隐私政策

Last updated: May 1, 2026

Datadek Inc ("iteksurvey," "we," "us," or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains in detail how we collect, use, store, disclose, and safeguard your personal information when you access or use our platform, website, mobile applications, and related services (collectively, the "Platform"). We serve as a data controller for the personal data we process about our members. By using the Platform, you acknowledge that you have read and understood the practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of the Platform and contact us to request deletion of your data.

1. Information We Collect

When you register for and use our Platform, we collect several categories of information. Personal identification data includes your full name, email address, password (hashed and salted), phone number, postal address, and date of birth. Demographic and profile data includes your gender, year of birth, education level, employment status, occupation, industry, household size, annual household income range, marital status, ethnicity, country of residence, and language proficiencies. Behavioral and device data includes your IP address, browser type and version, operating system, device identifiers, screen resolution, time zone setting, and referring URLs. Usage data includes pages visited, features used, time spent on the Platform, clickstream data, and interaction patterns. Survey response data includes all answers you provide when participating in surveys, product tests, focus groups, interviews, and other research activities. We may also collect voluntary survey responses about your interests, purchasing habits, and lifestyle preferences to improve survey matching accuracy. Where permitted by law, we may receive supplemental information from third-party data providers to enhance our fraud detection capabilities and verify account information.

2. How We Use Your Information

We use the information we collect for multiple purposes that are essential to operating and improving the Platform. Matching and personalization: we use your demographic and profile data to match you with relevant surveys, product tests, and research studies, ensuring you receive invitations that align with your characteristics and interests. Payment processing: we use your account and payment information to calculate, process, and deliver rewards including cash payments via PayPal, gift cards, bank transfers, and other redemption options available in your country. Platform improvement: we analyze aggregated usage patterns, survey completion rates, and member feedback to improve our matching algorithms, user interface, mobile applications, and overall member experience. Fraud prevention and quality assurance: we monitor account activity, IP addresses, device fingerprints, survey response patterns, and completion times to detect and prevent fraudulent behavior, duplicate accounts, automated responses, and low-quality submissions. Communications: we use your email address and notification preferences to send survey invitations, account updates, reward confirmations, security alerts, and, with your consent, marketing communications about new features and promotions. Legal compliance: we process data as necessary to comply with applicable laws, regulations, legal processes, and governmental requests, including tax reporting obligations and anti-money laundering requirements.

3. Legal Basis for Processing

We process your personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). Under the GDPR, our legal bases for processing include: (a) Consent — we rely on your explicit consent for processing sensitive demographic data, sending marketing communications, and deploying non-essential cookies and trackers; (b) Contractual necessity — processing your data is necessary to perform our contractual obligations to you, including providing survey matching, processing reward payments, and maintaining your account; (c) Legitimate interests — we process data for our legitimate business interests, such as fraud prevention, platform security, service improvement, and internal analytics, where such interests are not overridden by your data protection rights; and (d) Legal obligation — we process data to comply with tax laws, regulatory requirements, and legally binding requests from law enforcement. Under the CCPA/CPRA, in the preceding 12 months we have collected the following categories of personal information: identifiers (name, email, IP address), commercial information (transaction records, reward history), internet activity (browsing data, interactions), geolocation data (IP-based country detection), professional or employment-related data, and inferences drawn from profile information. We do not sell personal data as defined under the CCPA, nor do we share personal data for cross-context behavioral advertising.

4. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to any third party for their own commercial purposes. We share data only in the following limited circumstances. Payment processors: to fulfill reward withdrawals, we share necessary information with payment service providers including PayPal, bank transfer networks, and gift card issuers, all of whom are contractually bound to protect your data and use it solely for payment processing. Cloud and infrastructure providers: we rely on third-party cloud computing services (including Amazon Web Services), content delivery networks, and database hosting providers to operate the Platform; these providers process data strictly on our instructions under executed data processing agreements. Research clients: survey responses are shared with research sponsors only in aggregated and anonymized form, stripped of direct identifiers such as name, email, and IP address; individual-level demographic attributes may be shared only when aggregated with a sufficient number of other respondents to prevent re-identification. Analytics providers: we may use analytics tools (such as Google Analytics) to understand Platform usage patterns; IP anonymization is enabled and data sharing with these providers is governed by data processing addenda. Legal and regulatory authorities: we may disclose information when required by subpoena, court order, or applicable law, or to protect the rights, property, and safety of iteksurvey, our members, and the public. Business transfers: in the event of a merger, acquisition, reorganization, or asset sale, member data may be transferred as part of the transaction, subject to the same privacy commitments and with advance notice to affected members.

5. International Data Transfers

iteksurvey operates globally, and your personal data may be transferred to, stored in, and processed in countries other than your country of residence, including the United States, where our primary servers and operations are located. When we transfer personal data from the European Economic Area (EEA), the United Kingdom, or Switzerland to countries that have not received an adequacy decision from the relevant regulatory authority, we implement appropriate safeguards to ensure an essentially equivalent level of protection. These safeguards include: (i) European Commission-approved Standard Contractual Clauses (SCCs), supplemented by additional technical and organizational measures where necessary; (ii) the UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU SCCs for transfers from the United Kingdom; and (iii) binding data processing agreements with all third-party service providers that impose data protection obligations no less protective than those in this Privacy Policy. We conduct transfer impact assessments to evaluate the laws and practices of the destination country and implement supplementary measures (such as end-to-end encryption, pseudonymization, and strict access controls) where necessary to mitigate any risks to your data. You may request a copy of the relevant transfer safeguards by contacting our Data Protection Officer at the address provided below.

6. Data Security

We implement and maintain a comprehensive information security program designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Our security measures include: encryption at rest using AES-256 and encryption in transit using TLS 1.3 for all data transmissions between your device and our servers; SOC 2 Type II certified data center infrastructure with 24/7 physical security, biometric access controls, redundant power, and environmental monitoring; annual independent penetration testing and vulnerability assessments conducted by qualified external security firms; a Web Application Firewall (WAF) and Distributed Denial of Service (DDoS) protection to defend against network-level attacks; role-based access controls with multi-factor authentication (MFA) required for all personnel accessing production systems; comprehensive logging, monitoring, and alerting through a Security Information and Event Management (SIEM) system; regular security awareness training for all employees and contractors; and an incident response plan tested annually through tabletop exercises. Despite these measures, no method of electronic storage or transmission is 100% secure. In the unlikely event of a data breach affecting your personal data, we will notify you and the relevant supervisory authority without undue delay, in accordance with applicable data protection laws.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. The following retention rules apply: Account data (including name, email, password hash, demographic profile, and preferences) is retained for the lifetime of your account plus a grace period of 30 days after account deletion, during which you may request reactivation; thereafter, all personally identifiable data is permanently deleted from our active systems. Survey response data is retained in de-identified form for research and statistical purposes indefinitely, as it no longer constitutes personal data once all direct and indirect identifiers have been removed. Transaction and payment records are retained for the period required by applicable tax and financial regulations (typically 7 years from the date of transaction) and thereafter securely deleted. Backups and disaster recovery copies may retain data for up to 90 days after deletion from active systems, with automatic expiration. If your account is subject to a legal hold (e.g., in connection with litigation or a regulatory investigation), data retention may be extended until the hold is lifted. You may request specific information about our retention periods for particular categories of data by contacting our Data Protection Officer.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data. Under the GDPR (for residents of the EEA, UK, and Switzerland): Right of access — you may request confirmation of whether we process your personal data and obtain a copy of that data along with information about the purposes of processing and categories of data involved. Right to rectification — you may request correction of inaccurate or incomplete personal data we hold about you. Right to erasure ('right to be forgotten') — you may request deletion of your personal data where there is no compelling reason for its continued processing. Right to restrict processing — you may request that we limit the processing of your data in certain circumstances, such as while we verify the accuracy of contested data. Right to data portability — you may receive your data in a structured, commonly used, machine-readable format and have it transmitted to another controller. Right to object — you may object to processing based on legitimate interests or for direct marketing purposes at any time. Under the CCPA/CPRA (for California residents): Right to know — you may request disclosure of the categories and specific pieces of personal data we have collected, the sources, the business purpose for collection, and the categories of third parties with whom we share data. Right to delete — you may request deletion of personal data we have collected, subject to certain exceptions. Right to opt-out — you may direct us not to sell or share your personal data (though we do not engage in such practices). Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights. To exercise any of these rights, please contact us at privacy@iteksurvey.com or use the self-service data export and deletion tools available in your account settings. We will respond to verified requests within the timeframes required by applicable law (typically 30 days, extendable by an additional 60 days for complex requests under CCPA).

