Privacy Notice
Glassagrm

Overview

This Privacy Notice ("Notice") is here to help you to understand how your personal data is used when you're using glassagrm Website located at glassagrm.com

We have written two versions: a full-text version that is legally binding and also section summaries, which will hopefully make the legal language sound more understandable. You will need to read to this Privacy Notice and agree to our Terms of Service before you use Glassagrm Website or Service for the first time. Please, do read the Terms of Service carefully, since this Notice is a part of them.

If you have any questions you can contact us at [email protected].

Quick Summary of our Privacy Notice:

  1. This Notice explains what data is collected in connection with the Site and the Service.

  2. It also explains how we use that data, where we store it, and how we protect it.

  3. In short:

    • in order for you to use our Site or use our Service, we need to process some of your data. Should we need to process your data for any other purpose than offering you our Site and Service, we will always ask you for your consent in advance.
    • We will not share your data for the third party advertising purposes.
  4. Finally, it explains your rights in relation to your personal data.

The main purpose of the collection of your data is to provide you with our Service. Also, we use your data for other reasons such as:

Quick summary Full text

Our contact details:

email: [email protected]

data protection legal inquiries: [email protected]

1.1. We are the data controller under the European Union data protection legislation. In this Privacy Notice we will refer to ourselves as “Glassagrm”. In case you have any questions or concerns in relation to personal data protection, you may reach us out via:

email: [email protected]

data protection legal inquiries: [email protected]

2. What this Privacy Notice governs?

This Privacy Notice explains the kinds of data we collect when you are using our Site and Service presented on it. This document applies to users of Glassagrm Site and Service anywhere in the world.

2.1. This Privacy Notice applies to: our Site, customer and technical support, billing department and any other element of the Services we provide to you (hereinafter, the term "Service" will refer to all of these elements).

2.2. Privacy Notice governs personal data, which we collect from you when you're using Service. "Personal data" means data, which, on its own or in combination with other data, can be used to identify you.

2.3. We respect your right to privacy and will only process personal data in accordance with applicable legislation in the EU and other countries where we offer our Site and Service.

3. How do we treat minors?

Our Site and Service are not directed to persons under the age of 18. We may start to process a children's data only after we receive the parental consent.

3.1. Glassagrm does not provide Service to persons under the age of 18. We do not and will not knowingly collect personal data from any child under 18, without prior parental consent.

If you are a parent or guardian and are concerned about the personal data of your child, please contact [email protected].

If we become aware that a minor has provided us with personal data without parental consent we take steps to remove such data and terminate that person’s account.

4. What data do we collect?

When you use our Service, we collect data about you and your activity. The data we collect is divided into two categories: data you provide, data collected automatically upon interaction with the Site.

Data listed in this section is necessary for us to provide and maintain our Service.

4.1. Data you provide us with. Such data includes:

  • User Account: We collect information when you register or update your Glassagrm Account. This includes:
    • full name;
    • email address.
  • Billing information:
    • full address;
    • zip code;
    • city;
    • country;
    • telephone number (optional).
  • Payment method
    • parts of the credit card number;
    • credit card expiration date.

4.2. Data collected automatically upon interaction with the app:

  • Location data: Depending on your device and permissions, we may collect location information through GPS, IP address and WiFi.
  • Device data: we automatically collect information in "log files" about your device’s connection to the Internet, length of time spent on the Site, and the pages accessed during each visit to the Site.
  • Usage data: We may collect data about your interaction with our Service. This includes metrics data about when and how you are using Service, traffic data, Site features, and pages viewed.

4.3. In order for you to use our Site and our Service, we need to process most of the data provided above. In case you do not want to provide us with some data, you may execute your right to object and we will stop using the data which we do not require to provide you with the Service.

5. How do we use your data?

Research and development.:

  • Create and update your Account;
  • Enable use of our Site and Service;
  • Verify your identity.

5.1. Provide you with our Service. We collect the data to provide you with a personalized experience. Also, to maintain and improve our Service. This includes using the data to:

  • Create and update your Account;
  • Enable use of our Site and Service;
  • Perform operations within the Site necessary to provide our Service, such as troubleshoot software bugs and operational problems, to make data analysis, testing, research and to monitor and analyse usage trends;
  • Verify your identity.

5.2. Safety and security. We use the data to help maintain safety and integrity of our Service. This includes using data to:

  • Prevent, detect and combat fraud.

5.3. Customer support. We use the data we collect to provide you with a customer support services. This includes using data to:<

  • Answer your questions.
  • Help resolve issues in relation to our Service.
  • Monitor and improve customer support.

5.4. Communications from Glassagrm. We may use the Contact data which we collect to communicate with you about our Service.

