EFFECTIVE: 21 May 2018
- organizing it into the sections listed in the Table of Contents below,
- providing a series of examples that help illustrate how the policies may be implemented by Gribbio and;
- defining and capitalizing a few terms that are used more than once for simplicity and brevity.
When we refer to “Gribbio”, we mean the Gribbio entity that acts as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.
Table of Contents:
- How our data model is build up
- Information We Collect And Receive
- How We Use Information
- Data Retention
- How We Share And Disclose Information
- Your Choices
- Age Limitations
- In The Event Of Merger Or Sale
- Data Protection Officer
- Identifying The Data Controller And Processor
- Your Rights
- Data Protection
- Contacting Gribbio
How our data model is build up
As our Service Gribbio offers Customers a platform in which they can manage their event visitor data. The customers of Gribbio’s Customer are Users (“Users”) in the platform and generally seen as event visitors and/or members of the community of Gribbio’s Customer. To offer an adequate Service specific “User Information” is stored about Users that is generic on the total Gribb.io platform. The User can switch between Brandspaces and remain the same User Information.
Within specific Brandspaces the Customer specifies their own “Persona Profiles” with information about the User relevant to the Customer. Upon application for any activities of the Customer the User provides this information in the “Application Form” and gives consent for the storage and usage of this data according to the Terms of Services.
Information We Collect And Receive
Gribbio may collect and receive Customer Data and other information and data (“Other Information”) in a variety of ways:
Customer Data Customers or individuals granted access to a Brandspace by a Customer to manage the Services within Gribbio.
- Personal Data:
- Account Information: Contains email address, password, name, gender and profile picture.
- Persona Profile Information: You may provide to Gribbio what is generally called “personally identifiable” information if you apply to any activities by using the Service of Gribbio. The type of information is dependent on the type of questions that the Customer specified in it’s Brandspace.
- Usage Information:
- Services Metadata. When an Authorized User interacts with the Services, metadata is generated that provides additional context about the way Authorized Users work. For example, Gribbio logs the Brandspaces, channels, people, features, content and links you interact with, the types of files shared and what Third Party Services are used (if any).
- Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Websites or Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data.
- “Cookies” Information: When you access Gribbio, we or one of our advertising partners, may send one or more cookies – small text files that contain a string of alphanumeric characters – to your computer. Gribbio may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to Gribbio.
- Third Party Services. Information from your Facebook and LinkedIn accounts that you make publicly available, which is provided to us by Facebook or LinkedIn via the Facebook and LinkedIn APIs when you authenticated the service when you log-in to Gribbio.
Generally, no one is under a statutory or contractual obligation to provide any Customer Data or Other Information (collectively, “Information”). However, certain Information is collected automatically and, if some Information, such as Brandspace setup details, is not provided, we may be unable to provide the Services.
How We Use Information
Customer Data will be used by Gribbio in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. Gribbio is a processor of Customer Data and Customer is the controller. Customer may, for example, use the Services to grant and remove access to a Brandspace, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services.
Gribbio uses Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, Gribbio uses Other Information:
- To provide, update, maintain and protect our Services, Websites and business. This includes use of Other Information to support delivery of the Services under a Customer Agreement, prevent or address service errors, security or technical issues, analyze and monitor usage, trends and other activities or at an Authorized User’s request.
- As required by applicable law, legal process or regulation.
- To communicate with you by responding to your requests, comments and questions. If you contact us, we may use your Other Information to respond.
- For billing, account management and other administrative matters. Gribbio may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.
- To investigate and help prevent security issues and abuse.
We will not send any Marketing related communication unless you have explicitly given consent to receive this kind of communication.
This section describes how Gribbio may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and Gribbio does not control how they or any other third parties choose to share or disclose Information.
- Gribbio does not share your personally identifiable information with other organizations for their marketing or promotional uses without your prior express consent, except that if you have provided us with an email address.
- Gribbio may disclose aggregated or other types of non-personally identifiable information to third parties for various purposes, including marketing or promotional uses. For example, Gribbio may disclose non-personally identifiable information to interested third parties to assist them in understanding the usage, viewing, and demographic patterns on the Gribbio.
- Please be aware that any personally identifiable information that you voluntarily choose to display on Gribbio – such as when you publish attribution credits for documents or profile information – becomes publicly available and may be collected and used by others without restriction.
- Gribbio may disclose User information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as U.S. Copyright law) or respond to a court order, judicial or other government subpoena, or warrant in the manner required by the requesting entity.
- Gribbio also reserves the right to disclose User information that we believe, in good faith, is appropriate or necessary: to take precautions against liability; to protect Gribbio from fraudulent, abusive, or unlawful uses; to investigate and defend ourselves against third-party claims or allegations; to assist government enforcement agencies; to protect the security or integrity of Gribbio; or to protect the rights, property, or personal safety of Gribbio, our Users, or others.
- Gribbio shows aggregate geographical information about visitors on Gribbio document pages in our analytics section. This information includes the cities and countries of people viewing documents, the document which was viewed, and the time the document was viewed. This information is publicly available to all Gribbio users.
- With Consent. Gribbio may share Other Information with third parties when we have consent to do so.
You may, of course, decline to share your personally-identifiable information with Gribbio, in which case Gribbio will not be able to provide to you some of the features and functionality found on Gribbio. You may update, correct, or delete your user information and preferences at any in your user profile.
To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your information. YOU ARE RESPONSIBLE FOR MAINTAINING THE SECRECY OF YOUR UNIQUE PASSWORD AND ACCOUNT INFORMATION AT ALL TIMES.
Gribbio takes security of data very seriously. Gribbio works hard to protect Other Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Other Information we collect, process and store, and the current state of technology. Given the nature of communications and information processing technology, Gribbio cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.
To the extent prohibited by applicable law, Gribbio does not allow use of our Services and Websites by anyone younger than 16 years old. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us and we will takes steps to delete such information.
In The Event Of Merger Or Sale
In the event that Gribbio is acquired by or merged with a third-party entity, we reserve the right, in any of these circumstances, to transfer or assign the information that we have collected from users as part of that merger, acquisition, sale, or other change of control.
Data Protection Officer
To communicate with our Data Protection Officer, please email firstname.lastname@example.org
Identifying The Data Controller And Processor
Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, Customer is the controller of Customer Data. In general, Gribbio is the processor of Customer Data and the controller of Other Information. Different Gribbio entities provide the Services in different parts of the world. Gribbio, a brandname of Ropaki B.V., a Dutch company based in Rotterdam, the Netherlands, is the controller of Other Information and a processor of Customer Data relating to Authorized Users who use Brandspace established for Customers.
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information. You can contact Customer for additional access and assistance.
If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority:
Gribbio – Ropaki B.V.
Marconistraat 16, 3029AK
Rotterdam, The Netherlands