Do We Sell Your Personal Information?
What Personal Information Do We Collect?
You directly provide almost all the personal information that we collect about you. As described below, some information may automatically be collected when you use the Services. The following is a list of items that you provide or input on the Services, including:
- Name, address and contact information, including your phone number;
- Login details, including email address, username and password;
- Location information
- Information about your date of birth and demographics
- Information that you provide in correspondence with us, including surveys
- Information about and contained on your social media accounts
- Information about how you use our Services, and
- Information discoverable as a result of the information you provide or from how you use our Services. This also includes how you engage with our Services, such as product samples, coupons, or other offers you have received, requested, used, expressed an interest in, or provided feedback on.
We do not store personal financial information from Users. In some cases, we may use your shipping address to send samples, offers, coupons, or cash rebates.
How Do We Use Your Personal Information?
Personal data you provide to the Service. We may use the personal data you provide to the Service for the following purposes:
- To set up and maintain your account with the Service;
- To communicate with you;
- To provide our Services to you, including to select you to receive samples, offers, coupons or cash rebates;
- To contact you with information that we believe will be of interest to you;
- To tailor our content and information that we may send or display to you, to offer personalized help and instructions, and to otherwise personalize your experience with our Service.
- For the purposes for which you specifically provided it including, without limitation, to enable us to process your registration, provide the Services or other requests.
- To provide features available in the Service;
- To develop, improve, and protect the Service;
- To notify you about our products, services, and special offers;
- To send you information about your relationship or transactions with us.
- For direct marketing and market research, including for example recommendations and targeted marketing, in accordance with applicable law;
- To use user content as part of our Service as well as advertising and marketing campaigns to promote the services
- To allow other select companies to send you promotional materials about their products and services;
- To comply with applicable legal obligations, including responding to a subpoena or court order
- To enforce our terms, conditions and policies
- To prevent and investigate fraud and other misuses; and
- To protect our rights and/or our property.
Data collected automatically. We may use the data collected automatically for the following purposes:
- To manage the Service;
- To provide features available in the Service;
- To personalize the Service. In particular, cookies may be used for providing us information on the content you’ve shared in social media after or before registering to the Service. We may use this information to provide you with advertiser content recommendations;
- To develop, improve, and protect the Service;
- For market research and data analysis, including for example reading recommendations and behavioral targeting and targeted marketing, in accordance with applicable law;
- To audit and analyze the Service; and
- To ensure the technical functionality and security of the Service.
Do We Ever Share Your Personal Information with Third-Parties?
We share the information we collect as follows:
Legal Disclosures. We may disclose a Service user’s information (including personal information) where we believe that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a warrant or administrative request, a court or regulatory order, or other valid legal processes. We may also disclose personal information where we believe it is necessary to identify, contact or bring legal action against someone who may be violating the Terms of Service for our Service, to detect fraud, for assistance with a delinquent account, as evidence in litigation in which we are involved, or to protect the safety and/or security of our users, the Service or the general public.
Affiliates and Business Partners. We may share your information with affiliated companies and business partners. When you engage in promotions or Services offered through the Site, we may partner with another company to fulfill that offer. When you accept a particular business partner’s offer, you authorize us to provide your information to that business partner.
Service Providers. We may contract with independent contractors, vendors and suppliers to provide specific services related to the Service, such as third-party couriers, hosting and maintaining the Service, providing payment processing and fraud screening, data analysis, and developing applications for the Service, email services and marketing enrichment services. We may disclose a Service user’s information, or the information of the user’s customers, to these service providers as necessary for those service providers to provide their service.
Aggregate and De-Identified Information. We may also provide aggregate, anonymous or de-identified information about users and the Service for marketing and research purposes. For example, we might inform third parties regarding the number of unique users who visit the Service, the demographic breakdown of our registered users of the Service, and the educational progress of categories of users.
What Privacy Protections are there for third-party links used on the Services?
Content and information posted by the Company or our Users may contain links to other sites, including those of our business partners or affiliates. While we seek to link only to sites that share our high standards and respect for privacy and security, we are not responsible for the privacy practices used by other sites.
The Services, in line with almost every other mobile app or internet-based company, utilizes cookie technology to allow the company to improve the functionality of the service and improve your user experience. Your browser or device may allow you to block or delete cookies from our site, however, this may interfere with the functionality of our Service. Cookies collect information automatically even when a user is not logged into their account. The information collected may include information about the platform and operating system you are using, your browser type and version, computer and connection information, and what time you accessed the site. This information will be collected any time you access the Services unless you opt out.
What are cookies?
Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”).