5.5. Compliance with legal obligations. We collect your data to comply with our legal obligations. Also, we may use your data we collect to investigate or address claims or disputes in relation to the usage of Glassagrm Site and Service or as otherwise allowed by applicable law, or as requested by regulators or government entities.

5.6. Research and development. We may use the data we collect for the purpose of testing, analysis, research and overall development of the product and services. This also allows us to enhance safety and security, develop new features.

6. What are the grounds for data collection?

We have grounds for collection and processing of your data. We use the following grounds to collect and process your data:

  • Performance of a contract.
  • Compliance with legal obligations.
  • Our legitimate interest.
  • Your consent.

6.1. Performance of a contract. We need to process your data to provide you Service and features you request. The collection and usage of this data is a requirement to use our Site and Service.

Performance of a contract includes:

  • Data that you provide to register your Glassagrm Account is necessary for the establishing and maintaining of the Account. It is also needed to provide you with customer support.
  • Billing and payment data is required for billing purposes and for verification of identity.

6.2. Compliance with legal obligations. To lawfully provide our Service and features we need to comply with legal obligations of the jurisdictions where we operate.

  • Legal obligations require us to collect, process, disclose and retain your personal data. We use your data to comply with legal obligations to the extent they apply to your use of Glassagrm website and Service.
  • We may share your data with law enforcement, or in case we receive a third party request to disclose your data pursuant to a legal proceeding.

6.3. Our legitimate interest. We collect and use personal data to the extent necessary for our legitimate interests. This includes:

  • To prevent, detect and combat fraud in connection with the use of our Service.
  • We use location data for statistics of user’s areas involvement.
  • To improve our Service and to develop new ones.
  • To conduct research and analysis. For example, we may analyse data to improve User experience and to improve safety and security of our Service.
  • To enforce our Terms of Service.

6.6. Your Consent. We may collect your data on the ground of your consent. Note, you can withdraw your consent at any time. However, in case you withdraw your consent, you will not be able to use any Service or feature that require collection or use of the data which we collected on the grounds of consent. We collect User’s consent in connection to features which improve User’s experience, to enable optional services and/or features or to communicate with you.

7. How do we share and disclose data?

We may share your data in case of business transfers of any kind.

7.1. Business Transfers. We will not sell your personal data to any company or organization, but we may transfer your personal data to a successor entity upon a merger, consolidation or other corporate reorganization in which we may participate or to a purchaser or acquirer of all or a substantial part of Glassagrm assets to which this application relates. In such event, we will notify you before your personal data is transferred and becomes subject to a different Privacy Notice.

7.2. With service providers and business partners. We work with third party service providers and vendors that use encryption and authentication to maintain the confidentiality of your personal data. In case we share data with our partners we will enter into data protection agreements. For example, this includes:

  • Cloud storage providers.
  • Marketing partners.
  • Consultants, lawyers and other professional service providers.

7.3. For legal reasons. We may disclose your data when it is required by applicable law, regulation, operating agreement, legal process or governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns. This includes:

  • Disclosing your data to law enforcement representatives, government authorities.

7.4. With your consent. We may share and/or disclose your personal data in cases where we have notified you and you have provided your consent.

8. Do we use cookies?

A cookie is a piece of data stored on the user's hard drive containing information about the user. We use some cookies to operate our Site.

8.1. Cookies generally do not permit us to personally identify you. We generally use session cookies to save your preferences and such cookies expire when you close your browser. Usually we use cookies for analytical purposes.

If you do want to manage cookies, here is an instruction on how to do it. For example, you can choose to turn off all cookies. You do this through your browser settings on each browser and device that you use. Each browser is a little different, but usually, these settings are under the "options" or "preferences" menu. The links below provide information about cookie settings for the browsers:

Also, you can opt out by visiting the Network Advertising Initiative Opt Out page.

9.How do we handle your data?

We will store your data on secure servers within the European Economic Area (EEA). We apply maximum effort to ensure your data is protected and well secured.

Generally we will store your data for as long as you use our Service. In case you stop using our Service, we may still use limited data about you for legal, accounting and tax reasons.

We have put in place security hardware, software and network scanning procedures to secure the data which we process. Personal data is stored behind firewalls is not accessible to personnel. We store personal data of all our users in encrypted way. We use asymmetric public-private key cryptosystem and symmetric-key algorithm. Data is received from devices using encrypted https protocol. We immediately start encryption process of the data. The encrypted data is saved to Glassagrm servers.

