Privacy Policy Statement

GFI USA, Inc. and its affiliated companies and subsidiaries (collectively, the “Company”, “we”, or “us”) respect your privacy. This Privacy Policy Statement (“Privacy Policy”) describes the ways we collect information from and about you, what we do with the information, and your privacy rights. By accessing our website, or purchasing our products or services, you agree to this Privacy Policy in addition to any other agreements we might have with you. In the event that such agreements contain terms that conflict with this Privacy Policy, the terms of those agreements will prevail.

Scope

This Privacy Policy includes the Company’s Privacy Policy Statement and the Privacy Shield Notice. It applies to personal data processed by us in our business, including on our websites, mobile applications, and other online or offline offerings (collectively, the “Services”).

Company’s Privacy Policy Statement

  1. Our Collection of your Information

    Personal Data

    The information we collect may include your personal data, such as your name, contact information, IP addresses, product and service selections and other data that may identify you. We collect personal data about you at several different points, including but not limited to the following:

    • when we correspond with you as a customer or prospective customer;

    • when you visit our website or use the Platform;

    • when you use our software or services;

    • when you register as an end-user of our services and an account is created for you;

    • when you enroll in our newsletter or loyalty program;

    • when you decide to participate in a survey;

    • when you contact us for help;

    • when you attend our customer conferences or webinars;

    • when the websites or mobile apps send us error reports or application analytics data; and

    • when you provide content on our forums, blogs, or social media pages. Any content you provide on these channels will be considered “public” and is not subject to privacy protections.

  2. Information Collected Automatically or From Others

    Automatic Data Collection. We may collect certain information automatically when you use the Services. This information may include your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information, Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, and other information about how you use the Services. Information we collect may be associated with accounts and other devices. Our Services, such as those related to location data management, may collect precise geolocation information in accordance with applicable law.

    In addition, we may automatically collect data regarding your use of our Services, such as the types of content you interact with and the frequency and duration of your activities. Unless contrary to applicable law or contractual agreement, we may combine your information with information that other people provide when they use our Services, including, when the option is available, information about you when they tag you.

    Cookies, Pixel Tags/Web Beacons, Analytics Information, and Interest-Based Advertising technologies. We, as well as third parties that provide content, advertising, or other functionality on the Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information through the Services. Technologies are essentially small data files placed on your computer, tablet, mobile phone, or other devices that allow us and our partners to record certain pieces of information whenever you visit or interact with our Services.

    • Cookies. Cookies are small text files placed in visitors’ computer browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Services may not work properly.

    • Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded in the Services that collects information about users’ engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement.

    Web Analytics Services. We use Google Analytics, a service for the marketing analysis of the site provided by Google, Inc. Google Analytics uses cookies to allow us to see how you use our site, so we can improve your experience. Google’s ability to use and share information collected by Google Analytics about your visits to the site is restricted by the Google Analytics Terms of Use available at http://www.google.com/analytics/terms/us.html and the Google Privacy Policy available at http://www.google.com/policies/privacy/. You can prevent Google Analytics from recognizing you on return visits to the site by disabling cookies in your browser. If you prefer to not have data reported by Google Analytics, you can install the Google Analytics Opt-out Browser Add-on available at https://tools.google.com/dlpage/gaoptout.

    Information from Other Sources. We may obtain information about you from other sources, including through third party services and organizations to supplement information provided by you. For example, if you access our Services through a third-party application, such as an app store, a third-party login service, or a social networking site, we may collect information about you from that third-party application that you have made public via your privacy settings. Information we collect through these services may include your name, your user identification number, your user name, location, gender, birth date, email, profile picture, and your contacts stored in that service. This supplemental information allows us to verify information that you have provided to us and to enhance our ability to provide you with information about our business, products, and Services.

  3. Legal Basis for Processing your Personal Data (EEA, UK and Switzerland only)

    With respect to personal data of individuals from the European Economic Area (“EEA”), the United Kingdom (“UK”) or Switzerland, our legal basis for collecting and using the personal data will depend on the personal data concerned and the specific context in which we collect it. Our Company will generally collect personal data from you or a third party only where: (a) we have your consent to do so, (b) where we need the personal data to perform a contract with you (e.g. to deliver the services you have requested), or (c) where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms).

