General Website Privacy Notice by Cint AB
Effective Date: July 7, 2017
Last Revised: July 8, 2026
This privacy notice does not apply to personal data processed in connection with Cint’s market research platform services, which are governed by separate agreements and notices. See below:
A. If you are a survey participant of Entscheiderclub.de, Clubdecideurs.ch, Clubdecisionisti.ch, please go to your profile directly. You can access your personal data and request deletion in your profile.
B. If you are a survey participant of any panel, please reach out directly to your panel provider. It is the company who is paying you for your survey participation. You can also find the name from the link of the survey.
Cint AB (and any reference to Cint AB shall include Cint’s parents, affiliates, and subsidiaries, collectively “Cint”) is a global technology company that maintains an online insights exchange platform that connects community owners to researchers, agencies and brands, for the sharing and accessing of consumer data. Headquartered in Stockholm, Sweden, Cint has offices in major cities across Europe, North America and Asia-Pacific.
All references in this Privacy Notice to Cint include Cint and its parent, subsidiary and affiliated companies. All references to “us” or “we” refer to Cint.
1. Scope and Who This Notice Applies To
This Privacy Notice applies to individuals who visit or interact with Cint’s website, including prospective customers, existing clients, event attendees, and anyone who contacts us directly.
2. Personal Data and Personal Information We Collect
We collect the following categories of information:
2.1. Identity and contact data: name, job title, employer, business email address, postal address, and telephone number.
2.2 Usage and technical data: IP address, browser type, operating system, Internet service provider, referring and exit pages, date and time stamps, and clickstream data, collected automatically via log files and similar technologies.
2.3. Communications data: the content of enquiries, requests, records of products and other messages you send to us.
2.4. Marketing preferences: your preferences for receiving marketing communications and your responses to those communications.
2.5. Cookie and tracking data: information collected through cookies and similar tracking technologies as described in 4. Above and in our [Cookie Policy].
2.6. Inferences drawn from the above to create a profile about preferences or interests.
We do not intentionally collect Sensitive Personal Information (as defined under the California Privacy Rights Act (“CPRA”)) or special category data (as defined under the General Data Protection Regulation (“GDPR”)) through this website.
Sources of personal data: We collect personal data directly from you (through the website, forms, email, telephone, and events), automatically (through cookies and log files), and occasionally from third parties such as conference organizers, event sponsors, industry registration, data providers or publicly available sources.
3. Categories of Third Parties to Whom We Disclose Personal Information
We disclose personal information to the categories of third parties described in section 6, including Cint group companies, service providers, and legal or regulatory authorities
| Name | Area | Categories of data | Data subjects | Personal Data Types | Processing activities | |
|---|---|---|---|---|---|---|
| Hubspot | Marketing | Analytics, Marketing, SaaS | Marketing Prospects, Website Visitors | Contact, Device ID, User Account Information, User Survey | Customer Relationship Management, Marketing | CRM software for enterprises |
| Google analytics | Analytics | Analytics, Marketing, SaaS | Customer Users, Customers, Marketing Prospects, Website Visitors | Contact, Device ID, IP Address | Web analytics Customer Relationship Management, Marketing | SaaS for websites |
| Amplitude | Analytics | Analytics, Marketing, SaaS | Marketing Prospects, Website Visitors | Contact, Device ID, IP Address, User Survey | Web analytics Customer Relationship Management, Marketing | SaaS for websites |
| Marketing | Analytics, Marketing, SaaS | Customer Users, Customers, Marketing Prospects, Website Visitors | Device ID, IP Address, User Account Information, User Survey | Web analytics Customer Relationship Management, Marketing | SaaS for websites | |
| Salesforce | Marketing | Analytics, Marketing, SaaS | Customer Users, Customers, Marketing Prospects, Website Visitors | Contact, Device ID, Email Address, Employer, IP Address, Job Details, Name, User Account Information, User Survey | Web analytics Customer Relationship Management, Marketing | CRM software for enterprises |
| Appolo.io | Analytics | Analytics, Marketing, SaaS | Customer Users, Customers, Marketing Prospects, Website Visitors | Device ID, IP Address, User Account Information, User Survey | Web analytics Customer Relationship Management, Marketing | Marketing software for websites |
| YouTube | Analytics Videos | Analytics, Marketing, SaaS | Customer Users, Customers, Marketing Prospects, Website Visitors | Device ID, IP Address, User Account Information, User Survey | Web analitics Customer Relationship Management, Marketing | Video |
4. Sale and Sharing of Personal Information
Cint does not sell your personal information for monetary consideration. Cint may share personal information with third-party advertising or analytics partners in ways that may constitute “sharing” under the CCPA (i.e., sharing for cross-context behavioral advertising purposes). You have the right to opt out of such sharing at any time — see clause 11.5 below.
