PRIVACY POLICY
Last modified: 26.06.2024
This privacy notice for Gipedo GmbH (‘we’, ‘us’, or ‘our’) describes how and why we might collect, store, use, and or share (‘process’) your information when you use our products and services (‘Services’), such as when you:
-
Visit https://www.gipedo.io our website.
-
Make use of our Services such as the Campaign Manager or Workspace.
-
Engage with us in other related means such as through Sales, Marketing, or events.
What is in our Privacy Policy
1. What information do we collect?
2. How do we process your information?
4. When and with whom do we share your personal information?
7. How do we keep your information safe and secure?
10. Contact Us
5. Do we use cookies and other tracking technologies?
8. What are your privacy rights?
11. Review, update, or delete the data we collect from you
6. How long do we keep your information?
9. Privacy Policy updates
Information collected voluntarily
Personal information is collected that you voluntarily provide to us when you register to use our Services, or express interest in obtaining information about our Services, or through usage of our Services, or otherwise when you contact us. Depending on the context of your interactions with us and our Services, we may collect the following:
Personal Information:
For the purpose of using our Services we may require certain basic personal information:
-
Names
-
Date of birth
-
Birth town / country
-
Phone numbers
-
Email addresses
-
Mailing addresses
-
Job titles
-
User names
-
Passwords
-
Contact preferences
-
Contact or authentication data
-
Billing addresses
-
Bank account information
Sensitive Information:
For the purpose of KYC verification only, we may require certain individuals information to facilitate the process:
-
Biometric data
-
Government identifiers
Information automatically collected
We automatically collect certain information when you visit and use our Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.
The information we collect includes:
Log and Usage Data. Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called 'crash dumps'), and hardware settings).
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log into your account, as well as keep your account in working order.
To deliver and facilitate delivery of services to the user. We may process your information to provide you with the requested service.
To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service.
To send administrative information to you. We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
To fulfil and manage your orders. We may process your information to fulfil and manage your orders, payments, returns, and exchanges made through the Services.
To enable user-to-user communications. We may process your information if you choose to use any of our offerings that allow for communication with another user.
To request feedback. We may process your information when necessary to request feedback and to contact you about your use of our Services.
To send you marketing and promotional communications. We may process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time. For more information, see 'What are your privacy rights?' below.
To protect our Services. We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.
To facilitate KYC verification through our business partner Stripe. We may process your information as part the KYC onboarding process together with Stripe. Biometric and government identifiers are specifically required by law only when Stripe is unable to identify individuals acting as managing directors for your organisation.
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:
-
Consent. We may process your information if you have given us permission (i.e. consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about withdrawing your consent.
-
Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
-
Legitimate Interests. We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to: Send users information about special offers and discounts on our products and services Diagnose problems and/or prevent fraudulent activities. Understand how our users use our products and services so we can improve user experience
-
Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
-
Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
Vendors, Consultants, and other Third-Party Service Providers.
Cloud Computing Services:
Amazon Web Services (AWS)
Communicate and Chat with Users:
HubSpot Email
Functionality and Infrastructure Optimisation:
Amazon Web Services (AWS)
Invoice and Billing:
Stripe
Web and Mobile Analytics:
Wix
Google Analytics
Google Tag Manager
LinkedIn Ads
Website Hosting:
Wix
Website Performance Monitoring:
Amazon Web Services (AWS)
Sentry
You can review the privacy policies of our Vendors, Consultants, and other Third-Party Service Providers here:
-
Amazon Web Service (AWS): Amazon Web Services EMEA SARL, 38 Avenue John F. Kennedy, L-1855, Luxembourg (https://aws.amazon.com/privacy)
-
HubSpot: HubSpot, 2nd Floor 30 North Wall Quay, Dublin 1, Ireland (https://legal.hubspot.com/privacy-policy)
-
Stripe Stripe Payments Europe Limited 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland (https://stripe.com/privacy)
-
Wix Wix Online Platforms Limited, 1 Grant’s Row, Dublin 2 D02HX96, Ireland (https://www.wix.com/about/privacy)
-
Google Analytics/TagManager: Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. The responsible party for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, (https://www.google.com/policies/privacy/)
-
LinkedIn Ads: LinkedIn Ireland Unlimited Company Wilton Plaza, Wilton Place, Dublin 2, Ireland (https://www.linkedin.com/legal/privacy-policy)
-
Sentry: Functional Software, Inc., 45 Fremont Street, 8th Floor, San Francisco, CA 94105. (https://sentry.io/privacy/)
Specific Situations
We may also be required to share your personal information in the following situations:
Business transfers
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
Affiliates
We may share your information with our affiliates, in which case we will require those affiliates to honour this privacy notice. Affiliates include our any subsidiaries, joint venture partners, or other companies that we control or that are under common control with us
Business Partners
We may share your information with our business partners to offer you certain products, services, or promotions. For example our business partners may require contact information to facilitate the processing of an order executed by a user.