Both websites and HTML emails may also contain other tracking technologies such as “web beacons” or “pixels.” These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted.
Which cookies does The Company use?
Anytime you visit and use a Gratsy website, Gratsy or a third-party places cookies in your browser. Certain cookies are specific to features or specific preferences, and certain cookies will be used all the time. Four different types of cookies are used by The Company.
Essential Cookies. These are cookies are placed in your browser by the Company and are also known as “strictly necessary” cookies. These are necessary to allow you to move around the site and use its features, such as “Save and View Favorites.”
Analytics Cookies. Also known as “performance cookies,” analytics cookies collect information about visits to our sites and how the services we offer are being used. We use this data to make improvements and report our performance. For example, these cookies collect information about how visitors use our sites, which site the visitor came from, the number of each user’s visits and how long a user stays on the site. We might also use analytics cookies to test new ads, pages, or features to see how users react to them. Analytics cookies are primarily third-party cookies.
Functionality Cookies. Sometimes called “preference cookies,” these first-party cookies allow us to remember information you have entered or choices you have made (such as your username, language, region, and marketing preferences) on our sites, so the next time you visit the site you will not have to set them again. These cookies also allow us to provide a better user experience on our website.
Targeting Cookies. The Company and our advertising partners or other third-party partners may use these types of cookies, also known as “advertising cookies,” to deliver advertising and track ad performance, and enable advertising networks to deliver ads that may be relevant to you based upon your activities (this is sometimes called “behavioral” or “targeted” advertising) on our sites.
How can you manage and delete cookies?
Does the Company use any other user tracking technologies?
Technology used on the Internet is constantly changing. The company uses technology standard to the Internet, such as pixel tags, web beacons, and other similar technologies, to track visitors to our sites.
How do we respond to “Do Not Track” Signals?
Are There Any Age Restrictions for Use of the Company’s Services?
You must be at least 18 years old or older to gain access to our Services. These Services are not intended for those who are under 18 years old. The Company does not knowingly collect any information from anyone who is under 18 years of age and does so in compliance with the Children’s Online Privacy Protection Act. Services provided by Gratsy are directed solely to individuals who are at least 18 years old.
If we learn we have collected Personal Data from a child under 18 without parental consent, we will delete that information, unless we are legally obligated to retain such data. If you have any reason to believe we may have unknowingly collected data from a minor under the age of 18, please contact us at firstname.lastname@example.org or by mail at PO Box 1124, Bentonville, AR 72712.
What Rights do You have?
You have the following rights with respect to the personal data we hold about you:
- The right to know what data we hold about you: You can contact us at email@example.com or by mail at PO Box 1124, Bentonville, AR 72712 to review the personal data you have provided to the Service. We seek to swiftly respond to your inquiry. We may charge a small processing fee if less than twelve (12) months has passed since your last inquiry relating to personal data we hold about you.
- The right to have incomplete, incorrect, outdated, or unnecessary personal data corrected, deleted, or updated. The easiest way to correct, delete, or update the personal data you have provided to the Service is to access your profile settings and enter the necessary changes there. If you have additional questions regarding the correction, deletion, or updating of the personal data we hold about you, please contact us at firstname.lastname@example.org by mail at PO Box 1124, Bentonville, AR 72712.
- The right to opt out of receiving electronic direct marketing communications from us: All electronic direct marketing communications that you may receive from us, such as e-mail messages, give you an option of not receiving such communications from us in the future. If you have any additional questions about electronic direct marketing received from us, please contact us at email@example.com or by mail at PO Box 1124, Bentonville, AR 72712.
What Additional Rights Do Nevada Users Have?
Under the Nevada Privacy Law (SB220), certain Nevada residents may opt out of the sale of “personally identifiable information” for monetary consideration to a person for that person to license or sell such information to additional persons. “Personally identifiable information” includes first and last name, address, email address, phone number, Social Security Number, or an identifier that allows a specific person to be contacted either physically or online.
The Company does not sell your personally identifiable information. However, if you are a Nevada resident who has utilized our Services, you may submit a request to opt out of any potential future sales under Nevada law by contacting us at firstname.lastname@example.org or by mail at PO Box 1124, Bentonville, AR 72712. If our policy on selling personal identifiable information changes, we will honor your request.
What Additional Rights Do California Users Have?
The California Consumer Privacy Act provides some California residents with the additional rights listed below.
Right to Know. You have the right to know and see what data we have collected about you over the past twelve (12) months, including:
- The categories of personal information we have collected about you;
- The categories of sources from which the personal information is collected;
- The business or commercial purpose for collecting your personal information;
- The categories of third parties with whom we have shared your personal information; and
- The specific pieces of personal information we have collected about you.