5. Minors Under 16 – Children
We do not knowingly collect, process, sale or share personal information of consumers below 16 years old. If we become aware that we have inadvertently collected personal data from a child below the applicable age threshold, we will promptly delete it. If you believe we have collected data from a child, please contact us at privacy@cint.com.
6. Legal Bases for Processing (EEA, UK, and Switzerland)
Where the GDPR or equivalent legislation applies, we process your personal data on the following legal bases:
6.1. Legitimate interests (Article 6(1)(f) GDPR): to respond to your enquiries, manage our business relationship with you, improve our website, prevent fraud, and send direct marketing to existing and prospective business contacts where permitted by applicable law. We have carried out a legitimate interests assessment and concluded that our interests are not overridden by your interests or fundamental rights in these contexts.
6.2 Performance of a contract or pre-contractual steps (Article 6(1)(b) GDPR): where processing is necessary to take steps at your request before entering into a contract, or to perform our obligations to you.
6.3 Compliance with a legal obligation (Article 6(1)(c) GDPR): where processing is required by law.
6.4 Consent (Article 6(1)(a) GDPR): where you have given us specific, informed, and freely given consent, including for non-essential cookies and for certain direct marketing activities. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.
7. How We Use Your Personal Data
We use the personal data we collect for the following purposes:
7.1. to respond to and process enquiries, requests, and communications you initiate;
7.2. to manage and develop our business relationship with you;
7.3. to send marketing communications about Cint’s products, services, and events, where you have consented
7.4. or where we have a legitimate interest and applicable law permits;
7.5. to send surveys about our products and services;
7.6. to improve, test, and maintain our website and associated services;
7.7. to comply with legal and regulatory obligations;
7.8. to prevent, detect, and investigate fraud, security incidents, and illegal activity; and
7.9. to transfer data within the Cint group of companies for internal administrative purposes, subject to appropriate safeguards.
We will not use your personal data for purposes incompatible with those described above without your consent or as otherwise permitted by law.
Automated decision-making: We do not make decisions that produce legal or similarly significant effects on you based solely on automated processing of your personal data.
8. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies. Cookies are small text files placed on your device. We use:
8.1. Strictly necessary cookies: required for the website to function and cannot be switched off.
8.2. Analytics cookies: to measure traffic patterns and understand how visitors use the website (e.g., Google Analytics or similar tools).
8.3. Functional cookies: to remember your preferences and personalize content.
8.4. Marketing and advertising cookies: to deliver relevant content and, where applicable, support cross-context behavioral advertising.
When you first visit our website, we will ask for your consent before placing any non-essential cookies on your device. You can manage or withdraw your cookie consent at any time through Cint Cookie Policy – Cint™ | The World’s Largest Research Marketplace or by configuring your browser settings.
Global Privacy Control: We honor the Global Privacy Control (“GPC”) signal. If your browser or device transmits a GPC signal, we will treat it as an opt-out of the sale and sharing of your personal information for cross-context behavioral advertising purposes, to the extent required by the CPRA and other applicable law.
For full details of the cookies we use, their purposes, and their retention periods, please see Cint Cookie Policy – Cint™ | The World’s Largest Research Marketplace.
9. How We Share Your Information
Cint does not sell your personal data or personal information for monetary consideration.
We may share your information:
9.1. Within the Cint group: with Cint’s parent, subsidiary, and affiliated companies for internal administrative and business purposes, subject to appropriate intra-group data transfer agreements.
