Skip to main content
Enumerate AI
Book a Demo

Enumerate Survey App

Privacy Policy for Android

Effective Date: December 5, 2025

Contact Information

Entity: Enumerate AI Inc.

Address: 8 The Green, Suite B, Dover, DE 19901, USA

Email: privacy@enumerate.ai

At a Glance

This App helps you take part in research studies by answering questions and sometimes sharing photos, videos, audio, or screen recordings. We know this can feel personal, so we want to be clear about what happens with your information.

  • You stay in control – We only use your camera, microphone, gallery or screen when a question asks for it and you choose to record or upload.
  • Who uses your data – Your answers and recordings are shared with the brand, agency, or research company that invited you to the study so they can understand people's views and experiences.
  • No ads, no sale of your data – We do not sell your personal information or use it for personalised advertising.
  • How we protect it – We use strong security measures and only authorised people and service providers can access your data for valid business or legal reasons.
  • Your rights – Depending on where you live, you may be able to access, correct, delete, or limit how your data is used, usually by contacting the research company running the study (and we can help route your request).

This summary is just to give you the big picture. The sections below explain these points in more detail.

Introduction

This Privacy Policy explains how Enumerate AI Inc. ("Enumerate", "we", "us") collects, uses, and protects your information when you use the Enumerate Survey App (the "App") to take part in research studies. It is meant for survey respondents who install and use this App on their Android device.

The brand, agency, or research company that invited you to the study (we call them the "Researcher") designs the survey, decides which questions to ask, and determines how your answers and recordings are used. They are legally responsible for the research project and act as the data controller (or "business" under some laws).

Enumerate operates the App and processes your data only so we can deliver your survey answers, videos, audio, screen recordings, and other inputs to the relevant Researcher, according to their instructions and our contracts with them. In legal terms, Enumerate acts as a data processor (and, where applicable, as a "service provider" or "processor" under other privacy laws).

This Privacy Policy applies specifically to your use of the Enumerate Survey App. The Researcher may also provide their own privacy notice or consent form for the study, which describes in more detail how they use your data.

Legal Bases (EEA/UK users)

Where the GDPR or UK GDPR applies, the Researcher is responsible for choosing the legal basis for collecting and using your personal data. Typical legal bases chosen by Researchers may include:

  • Consent – for example, where you agree to participate in a specific study or allow use of your camera, microphone, or screen recording.
  • Legitimate interests – for example, where the Researcher conducts market research to understand consumer needs, provided such interests are not overridden by your rights and interests.
  • Legal obligations – where processing is required to comply with applicable law.

Enumerate relies on the Researcher's chosen legal basis and processes your personal data strictly in line with their instructions.

Definitions

For the purposes of this Privacy Policy:

  • "App" means the Enumerate Survey App for Android.
  • "Personal data" / "personal information" means any information relating to an identified or identifiable individual, as defined under applicable laws (such as the GDPR and CCPA/CPRA).
  • "Researchers" means our business customers (for example, brands, agencies, or research companies) who design and run surveys and are responsible for deciding why and how your personal data is processed.
  • "Controller" (or "business" under some laws) means the organization that determines the purposes and means of processing personal data. In most cases, this is the Researcher.
  • "Processor" (or "service provider" / "processor" under some laws) means the organization that processes personal data on behalf of the controller. In this App, that is Enumerate.
  • "Applicable Data Protection Laws" means the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), and any similar privacy laws that apply to our processing of your data.

What Information We Collect

We collect different types of information when you use the App to take part in surveys. Some of this is information you give us directly, and some is collected automatically when you use the App.

Information you provide
  • Survey answers – Your responses to questions (choices, ratings, comments, etc.).
  • Photos, videos, and audio – Any media you record or upload as part of a study, which may include your face, voice, or surroundings.
  • Basic details – For example, age range, gender, or city, when relevant to the study.
  • Support messages – Information you share when you contact us for help.
Information collected automatically
  • Camera and microphone – Used only when a question asks for a recording and you choose to tap record.
  • Photo/video gallery – We only receive the specific photos or videos you select to upload, not your whole gallery.
  • Screen recording (if a task requires it) – Your screen (and sometimes audio) during the task only, not outside it.
  • Approximate location – City/region-level information based on IP or settings, for security, fraud prevention, or relevant studies.
  • Device and technical data – Device model, OS and app version, IP address, crash logs, and basic usage data to run, secure, and improve the App.

How We Use Your Information

We use your information to:

  • Run the study and deliver your answers – Send your survey responses, media, and screen recordings to the Researcher that invited you, and show you the right questions and tasks.
  • Operate and improve the App – Make the App work on your device, fix bugs, improve performance, and understand how features are used.
  • Keep things safe and fair – Protect against fraud, misuse, and security threats, and verify that studies are being completed in a genuine way.
  • Support you and our customers – Respond to your questions or issues, and help Researchers manage their projects.
  • Meet legal and contractual obligations – Comply with laws, enforce our agreements, and keep necessary records.

Where possible, we may anonymise or aggregate data so it no longer identifies you, and use it to improve our services and research tools. We do not sell your personal information or use it for personalised advertising.

Who Sees Your Data

We do not sell or share your personal information for advertising purposes.

