Internet Protocol address, browser type, browser language, referring URL, files accessed, errors generated, time zone, operating system and other visitor details collected in our log files to analyse the trends, administer the website, track visitor’s movements and to improve our website
Video/ audio recordings of online meetings, or telephone calls
Our Lawful Basis for processing is this data is legitimate interests (namely the interest to handle your enquiries, requests and customers in the best possible way). In this respect we will always determine case by case whether our interests outweigh your interests, fundamental rights and freedoms. If you want more information about this, you can always contact us via privacy@fiscalnote.com.
4.2. I AM (A CONTACT PERSON OF) A CLIENT, A SUPPLIER OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT OR A CONSUMER)
4.2.1 7.3.1. The personal data that we collect may include the following:
standard identification and contact data (e.g., name, address (private/work), telephone number (private/work), e-mail address (private/work), your profession;
financial data (e.g. bank account number); – employment data (e.g. organization you work for, job title);
the information you provide us in forms (e.g. contact forms) and to all possible services and communication channels that we offer;
data about how you use our products and services;
information about delivered products and/or services;
data about how you interact with us and other similar information.
Video/ audio recordings of online meetings, or telephone calls
Our Lawful Basis for processing is this data is Contract.
5. WHAT ARE YOUR RIGHTS?
5.1. EU and UK Residents
Access: gain access to your personal data and receive a copy thereof;
Rectification: ask that we update or correct your personal data when you believe they are incorrect or incomplete;
Erasure: ask that we delete your personal data, or restrict the way in which we use such personal data when you believe that we no longer have a lawful ground to process it;
Restriction: restrict the processing of your data while we consider an erasure or rectification request
Object: Object to the processing of your data where we are processing your data under the contract or legitimate interest lawful basis
Withdraw consent to the processing of your personal data (to the extent such processing is based on your consent);
Data Portability: receive your personal data you provided digitally to us in a structured, commonly used and machine-readable format and to transfer such data to another party;
5.2. You also have the right to object at any time to the processing of personal data for direct marketing by contacting us (see below) or by clicking the unsubscribe link in the direct marketing messages we sent. In that case, we will no longer process your personal data for direct marketing purposes.
5.3. In order to exercise any of the abovementioned rights, you can:
send an e-mail to: privacy@fiscalnote.com
send a written query to: 1201 Pennsylvania Ave, Washington, D.C. 20004 to the attention of the Legal Department Compliance Associate. You may also use these contact details if you wish to make a complaint relating to the processing of personal data.
5.2 US Privacy Rights
If you live in California, Colorado, Connecticut, Iowa, Utah or Virginia you have the following rights over your consumer data (please note the definition of consumer data varies from state to state. If you are resident in California, your data could be considered consumer data (other states will be considered on a case-by-case basis).
· Right to Know/ Access. You have the right to request information on, the personal information we collected about you in the last 12 months, including the categories of personal information, the categories of sources from which your personal information was collected from, the business or commercial purpose for collecting, selling, or sharing your personal information, the categories of third parties to whom we disclosed your personal information to, and the specific pieces of personal information we have collected about you
· Right to Delete. (Excluding Utah) You have the right to request that we delete Personal Data that we have collected from you, subject to certain exceptions
· Right to Correct. (Excluding Iowa and Utah) You have a right to request that we correct inaccurate Personal Data that we maintain on you
· Right to Opt Out. (Excluding Iowa) You have the right to opt out of the sale of your Personal Data. However please note that we do not sell your Personal Data
· Right to No Discrimination. (California Only) You have the right not to receive discriminatory treatment by us for the exercise of your privacy rights. This includes employee, applicant, or independent contractor rights to not to be retaliated against for the exercise of your privacy rights. We will not discriminate against you, in any manner prohibited by applicable law, for exercising these rights
This Privacy Notice provides the required notices to California consumers.
Neither FrontierView or Fiscal Note does not presently sell any personal information to third parties for any purpose.
To make a “request to know” or “request to delete” your personal information, send us an e-mail at privacy@FiscalNote.com (Please put either “Request to Know” or “Request to Delete” in the subject heading of your email.) You may also submit these requests via an online form (available at this link).