9.2. With service providers: with third-party vendors and processors who perform services on our behalf (such as IT hosting, email delivery, analytics, and CRM platforms). Service providers are contractually permitted to use your data only as necessary to provide those services.
9.3. With legal and regulatory authorities: where required by applicable law, court order, or to comply with a lawful request from a public authority, or to protect the rights, property, or safety of Cint, our customers, or others.
9.4. In connection with a business transaction: in the event of a merger, acquisition, reorganization, or sale of all or part of our business or assets. Any acquirer will be required to maintain the confidentiality and integrity of your personal data in a manner consistent with this Privacy Notice.
9.5. With your consent: for any other purpose where you have given your prior consent.
All service providers and other third parties that receive personal data from us are required to implement appropriate technical and organizational measures to protect that data.
10. International Transfers
Cint stores all primary data on servers within the European Union. Where personal data is transferred outside the EEA, UK, or Switzerland — including within the Cint group or to third-party service providers located in non-adequate third countries — we ensure an appropriate transfer mechanism is in place, such as:
10.1. standard contractual clauses approved by the European Commissionn (SCC) or, for UK transfers, the International Data Transfer Agreement (“IDTA”) or addendum approved by the UK Information Commissioner;
10.2. adequacy decisions issued by the European Commission or the UK Secretary of State; or
10.3. other lawful transfer mechanisms under the GDPR or applicable law.
11. Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, regulatory, accounting, or reporting obligations. The criteria we use to determine retention periods include:
11.1. the duration of our business relationship with you or your employer;
11.2. the nature of the personal data;
11.3. applicable legal limitation periods; and
11.4. any contractual or regulatory requirements.
12. Security
Cint implements and maintains appropriate technical, organizational, and physical safeguards to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These include access controls, encryption in transit, and regular reviews of our security practices.
No transmission over the internet or mobile network is completely secure. While we take reasonable steps to protect your data, we cannot guarantee the security of any information you transmit to us.
13. Your Rights (EEA, UK, and Switzerland)
If the GDPR or equivalent legislation applies to you, you have the following rights with respect to your personal data:
13.1. Right of access: to request a copy of the personal data we hold about you.
13.2. Right to rectification: to request correction of inaccurate or incomplete personal data.
13.3. Right to erasure: to request deletion of your personal data in certain circumstances (for example, where it is no longer necessary for the purpose for which it was collected).
13.4. Right to restriction of processing: to request that we restrict processing of your personal data in certain circumstances.
13.5. Right to data portability: to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller, where technically feasible and where processing is based on consent or contract.
13.6. Right to object: to object to processing based on legitimate interests (including direct marketing) at any time. We will stop processing your personal data for direct marketing purposes immediately upon request.
13.7. Right to withdraw consent: where processing is based on consent, to withdraw that consent at any time without affecting the lawfulness of prior processing.
13.8. Right to lodge a complaint: to lodge a complaint with the relevant supervisory authority. In Sweden, the supervisory authority is the Integritetsskyddsmyndigheten (IMY) (imy.se). You may also complain to the authority in the EU Member State where you habitually reside or work, or where the alleged infringement occurred.
Rights Available to Residents of Most Residents of California, Virginia, Colorado, Connecticut, Utah, Oregon, Texas, Montana, Delaware, New Hampshire, Nebraska, and New Jersey
You generally have the right to:
- Know and Access: Confirm whether we process your personal data and request a copy of that data.
- Delete: Request that we delete personal data we hold about you, subject to certain exceptions.
- Data Portability: Obtain a copy of your personal data in a portable, usable format.
- Opt Out of Sale: Direct us not to sell your personal data to third parties.
- Opt Out of Targeted Advertising: Direct us not to use your personal data for targeted or cross-context behavioral advertising.
e. Opt Out of Targeted Advertising: Direct us not to use your personal data for targeted or cross-context behavioral advertising.
Additional rights and specific variations by state are set out in the state-specific sections below.
Global Privacy Control (GPC): If you use a browser or extension that sends a Global Privacy Control signal, we will treat it as a valid opt-out request for the sale of personal data and targeted advertising in states that require us to honor such signals, including California, Colorado, Connecticut, Delaware, Montana, Nebraska, New Hampshire, New Jersey, Oregon, and Texas.