We disclose data only to:

  • Researchers: Survey responses are provided to the Researchers who created the survey you participated in.
  • Service Providers: Third-party vendors who help us operate our services (cloud hosting, transcription) under strict confidentiality agreements.
  • Legal Requirements: When required by law or to protect rights and safety.

Subprocessors and Data Processing Agreements

We engage carefully selected third-party service providers (sometimes called subprocessors) to help us operate the App and deliver services to Researchers—for example, cloud hosting, video and audio storage, transcription, analytics, and security services. These providers may have access to personal data only to the extent necessary to perform services on our behalf and are bound by contractual obligations to:

  • Use personal data only on our documented instructions;
  • Implement appropriate technical and organizational security measures; and
  • Assist us in supporting Researchers with their own compliance obligations.

Our relationship with Researchers is governed by Data Processing Agreements (DPAs) or similar contracts that define roles, responsibilities, and data protection commitments, including subprocessors and international data transfers. A current list of key subprocessors is available from us on request.

Data Security

We implement industry-standard security measures including:

  • Encryption of data in transit and at rest
  • Multi-factor authentication and least-privilege access controls
  • Regular security monitoring and vulnerability management
  • Secure cloud infrastructure with regional data processing

Data Retention

We retain personal data only for as long as necessary to: (i) provide the App and related services to Researchers, (ii) support their research projects and legitimate business needs, and (iii) comply with our legal, regulatory, accounting, or reporting obligations. The specific retention period is determined by the relevant Researcher's instructions and the nature of the study. After the applicable retention period has ended, we either securely delete, anonymize, or aggregate the data in line with our internal policies and the Researcher's requirements.

Your Privacy Rights

Depending on where you live, you may have the right to access, correct, delete, or limit how your personal data is used.

These rights can include, for example:

  • Access – asking for a copy of the personal data we (and the Researcher) hold about you.
  • Correction – asking us to correct inaccurate or incomplete personal data.
  • Deletion – asking for your personal data to be deleted, in certain circumstances.
  • Restriction – asking us to limit how your personal data is used, in certain cases.
  • Objection – objecting to certain types of processing, such as processing based on legitimate interests, where applicable.
  • Data portability – asking for certain personal data to be provided in a structured, commonly used, machine-readable format, where technically possible.
  • Withdrawal of consent – where processing is based on your consent, you can withdraw that consent at any time (this will not affect processing that has already happened).

Because the Researcher (the brand, agency, or research company that invited you) is usually the data controller, you will normally need to exercise these rights directly with them. Their contact details are typically provided in the study invitation or in their own privacy notice.

If you contact us about your rights, we may need to share your request with the relevant Researcher or ask you to contact them directly, so that we can handle your request in line with our role as a processor and with applicable laws.

EEA and UK (GDPR / UK GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you may have the following rights under the GDPR / UK GDPR, in addition to any rights already described above:

  • The right to access, correct, or delete your personal data.
  • The right to restrict or object to certain processing, including processing based on legitimate interests.
  • The right to data portability, where technically feasible.
  • Where processing is based on consent, the right to withdraw consent at any time (without affecting the lawfulness of processing before withdrawal).

Because Enumerate acts as a processor, you should generally exercise these rights with the relevant Researcher (the controller who invited you to the survey). If you contact us directly about these rights, we may need to redirect your request to the appropriate Researcher or work with them to respond.

You also have the right to lodge a complaint with your local data protection authority. A list of EEA supervisory authorities is available from the European Data Protection Board, and the UK authority is the Information Commissioner's Office (ICO).

California and Certain U.S. States (CCPA/CPRA and Similar Laws)

If you are a resident of California or another U.S. state with similar privacy laws, you may have the right to:

  • Request to know the categories of personal information we process in relation to the services we provide to Researchers.
  • Request access to or deletion of personal information, subject to certain exceptions.
  • Request correction of inaccurate personal information.
  • Request more information about our privacy practices and how we work as a service provider / processor for Researchers.

Enumerate does not "sell" or "share" personal information for cross-context behavioral advertising, as those terms are defined in the CCPA/CPRA. We process personal information solely to provide services to Researchers and in line with our contracts with them.

In most cases, you should direct these requests to the relevant Researcher (our customer), as they are the "business" under state privacy laws. If you contact us, we will either help you identify the appropriate Researcher or coordinate with them to respond, as permitted by law and our contracts.

Children's Privacy

Our App is not directed to children under 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

International Data Transfers

Data may be transferred to and processed in countries outside your country of residence, including the United States and other jurisdictions where our subprocessors operate. Where required by law, we rely on appropriate safeguards for such transfers, such as the European Commission's Standard Contractual Clauses (SCCs) or equivalent UK transfer mechanisms, together with technical and organizational measures (including encryption) designed to protect your personal data during transfer and while stored.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy in the App with an updated effective date.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@enumerate.ai

Privacy Request Portal: enumerate.ai/privacy-request

Address: 8 The Green, Suite B, Dover, DE 19901, USA

EU & UK Privacy Representative

For users in the European Union or United Kingdom, our privacy representative is Prighter Group. You can contact them at: https://app.prighter.com/portal/11913438326