Right to Delete. You have the right to request that we delete the personal information we have collected from you (and direct our service providers to do the same). There are a number of exceptions, however, that include, but are not limited to, when the information is necessary for us or a third party to do any of the following:
- Provide you with a good or service, or otherwise perform a contract between us and you;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
- Fix our system in the case of a bug;
- Protect the free speech rights of you or other users;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et seq.);
- Comply with a legal obligation; or
- Make other internal and lawful uses of the information that are compatible with the context in which you provided it.
Other Rights. You have the right to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclose to third parties for their own direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. You also have the right not to be discriminated against for exercising any of the rights listed above.
Exercising Your California Privacy Rights. To request access to or deletion of your personal information, or to exercise any other data rights under California law, you may contact us at email@example.com or by mail at PO Box 1124, Bentonville, AR 72712. Please include your full name and email address associated with your use of our services, along with why you are writing, so that we can process your request in an efficient manner.
Response Timing and Format. We aim to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing.
What Additional Rights do EEA Residents Have?
We currently do not offer our Services outside of the continental United States, Alaska and Hawaii. However, if we were to expand and provide our services outside of the United States, the following would apply. If you are resident outside the United States, including in the EEA; European Economic Area (“EEA”), which includes the member states of the European Union (“EU”), we transfer Personal Data provided by you for processing in the United States, including Personal Information sent via e-mails or when you create an account. Under the GDPR, we are considered a “controller” and a “co-processor” of the Personal Data of EEA Residents. By providing Personal Data to us for the purpose of using the Service, website or mobile application, you consent to the processing of such data in the United States. The transfer of your Personal Data to the United States is necessary for t/he performance of a contract between you and us for your use of the website or mobile application.
Please note that the United States does not have data protection laws equivalent to those in the EEA and other jurisdictions.
Rights of EEA Residents
All processing of Personal Data of EEA Residents is performed by us in accordance with the General Data Protection Regulation (2016/679) of the European Parliament and of the Council on the protection of natural persons regarding the processing of Personal Data and on the free movement of such data (“GDPR”).
Under the GDPR, we are both the controller and a co-processor of the Personal Data of EEA Residents. Our purpose for collecting and processing Personal Data from EEA Residents is to provide them with the features and functionalities of our website and Mobile Application and information regarding our services. The legal basis for collecting Personal Data is because it is necessary for performance of a contract between us to provide you with the website and Mobile Application and its related features and functionality. We also rely on your consent to receive information about our services. You may withdraw consent from receiving marketing and promotional communications by clicking the “Update Email Preferences” link on the communication. If EEA Residents do not provide Personal Data to us or withdraw consent for processing such Personal Data, we may not be able to provide such residents with certain features or functionalities of the website or Mobile Application or information regarding the services, including processing payments.
If you are an EEA resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us at firstname.lastname@example.org or by mail at PO Box 1124, Bentonville, AR 72712.
Additionally, if you are an EEA resident, we are hereby notifying you that we are processing your information in order to fulfill contracts we might have with you, or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to the United States.
Security of Transmission of Personal Information and Risks Related to the Internet
Our Site and Mobile Application have security measures in place to help protect against the loss, theft, misuse and unauthorized access, disclosure, alteration and destruction of the information under the company’s control. The Site and Mobile Application use no encryption (data scrambling) on certain portions of the website or app but does use encryption on portions where you are transmitting financial information, such as credit card information. When you are on any platform that asks you for confidential information, you should check to see if the information being transmitted is encrypted in order to increase the security of your information. Although every effort is made to ensure no one else will view, seize or obtain your information, complete confidentiality and security is not yet possible over the Internet. Any unencrypted email communication over the Internet is not secure or confidential, and is subject to possible interception, loss and alteration. The company, its agents, administrators, employees and affiliates may not be held liable for any damages you or anyone else may suffer or incur as a result of the transmission of confidential or sensitive information over the Internet, and all such communications will be made at your own risk.
We seek to use reasonable organizational, technical and administrative measures to protect Personal Information under our control. For example, we seek to use Secure Sockets Layer ("SSL") technology.
Unfortunately, no data storage system or data transmission over the Internet can be guaranteed to be 100% secure. Please also be aware that we may use third-party cloud service providers that provide hosting, data storage and other services pursuant to standard terms and conditions that may be non-negotiable; these service providers have informed us or the general public that they apply security measures they consider adequate for the protection of information within their system, or they have a general reputation for applying such measures.
How Are Users Notified of Any Changes to this Policy?
How Can I Contact the Company Regarding this Policy?