9. Cookies and Tracking Technologies

Our Platform uses cookies and similar tracking technologies to provide core functionality, enhance security, analyze usage patterns, and improve your browsing experience. Cookies are small text files placed on your device by websites you visit. We categorize our cookie usage as follows: Essential cookies — these are strictly necessary for the Platform to function and cannot be disabled in our systems. They include session cookies for maintaining your login state, security cookies for preventing cross-site request forgery attacks, and load-balancing cookies for optimal performance. Analytics cookies — with your consent where required by law, we deploy analytics cookies (such as those from Google Analytics with IP anonymization enabled) to collect aggregate information about how members navigate the Platform, which pages receive the most traffic, and where technical errors may occur. Functional cookies — these cookies remember your preferences, such as your language selection, currency display, and notification settings, to deliver a more personalized experience. We do not use advertising, targeting, or third-party tracking cookies on our Platform. You can control cookie preferences through your browser settings; most browsers allow you to block or delete cookies, though doing so may impair Platform functionality. Where required by applicable law (including under the ePrivacy Directive in the EU), we display a cookie consent banner on your first visit, allowing you to accept or decline non-essential cookies. You may change your cookie preferences at any time through the cookie settings link in the Platform footer.

10. Children's Privacy

The Platform is intended for individuals aged 16 years and older. We do not knowingly collect, use, or disclose personal data from individuals under 16 years of age. During the registration process, we require all new members to confirm their date of birth; accounts that indicate an age below 16 are automatically blocked from registration. In compliance with the U.S. Children's Online Privacy Protection Act (COPPA) and similar laws in other jurisdictions, we do not process the personal data of children without verified parental consent. If we become aware that a person under 16 has registered for an account and provided personal data without verifiable parental consent, we will take immediate steps to delete such data and terminate the account. If you are a parent or legal guardian and believe your child has provided personal information to us, please contact us immediately at privacy@iteksurvey.com so that we may promptly investigate and take corrective action. We encourage parents and guardians to discuss online privacy practices with their children and to monitor their children's internet usage to ensure compliance with age restrictions on our Platform and elsewhere.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, technological developments, legal requirements, or the features and functionality of our Platform. When we make material changes, we will provide at least 30 calendar days' advance notice before the changes take effect. Notice will be provided through prominent posting on our website, in-app notifications, and, where the changes significantly affect your rights or our processing activities, direct email notification to the address associated with your account. The 'Last Updated' date at the top of this Privacy Policy will be revised to indicate when the most recent version was published. We encourage you to periodically review this Privacy Policy to stay informed about how we protect your personal data. Your continued use of the Platform after the effective date of any modified Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the revised policy, you must discontinue use of the Platform and may request deletion of your account and associated data before the changes take effect.

For questions about this Privacy Policy or to exercise your data protection rights, please contact our Data Protection Officer at privacy@iteksurvey.com or write to Datadek Inc, 159 N Wolcott St #2018, Casper, WY 82601, United States.