9.1. Data storage. We will store the data we collect from you on secured servers within the European Economic Area. Your data storage is limited to 90 days. After first 90 days, you’ll lose some older files. To keep data longer you need to upgrade your storage plan, contact [email protected]. We implement appropriate technical and organisational measures to protect your data against unauthorized or unlawful processing, accidental loss, destruction or damage. We will take all reasonably necessary steps to ensure that your data is treated securely and in accordance with this Privacy Notice. If you have a reason to believe that your interaction with us is no longer secure, please, immediately notify us by contacting us in writing at [email protected].

9.2. How do we handle your data?

If your Account expires, all the data that you have downloaded will be deleted from your device within 1 (one) month.

Moreover, in the Account settings, you may find the delete button. Your Account will be permanently removed within 30 days or earlier from our active systems, servers and back-ups. Deleted data will no longer be accessible and will be fully removed from our systems on the next back-up.

Extended storage period applies in certain special cases, such as:

  • There is a legal obligation to retain your data to fulfill our tax, audit, legal, and/or accounting obligations. In such cases we will retain the necessary data for the period required by applicable law.
  • We have a legitimate interest to prevent, detect, and combat fraud and/or to maintain the security of our Users.

9.3. Data security. We provide industry-standard physical, electronic, and procedural safeguards to protect personal data we process and maintain.

9.4. Data Encryption. We store personal data of all our users in encrypted way. We use asymmetric public-private key cryptosystem RSA with key size is 4096 bit (‘RSA’) and symmetric-key algorithm AES with key size is 256 bit (‘AES’). Asymmetric public-private key cryptosystem RSA uses public encryption key and private decryption key. The public encryption key is stored in the database in open way. The private decryption key is stored in the database in encrypted way using AES key. AES consists of user password and a secret key. It cannot be decrypted without user password and a secret key.

User credentials are stored in the database. We don’t store user password. Only the hash of the password is stored. The hash is generated by md5 hash function from user passwords. We generate public-private key pair for cryptosystem RSA during user sign up. This public-private key pair is unique for each user. The key pair is stored in the database using AES. We use user password from login form to decrypt original private key. Data is received from devices using encrypted https protocol. We immediately start encryption process of the data on the server in the RAM without storing on server`s disks. We encrypt data with RSA using user’s public encryption key. The encrypted data is saved to Glassagrm servers.

10. Do we transfer your data?

We may need to process your data outside of the country in which you reside. We apply measures to protect our data transfers.

10.1. Transfers outside the EEA. In the course of our operations we may need to transfer your data outside of the EEA due to the international nature of Glassagrm Service. In case of data transfers outside of the EEA we will use all appropriate safeguards to protect your data including:

  • standard contractual clauses adopted by the European Commission.

11. Transparency. What are your rights and choices?

You control the data you provide to us, that is why you have certain rights under this Privacy Notice.

Also, you have means to control your data through:

  • Account settings.

11.1. Your rights. In case you provide us with your personal data you may use your powers and exercise any of the rights described in this section. If you have any additional questions you can always send an email to [email protected] and we will do our best to support you.

11.1.1. Access.You can request an explanation of the personal data we process about you. Also, you can request a copy of your personal data undergoing processing.

11.1.2. Rectification. You can rectify/correct any inaccurate data about you.

11.1.3. Data portability. You have a right to receive the personal data concerning you, which you provided to us. You can make a request to transmit this data directly to another data controller in a structured, commonly used and machine-readable format. We will transmit your data directly to another controller in cases where it is technically feasible.

11.1.4. Erasure. You have a right to be forgotten which means that we will delete all personal data that you have provided to us. Note, we may retain certain information as required by law and for legitimate business purposes permitted by law.

11.1.5. Restrict processing. You can request us to temporarily or permanently stop processing all or some of your personal data.

11.1.6. Object processing. You can, at any time, object to the processing of your personal data on grounds relating to your particular situation. You have the right to object to your personal data being processed for direct marketing purposes.

11.1.7. Lodge complaints. You have a right to file a complaint to a supervisory authority in relation to Glassagrm Site usage of your personal data.

11.1.8. Not to be subject to automated decision-making. You have a right not to be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.

12. How do we update this notice?

Sometimes we can update this Privacy Notice. We recommend you to periodically review our Privacy Notice.

12.1. From time to time we may update this Notice. For example, we may need to update it for legal reasons or to reflect changes in our Service. If we do so, we will make the updated Privacy Notice available in our application. Also, we will update the “Last Updated” date. In case we implement significant changes we will notify you via email. We strongly encourage you to periodically review this Privacy Notice for any changes. In such case you will always have an option to opt-out from our Service, if you don’t agree with our updated data protection practices. Also, we will make prior versions of our privacy notices available for review, so that you could know what exactly has changed.