We will honour these requests for US individuals whether or not you are a California consumer under the The California Consumer Privacy Act (CCPA). We will confirm receipt of your request within 10 days along with a description of what steps we will take to verify and respond. We must provide the requested information or delete your personal information within 45 days of receipt of your request. If necessary, we can take up to an additional 45 days, but we must let you know the additional time is needed.
When contacting us, we may ask you to provide certain, limited personal information, such as your name, email address and/or account login ID and/or password, to verify your request and to match with our records and systems. This is also to protect against fraud. We will not retain this personal information or use it for any other purpose. Also please be advised that we need to search our records and systems only for the preceding 12 months.
Pursuant to California’s “Shine The Light law” (California Civil Code § 1798.983), California residents are entitled, once a year and free of charge, to request the disclosure of certain categories of personal information to third parties for their own direct marketing purposes in the preceding calendar year, if any. Under the law, a business should either provide California customers certain information upon request or permit California customers to opt out of this type of sharing. You may request this information by contacting us at privacy@FiscalNote.com and indicate in the email subject line, “California Shine The Light Request.” Please include your mailing address, state of residence and email address with your request.
5.4. Complaints
If you are unhappy with the way we handle your personal data, you have the right to complaint to the relevant US State, Data Protection Supervisory Authority in which you reside. For UK Residents this is the Information Commissioner Office Make a complaint | ICO, If you are an EU Resident you can find the contact details of the relevant Supervisory Authority Our Members | European Data Protection Board (europa.eu)
7. HOW DO WE OBTAIN PERSONAL DATA?
7.1. I AM A WEBSITE VISITOR, LEAD OR OPPORTUNITY
We may obtain your personal data when you use the Sites and the applications offered thereon (e.g. contact form, demo request form). We may also obtain your data when you contact us via the contact details mentioned on the Sites.
We may receive information about you from event partners if you sign up for an event we are involved in and the registration is through the partner’s site. We may also receive information about you from our clients or from information publicly available via web searches. We also work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, ABM vendors, search information providers and credit reference agencies) and may receive information about you from them.
7.2 I AM (A CONTACT PERSON OF) A CUSTOMER, A SUPPLIER OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT OR A CONSUMER)
7.2.1 We may obtain your personal data in the framework of the execution of our business activities.
7.2.2 We may obtain such personal data because you give it to us (e.g. by contacting us), because others give it to us (e.g. third party service providers that we use in the framework of our activities) or because they are publicly available. We may also obtain your personal data through the way you interact with us.
6.3.3 When we obtain your personal data from external parties, we make reasonable efforts to enter into contractual clauses with these parties obliging them to respect the relevant data protection legislation. This can for example be done by obliging this party to provide you with all necessary information or – if necessary – to obtain your consent for processing the personal data as described in this Privacy Statement.
7. WHO WE SHARE YOUR DATA WITH?
7.1. I AM A WEBSITE VISITOR, LEAD OR OPPORTUNITY, OR I AM (A CONTACT PERSON OF) A CUSTOMER, A SUPPLIER OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT OR A CONSUMER)
We may share your personal data in the following circumstances:
· Where we are using contracted service partners for services such as IT, Our CRM provider, web conferencing and telephone services, Chatbot provider, Cloud hosting and system administration, email communications, analytics and research, data enrichment, survey providers and customer support. All these purposes and legal bases for processing are done in accordance with the information provided above
· we may share your details internally within the Fiscal Note Group of companies in order to improve the service offering and range of services we provide, for the good administration and control of the business, marketing, reporting and account management purposes. Our group companies are data controllers in their own right. A list of Group Companies can be found here About | FiscalNote
· Where you interact with third party social media companies either through our website or directly through your social media profiles your data will be shared by you with them. This is also the case if you do not switch off third party cookies where advertising, targeting and analysis is concerned. These parties are likely to be data controllers in their own right.