We may use cookies and similar tracking technologies (such as web beacons and pixels) to gather information when you interact with our Services. Some online tracking technologies help us maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions.
We also permit third parties and service providers to use online tracking technologies on our Services for analytics and advertising, including to help manage and display advertisements, to tailor advertisements to your interests, or to send abandoned shopping cart reminders (depending on your communication preferences). The third parties and service providers use their technology to provide advertising about products and services tailored to your interests which may appear either on our Services or on other websites. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our integration of CookieBot which can be directly accessed throughout our Services.
As a matter of principle, we store personal data only until the respective purpose for which the data was collected has been achieved. In the context of a business relationship with you, we store your personal data as long as the business relationship lasts, this also includes the initiation and the execution of a contract as well as the regular limitation period. In addition, we store the data if and to the extent that we are subject to statutory retention obligations.
We take data security seriously and aim to protect your personal information through a system of procedural and technical safeguards.
We have implemented appropriate and reasonable procedural and technical safeguards designed to protect the security of any personal information we process. However, despite our safeguard to secure your information , no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or otherwise modify your information. You should only access our Services within a secure environment.
You have the following rights towards us regarding your personal data:
General rights
You have the right of access, the right to rectification, the right to erasure, the right to restriction of processing, the right to object and the right to data portability. Where processing is based on your consent, you have the right to withdraw such consent with effect for the future.
Right to object in the event of data processing for legitimate interest
Pursuant to Art. 21 para. 1 GDPR, you have the right to object at any time to the processing of personal data concerning you on the basis of Art. 6 para.1 lit. e GDPR (data processing in the public interest) or Article 6 para.1 lit. f GDPR (data processing to protect a legitimate interest), this also applies to profiling based on this provision.
In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right to object to direct marketing
If we process your personal data for direct marketing purposes, you have the right pursuant to Art. 21 para. 2 GDPR to object at any time to the processing of personal data concerning you for the purpose of such advertising, this also applies to profiling insofar as it is associated with such direct marketing.
In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
Right to complain to a supervisory authority
In addition, you have the right to complain to a competent data protection supervisory authority regarding the processing of your personal data by us if you are of the opinion that the processing of your personal data violates data protection regulations.
If you have any questions regarding data protection and the processing of your personal data, please contact our data protection officer. He will also be happy to assist you with requests, access requests, suggestions or complaints.
Withdrawing your consent
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section 'Contact Us' below or updating your account preferences or modifying your previously selected consent to track through the CookieBot link that you can find displayed throughout our Services.
However, please note that this will not affect the lawfulness of the processing before it’s withdrawal nor, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communication
You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details
provided in the section 'Contact Us?' below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
We reserve the right to update this privacy policy from time to time as necessary to stay compliant with relevant laws. This will be indicated by the above “Last Modified” date at the top of this privacy policy. For material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification per email. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.
If you have questions about this privacy policy, please email us at privacy@gipedo.io or contact us by post at:
Gipedo GmbH
Hegestraße 40
20251 Hamburg
Germany
Based on the applicable laws of your country, you may have the right to request Access:
-
To the personal information we collect from you
-
Details about how we have processed it
-
Correct inaccuracies
-
Delete your personal information.
You may also have the right to withdraw your consent to our processing of your personal information.
These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information please contact us at privacy@gipedo.io.