California Residents
California residents are protected by the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and enforced by the California Privacy Protection Agency and the California Attorney General.
Your rights include:
- Access: Request disclosure of the categories and specific pieces of personal information we have collected about you since January 1, 2022.
- Delete: Request deletion of your personal information, subject to limited exceptions.
- Correct: Request correction of inaccurate personal information we hold about you.
- Data Portability: Receive your personal information in a portable format.
- Opt Out of Sale or Sharing: Direct us not to sell or share your personal information, including for cross-context behavioral advertising. You may exercise this right using the “Do Not Sell or Share My Personal Information” link on our website or by enabling the Global Privacy Control on your browser. We will display a visible confirmation when your opt-out request has been processed.
- Limit Use of Sensitive Personal Information: Request that we limit our use and disclosure of sensitive personal information (such as precise geolocation, biometric data, health information, and similar categories) to what is necessary to provide you with the services you requested.
- Opt Out of Automated Decision-Making: Where we use automated decision-making technology for significant decisions affecting you (such as in employment, lending, or similar contexts), you have the right to opt out and to request information about how that technology works.
California residents also have a limited private right of action for certain data breaches. We will not retaliate against you for exercising any of these rights. We may not ask you to create an account to submit an opt-out request.
To learn more, visit the California Privacy Protection Agency or the California Attorney General’s CCPA page.
Virginia Residents
Virginia residents are protected by the Virginia Consumer Data Protection Act (VCDPA), enforced by the Virginia Attorney General.
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com]. We will respond to your appeal within 60 days. If your appeal is denied, we will provide information on how to contact the Virginia Attorney General.
To learn more, visit the Virginia Attorney General’s Office.
Colorado Residents
Colorado residents are protected by the Colorado Privacy Act (CPA), enforced by the Colorado Attorney General.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com]. We will respond to your appeal within 60 days. If your appeal is denied, we will provide information on how to submit a complaint to the Colorado Attorney General.
We are required to obtain your opt-in consent before processing sensitive personal data (including precise geolocation, biometric data, racial or ethnic origin, health conditions, sexual orientation, and genetic data).
As of July 1, 2026, if we use your personal data to train artificial intelligence systems or large language models, we will disclose this in our privacy notice.
To learn more, visit the Colorado Attorney General – Colorado Privacy Act.
Connecticut Residents
Connecticut residents are protected by the Connecticut Data Privacy Act (CTDPA), enforced by the Connecticut Attorney General. Significant amendments to the CTDPA took effect on July 1, 2026.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects.
- Know Third-Party Recipients: Request a list of third parties to whom we have sold your personal data.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com]. We will respond to your appeal within 60 days. If your appeal is denied, we will provide information on how to submit a complaint to the Connecticut Attorney General.
We are required to obtain your opt-in consent before processing sensitive personal data.
To learn more, visit the Connecticut Attorney General – CTDPA.
Utah Residents
Utah residents are protected by the Utah Consumer Privacy Act (UCPA), enforced by the Utah Attorney General.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data that you have provided to us.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale and Targeted Advertising: Direct us not to process your personal data for the sale of personal data or for targeted advertising.
Note: Utah law does not currently provide a right to opt out of profiling or a right to appeal a denial of your request, and does not require us to honor universal opt-out preference signals.
To learn more, visit the Utah Division of Consumer Protection – UCPA.
Oregon Residents
Oregon residents are protected by the Oregon Consumer Privacy Act (OCPA), enforced by the Oregon Attorney General. Businesses must honor universal opt-out preference signals under the OCPA.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling.
- Appeal: If we decline to act on your request, you may appeal our decision in writing by contacting us at [privacy@cint.com]. We will respond within 45 days. If your appeal is denied, we will provide information on how to contact the Oregon Attorney General.
We are required to obtain your opt-in consent before processing sensitive personal data.
To learn more, visit the Oregon Department of Justice – OCPA.
