GrailAlert (“GrailAlert”, “GrailAlert”, “we” or “us”) provides software that helps online businesses (our “Customers”) run engaging marketing campaigns that are promoted to customers (“Campaign Users”).
In order to ensure confidentiality and lawful processing of its, Visitors, Customers and Campaign Users personal data, GrailAlert in its capacity of a data controller and of a processor, conducts its activities in strict compliance with the requirements set in Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of this data (GDPR).
What Information We Collect and How We Use It
We may collect the following types of information about you on our Website
Customers and Visitors of our Site
We may collect your personal data in a variety of ways, including, but not limited to, when you visit our Site, register on the Site, subscribe to our newsletter, fill out a form, or in connection with other activities, services, features or resources we make available.
Registration and Contact Information: As appropriate and depending on the Services you would like to use, Customers and Visitors may be asked to provide us with full name, username, gender, email, city or country, strictly for the purpose of customisation, configuring preferences and analytics of the Site.
Payment Information: GrailAlert does not have access to any kind of payment information you provide to our trusted Affiliates and Partners on their respective Site(s).
Third Party Platforms. We may collect information when you interact with our advertisements and other content on third-party sites or platforms, such as social networking sites. This may include information such as Facebook Likes, profile information gathered from social networking sites during signup or the fact that you viewed or interacted with our content.
Social Logins: GrailAlert also allows Campaign Users to connect social accounts to your profile. If you sign in using a third party social network such as Facebook, Twitter or Instagram, We will be able to see basic information related to accounts that you connect. This includes but is not limited to your name, email address, social profile URL’s and associated profile photos.
- GrailAlert will never use or post to these accounts without your permission and will always require your interaction with any applicable widgets to execute any specific actions
- GrailAlert will only ever use information that you have made public or specifically allowed us to access when you accept permissions
- GrailAlert does not know, have access to or store any passwords associated with your social accounts
- If you wish to remove the link between GrailAlert and any social network, you can remove the Grail Alert app inside that specific social network.
How We Use Collected Information
GrailAlert may collect and use User’s personal information for the following purposes:
GrailAlert Website Users
- To administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve GrailAlert to ensure that content is presented in the most effective manner for you and for your Device;
- To allow you to participate in interactive features of our service, when you choose to do so;
- To send periodic emails: We may use the email address to send User information, marketing campaigns and updates pertaining to their newsletter subscription. It may also be used to respond to their inquiries, questions, and/or other requests.
GrailAlert does not own or use any identifiable data provided by any Users for any reason other than to:
- Ensure that your specific request is carried out and assigned to the correct User.
- Identify and detect fraudulent behaviour or Users that are violating our Terms of Service
- Provide support to Customers regarding specific inquiries
- Analyze anonymized statistics or usage to help improve the GrailAlert platform
Sharing Information With Third Parties
Customers and Visitors of our Site
GrailAlert may use third party service providers to help us operate our business or administer activities on our behalf, such as sending out newsletters or collecting Website analytics. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
GrailAlert engages certain onward subprocessors that may process personal data submitted to GrailAlert’s services. These subprocessors are listed below, and may be updated by GrailAlert from time to time:
Third Party Websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
In certain limited circumstances, we may also have to disclose your personal data to public authorities and other third parties, if the disclosure is in response to lawful requests made by such public authorities, including to conform with national security or law enforcement requirements. Your personal information may also be disclosed to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
GrailAlert may also share personal data with third parties to prevent, investigate or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
We use appropriate technical and organizational security measures to protect any personal information we process about visitors to our Website against unauthorized access, disclosure, alteration, and destruction. However, please note that no Internet transmission can ever be guaranteed 100% secure, and so we encourage you to take care when disclosing personal information online and to use readily available tools, such as Internet firewalls, secure e-mail and similar technologies to protect yourself online.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures.
In case of an unauthorized security intrusion that materially affects you or anybody else, GrailAlert will notify you as soon as possible and will within reasonable time report the action we took in response.
EU and EEA residents
The servers where GrailAlert stores all personal data are located in the US. If you are located in a country member of either the EU or the EEA, please be aware that any information provided to us, including personal information, will be transferred from your country of origin to the US.
Data Retention Periods
GrailAlert will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. For email campaigns and competitions, User Data will be kept for a duration of up to 45 days, unless otherwise described in the applicable email campaign or competition. When a User’s account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.
Privacy Controls & Choices
GrailAlert Website Communication: Our Customers, Site Visitors and Users have a choice about how we use their personal data to get in touch with them and may choose to opt-out at any time by unsubscribing or changing their account settings.
Campaign Users Notifications: We provide an easy mechanism for opt-ing out of any commmunication from campaigns inside the applicable email. You can simply select the Unsubscribe link in the footer.
Your Rights: We provide all Customers, Visitors and Users of our Site with the opportunity to request access, correction, restriction, deletion, data portability or oppose to any personal information that has previously been provided to us in connection with the use of our Website, as required by law. You can send us an email to firstname.lastname@example.org. We may request specific information from you to confirm your identity.
Your Acceptance Of These Terms
By using this Site, you signify your acceptance of this policy and our Terms of Service. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
This document was last updated on August 5th, 2018