  4. Our Use of your Personal Data

    Our Company may use information that we collect about you to:

    Fulfil our contract with you and provide you with our Services, such as:

    • delivering the products and services that you have requested;

    • managing your customer relationship and provide you with customer support;

    • communicating with you by email, postal mail, telephone or mobile devices about products or services that may be of interest to you either from us, or other third parties;

    • undertaking activities to verify or maintain the quality or safety of a service or device;

    • processing your financial information and other payment methods for products or Services purchased;

    • managing our business, and

    • allowing you to register for events

    Analyze and improve our Services pursuant to our legitimate interest, such as:

    • detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;

    • performing research and analysis about your use of, or interest in, our Services or content offered by others, and short-term, transient use, such as contextual customization of ads;

    • undertaking research for technological development and demonstration;

    • improving, upgrading or enhancing our Services or device or those of our Providers;

    • verifying your identity and preventing fraud;

    • debugging to identify and repair errors that impair existing intended functionality, and

    • enforcing our terms and conditions

    Provide you with additional content and Services, such as:

    • developing and display content and advertising tailored to your interests on our websites or mobile applications;

    • auditing relating to interactions, transactions and other compliance activities;

    • verifying your eligibility and deliver prizes in connection with promotions, and

    • performing functions you consent to or that are otherwise described to you at the time of collection.

    Use De-identified and Aggregated Information. We may use personal data and other data about you to create de-identified and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access our Services, or other analyses we create.

    Share Content with Friends or Colleagues. Our Services may offer various tools and functionalities. For example, we may allow you to provide information about your friends or colleagues through our referral services. Our referral services may allow you to forward or share certain content with a friend or colleague, such as an email inviting your friend to use our Services.

    Process Information on Behalf of Our Customers (as processors). Our customers may choose to use our Services to process certain data of their own, which may contain personal data. The data that we process through our Services is processed by us on behalf of our customer, and our privacy practices will be governed by the contracts that we have in place with our customers, not this Privacy Policy.

    If you have any questions or concerns about how such data is handled or would like to exercise your rights, you should contact the person or entity (i.e., the data controller) who has contracted with us to use the Service to process this data. Our customers control the personal data in these cases and determine the security settings within the account, its access controls and credentials. We will, however, provide assistance to our customers to address any concerns you may have, in accordance with the terms of our contract with them. For a list of our sub-processors, contact us as described below.

  5. Our Disclosure of your Personal Data to Third Parties

    We may share your personal data with third parties only in the ways that are described in this Privacy Policy. Below is a list of categories of personal data (from the California Consumer Privacy Act) we have collected and disclosed about consumers for a business purpose in the past 12 months:

    • Category A: Identifiers;

    • Category B: Personal Data categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e));

    • Category D: Commercial information;

    • Category F: Internet or other electronic network activity;

    • Category G: Geolocation data;

    • Category I: Professional or employment-related information;

    • Category K: Inferences drawn from other Personal Data to create a profile about a consumer.

    We have not sold consumers’ personal information in the preceding 12 months.

    • Affiliates and Service Providers. we may provide your information to affiliated entities within our corporate group, as well as with vendors who perform functions on our behalf; such parties provide hosting and maintenance services, virtual infrastructure, payment processing, analysis and other services for us;

    • Contractors. third party contractors may have access to our databases. Usually these contractors sign a standard confidentiality agreement;

    • Business Partners. we may share your data with any parent company, subsidiaries, joint ventures, other entities under a common control or third-party acquirers. We expect these other entities will honor this Privacy Policy;

    • Disclosure for Merger, Sale or Other Asset Transfer. we may allow a potential acquirer or merger partner to review our databases, although we would restrict their use and disclosure of this data during the diligence phase;

    • Disclosure to Protect Us or Others. as required by law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to our Company; or when we believe, in our sole discretion, that the disclosure of personal data is necessary to prevent physical harm or financial loss; to report suspected illegal activity or to investigate violations of our agreements or Company policies; to enforce our terms and conditions, to protect the security or integrity of our products and services, and

    • Consent. when you give us permission to do so.

    Please note that these third parties may be in other countries where the laws on processing personal data may be less stringent than in your country.

    Potential for Other Users to Contact You

    To the extent that a given application supports personal messaging functionality between and among end users, you may receive personal messages from other end users. You can disable this functionality by using the unsubscribe and other disabling instructions in the