Texas Residents
Texas residents are protected by the Texas Data Privacy and Security Act (TDPSA), enforced by the Texas Attorney General. Businesses must honor universal opt-out preference signals, including the Global Privacy Control.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects.
To learn more, visit the Texas Attorney General – TDPSA.
Montana Residents
Montana residents are protected by the Montana Consumer Data Privacy Act (MCDPA), enforced by the Montana Attorney General.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com].
To learn more, visit the Montana Department of Justice – MCDPA.
Iowa Residents
Iowa residents are protected by the Iowa Consumer Data Protection Act (ICDPA), enforced by the Iowa Attorney General.
Your rights include:
- Access: Request a copy of the personal data we hold about you.
- Delete: Request deletion of personal data you have provided to us.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale: Direct us not to sell your personal data.
Note: Iowa law does not currently provide rights to correct inaccuracies, opt out of targeted advertising, opt out of profiling, or appeal a denial of your request.
Delaware Residents
Delaware residents are protected by the Delaware Personal Data Privacy Act (DPDPA), enforced by the Delaware Attorney General. We are required to honor universal opt-out mechanisms, including the Global Privacy Control.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of solely automated decisions that produce legal or similarly significant effects.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com].
To learn more, visit the Delaware Department of Justice.
New Hampshire Residents
New Hampshire residents are protected by the New Hampshire Privacy Act (NHPA), enforced by the New Hampshire Attorney General. Businesses must honor universal opt-out preference signals under the NHPA.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or certain profiling activities.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com].
To learn more, visit the New Hampshire Department of Justice.
Nebraska Residents
Nebraska residents are protected by the Nebraska Data Privacy Act (NDPA), enforced by the Nebraska Attorney General. Nebraska requires businesses to honor universal opt-out mechanisms where they are already obligated to do so under another state’s privacy law.
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com].
To learn more, visit the Nebraska Attorney General – Data Privacy.
New Jersey Residents
New Jersey residents are protected by the New Jersey Data Privacy Act (NJDPA), enforced by the New Jersey Division of Consumer Affairs (effective January 15, 2025).
Your rights include:
- Access: Confirm whether we are processing your personal data and request a copy.
- Correct: Request correction of inaccuracies in your personal data.
- Delete: Request deletion of your personal data.
- Data Portability: Obtain a portable copy of your personal data.
- Opt Out of Sale, Targeted Advertising, and Profiling: Direct us not to process your personal data for the sale of personal data, targeted advertising, or profiling in furtherance of decisions that produce legal or similarly significant effects.
- Appeal: If we decline to act on your request, you may appeal our decision by contacting us at [privacy@cint.com].
14. Links to Third-Party Websites
This website may contain links to third-party websites. Cint is not responsible for the privacy practices or content of those websites and this Privacy Notice does not apply to them. We encourage you to review the privacy notices of any third-party websites you visit.
15. Changes to This Privacy Notice
We may update this Privacy Notice from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will post the updated Privacy Notice on this page with a revised “Last revised” date.
Your continued use of our website after the posting of changes constitutes your acknowledgement of the updated Privacy Notice. Where we are required by law to obtain your consent to material changes, we will do so before the changes take effect.
16. Contact Us – How to Submit a Privacy Request
If you have any questions, concerns, or complaints about this Privacy Notice or our privacy practices, or if you wish to exercise any of your rights, please contact us:
To exercise any of the rights described in this notice, you may:
Email us at [privacy@cint.com] with the subject line “Web site Privacy Request”; or
Contact us by post at:
Cint AB, United Spaces Business Center, Drottninggatan 32, 4 tr, 111 51 Stockholm, Sweden.
Attn: Data Privacy Officer
We will verify your identity before processing your request. We will respond within the timeframe required by applicable law (generally 30 or 45 days, with a possible extension where reasonably necessary). We will not discriminate against you for exercising your privacy rights.
If you have authorized an agent to submit a request on your behalf, the agent must provide written proof of authorization and we may require you to verify your own identity directly with us.
If you are located in the EEA and are not satisfied with our response, you have the right to lodge a complaint with the Integritetsskyddsmyndigheten (IMY) at imy.se, or with the supervisory authority in your country of residence or place of work.