· To any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
· To a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Notice;
· To enforce or apply our Terms of Service or other agreements or to protect FrontierView and Fiscal Note Inc. and its customers (including with other companies and organisations for the purposes of fraud protection, credit risk reduction and debt collection)
We do not sell our client’s, website visitor’s Lead or Opportunity data.
8. INTERNATIONAL TRANSFERS.
Your personal data may be transferred to Fiscal Note Inc, based in the USA and other subsidiaries within the Fiscal Note Group of companies based outside the European Economic Area in order to provide our Services. We have and Intra Group Sharing Agreement which includes the Standard Contractual Clauses (SCC’s) approved by the European Commission (art. 46 GDPR) and the UK’s International Data Transfer Addendum. We have also undertaken Transfer Impact Assessments to identify any additional safeguards and security measures to protect the rights and freedoms of individuals.
Fiscal Note Inc is also registered with the EU/ US Data Privacy Framework.
Where we use service providers based outside the EEA such as IT providers or our CRM provider, we ensure that there is a legally binding contract and a lawful transfer mechanism in place prior to any transfers in place. The legal mechanism which we use are either a transfer to a country with an adequacy decision or in the case of US suppliers that the company is registered with the EU/ US Data Privacy Framework, using European Commission Standard Contractual Clauses & The UK International Data Transfer Addendum, Binding Corporate Rules and appropriate Transfer Impact Assessments are undertaken to identify any additional safeguards required.
If you need any clarification about your personal data being shared within our Group of companies and transfers to the United States or other third countries or to obtain a copy of the SCC’s, please contact privacy@fiscalnote.com
9. WHAT COOKIES DO WE USE AND HOW CAN YOU MANAGE THEM?
We may use session and/or persistent cookies with respect to FrontierView and Fiscal Note Services. We may, from time to time, retain an independent third party to perform an analysis of the statistical and aggregate data and other information with respect to our Services. Such aggregated information is not personally identifiable and is used to improve the functionality and/or use of our Services and future product offerings. Such third parties may, at their option, employ the use of cookies in the provision of their third-party services. FiscalNote does not have access to these third-party cookies nor are we responsible for them. For more information about our use of cookies, please see our “Cookie Policy.”
10. ARE YOUR PERSONAL DATA PROTECTED?
10.1. We employ strict technical and organizational (security) measures to protect your personal data from access by unauthorized persons, against unlawful processing, misuse, damage, loss and destruction both online and offline.
10.2. These measures include for example:
Training to relevant staff to ensure they are aware of our privacy obligations when handling personal data and disciplinary action in the event of non-compliance;
Immediate deletion of data if not relevant anymore (e.g. because the information is outdated);
Termination or suspension of the access to or license of the platform in case of a violation of the FiscalNote Terms of Service Agreement and/or the Security Policy;
Password protection and access control by appropriate Fiscal Note personnel;
Network security and intrusion detection systems to protect the platform against sophisticated attacked and to minimize vulnerabilities;
Cloud computing infrastructure which provides redundancy and high availability at every level, from multiple Tier- ISP connections, redundant networking equipment and servers;
Hosting of the platform in secure SOC 2 Type II certified facilities that are protected from physical attacks and from natural disasters. The data centres are monitored on a 7×24 basis and entrance to the data centres is controlled and restricted to a select group of authorized personnel. Multiple forms of authentication must be used in order to enter any such data centres;
Security incident management;
Recovery, contingency and emergency plan.
10.3. In a cloud computing environment, certain computer resources may at some point fail to operate – Fiscal Note has designed its infrastructure in light of that potential failure. The core cloud computing infrastructure provides redundancy and high availability at every level, from multiple Tier-1 ISP connections, redundant networking equipment, and servers. Fiscal Note’s Services are built on this infrastructure with the ability to quickly add or change service capacity in response to customer load or in an uncommon situation where a compute infrastructure experiences a failure. Fiscal Note monitors each of its Services critical performance metrics to track availability and performance. Fiscal Note periodically backs up appropriate data across multiple servers so as to protect that same data in the event of a service failure.
10.4. Fiscal Note Services are hosted in secure, SOC 2 Type II certified facilities that are protected from physical attacks and from natural disasters. Such data centres are monitored on a 7×24 basis and entrance to the data centers is controlled and restricted to a select group of authorized personnel. Multiple forms of authentication must be used in order to enter any such data center and the data centres are guarded and protected 7 days a week, 24 hours a day.
10.5. Although we use appropriate security measures once we have received your personal data, the transmission of data, especially over the internet (including by e-mail), is never completely secure. We endeavor to protect your personal data, but we cannot guarantee the security of data transferred to us or by us. We limit access to your personal data to persons who reasonably need that information in order to carry out their jobs.
11. HOW LONG WILL YOUR PERSONAL DATA BE STORED?
11.1. I AM A WEBSITE VISITOR, LEAD OR OPPROTUNITY
11.1.1. Your personal data will not be stored longer than necessary for the abovementioned purposes.
11.1.2. As a general rule, personal data obtained through the Site are stored for a period of 5 years. Personal data processed in the context of direct marketing, for example for our newsletters, will in principle be stored for a period of 5 years from the last contact with our company. However, we can store your personal data longer for these purposes if in the meantime you have become our customer, namely for a period of 7 years from the delivery of products or services, or from the last contact with our company if that would take place later.
11.1.3. Depending on the specific situation we may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer: (i) as long as is necessary for the activity or service concerned; (ii) any retention period that is required by law; or (iii) the prescription period wherein litigations may be instituted.
11.3. I AM (A CONTACT PERSON OF) A CUSTOMER, A SUPPLIER OR ANY OTHER INDIVIDUAL WHOSE PERSONAL DATA ARE PROCESSED (E.G. A VISITOR, A BUSINESS CONTACT OR A CONSUMER)
11.3.1. As a general rule, personal data in the framework of the use of our services are stored for a period of 7 years as from the end of the contractual relationship (including warranty periods and after-sales services).
11.3.2. Personal data processed in the context of direct marketing, for example for our newsletters, will in principle be stored for a period of 5 years from the last contact with our company. However, we can store your personal data longer for these purposes if in the meantime you have become our customer, namely for a period of 10 years from the delivery of products or services, or from the last contact with our company if that would take place later.
11.3.3. Depending on the specific situation, we may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer: (i) as long as is necessary for the activity or service concerned; (ii) any retention period that is required by law; or (iii) the prescription period wherein litigations may be instituted.
12. ARE YOUR PERSONAL DATA USED FOR AUTOMATED DECISION-MAKING?
12.1. Automated decisions are defined as decisions about individuals that are based solely on the automated processing of personal data, and that produce legal effects, and that significantly affect the individuals involved. As a rule, personal data will not be used for automated decision-making. We do not base any decision about you solely based on automated processing of personal data (also not in the context of our recruitment procedure).
13. COMPLAINTS AND QUERIES
FrontierView and Fiscal Note Inc. tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We would encourage you to bring it to our attention if you think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures or this privacy notice.
If you are unhappy with the way we handle your personal data, or would like any further information about our data protection and privacy practices please contact us at privacy@fiscalnote.com
16. FORUMS / CHAT / BLOGS / DIRECTORY
If you choose to use a bulletin board or directory, import a blog, or participate in a chat room, you should be aware that any personal data you choose to provide there can be read, collected and/or used by other parties and that such personally identifiable information could be used to send you unsolicited messages.
FrontierView and Fiscal Note are not responsible for any personal data that you choose to submit with respect to these forums.
17. ANONYMOUS DATA
FrontierView and Fiscal Note may accumulate and aggregate certain anonymous statistical and related data in order to improve the performance and functionality of its Services, to develop new products and/or Services or to analyze the usage of FiscalNote’s Services.
FrontierView and Fiscal Note may use aggregated anonymous data for such purposes as FiscalNote, in its sole discretion, deems to be appropriate.
21. CHANGES TO THIS PRIVACY NOTICE
We may modify this Privacy Notice from time to time. To let you know when we make changes to this Privacy Notice, we will amend the revision date at the top of this page. The new modified Privacy Notice will apply from that revision date.
Currently, our systems do not recognize browser-based “do-not-track” requests.