Effective: February 23, 2019
All customers enter into an agreement in order to access and use the GRRA service ("Terms of Service"). The Terms of Service governs the submission, access and use of any Customer Data (information submitted through Service). Customer Data may include personally identifiable information. The organization (e.g., your employer) that entered into the Terms of Service (the "Customer") controls the particular instance of the Service and any associated Customer Data.
Information You Provide to Us
We receive and store any information you provide to us. We may collect information that can identify you such as your name and email address ("Personal Information") and other information that does not identify you. We may collect this information through the GRRA Service or a mobile application. By using the Service, you are authorizing us to gather, parse and retain data related to the provision of the Service.
More specifically, when you create a new account to use the Service we will ask for your consent to connect your Google account to your GRRA account (using Google's authentication methods), thereby providing us with access to your Google Drive. Although the authentication provides broad access to your Google account, GRRA only collects information that is relevant to operating the GRRA service.
We encourage our users to not to include highly sensitive information (such as social security numbers, financial information, or health care related information) in any system input in order to avoid transferring that data to our servers (even if only temporarily).
In addition, we collect Personal Information when you complete your registration for an account on the Service. In that case, we may communicate with you, for example by sending you promotional offers, or emailing you about your use of the Service. If you do not want to receive communications from us, you can request that we exclude your email from any notifications by by sending an email to firstname.lastname@example.org.
We also collect certain types of usage information as follows:
GRRA Metadata. When a User accesses the Service, metadata is generated that provides additional information about the way Users interact with the Service. For example, we keep track of the data you interact with.
Log Data. As with most services delivered over the Internet, our servers automatically collect information about when you access or use the Service and record it in certain log files. This data may include the Internet Protocol (IP) address, the address of the web page visited before using the Service, browser type and settings, the date and time the Service was used, information about browser configuration and plugins, language preferences and cookie data.
Device information. We collect information about devices accessing the Service, including type of device, what operating system is used, device settings, unique device identifiers and crash data. Whether we collect some or all of this information often depends on the type of device used and its settings.
Location information. We receive information from you and other third-parties that helps us approximate your location and collect location information from devices in accordance with the consent process provided by your device.
Information Collected Automatically
Whenever you interact with our Service, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, "cookie" information, the type of browser and/or device you're using to access our Service, and the page or feature you requested. "Cookies" are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Service are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device's acceptance of cookies, but this may prevent you from using the Service at all. We may use this data to customize content for you that we think you might like, based on your usage patterns, and generally to improve the Service.
Generally, no one is under a statutory or contractual obligation to provide any Customer Data or other information (collectively, "Information"). However, certain Information is collected automatically and, if some Information, such as account setup details, is not provided, we may be unable to provide the Services.
Information Collected From Other Websites and Do Not Track Policy
Through cookies we place on your browser or device, we may collect information about your online activity after you leave our Service. Just like any other usage information we collect, this information allows us to improve the Services and customize your online experience. Our Services do not track your activity outside of the context of our Service and our website. However, some of our online marketing campaigns and marketing partners may use tracking pixels for the purpose of campaign optimization.
How We Use Information
Customer Data will be used by us in accordance with Customer's instructions, including any applicable terms in the Terms of Service and Customer's use of Service functionality, and as required by applicable law. We are a processor of Customer Data and Customer is the controller. Customer may, for example, use the Service to grant and remove access to a particular data item, configure settings, access, modify, export, share Customer Data and otherwise apply its policies to the Service.
We also use Information in furtherance of our legitimate interests in operating our Service and our business. More specifically, we use Information:
To provide, update, maintain and protect our Services, websites and business. This includes use of Information to support delivery of the Service under a Terms of Service agreement, prevent or address Service errors, security or technical issues, analyze and monitor usage, trends and other activities or at a User's request.
As required by applicable law, legal process or regulation.
To communicate with you by responding to your requests, comments and questions. If you contact us, we may use your Information to respond.
To develop and provide tools and additional features. We are constantly striving to improve our Service. We may use your Information to analyze your usage and customize the Service to meet your specific needs.
To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Service and important Services-related notices, such as security and fraud notices. These communications are considered part of the Service and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news. These are marketing messages so you can control whether you receive them.
For billing, account management and other administrative matters. We may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.
To investigate and help prevent security issues and abuse. If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, we may use it for any business purpose.
Sharing Personal Information
We neither rent nor sell your Personal Information to anyone. However, we may share your Personal Information with third parties as described in this section:
Agents and vendors: We employ other companies and people to perform tasks on our behalf and need to share your information with them, including in some cases the Personal Information you have provided to us, in order to make the Service available to you. For example, we may use third party hosting providers or software developers to help implement and maintain the Service. However, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us.
Business Transfers: If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal and outline your choices in that event.
Protection of GRRA and Others: We reserve the right to access, read, preserve, and disclose any information that we believe is necessary to comply with law or court order; enforce or apply our applicable Terms of Service and other agreements; or protect the rights, property, or safety of other GRRA users.
We take security measures to help safeguard your Personal Information from unauthorized access and disclosure. However, no system can be completely secure. Therefore, although we take steps to secure your information, we do not promise, and you should not expect, that your Personal Information, meeting invitations and notes and other communications will always remain secure. Users should also take care with how they handle and disclose their Personal Information.
Transfer to the U.S. or Other Countries
We currently use datacenter facilities located exclusively in the United States. Your information will be stored and processed in the United States or other countries where we decide to maintain datacenter facilities in the future. By using the Services, you consent to the transfer of information outside of your country, even if your country has more rigorous data protection standards.
California Code Notice
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to email@example.com.
To the extent prohibited by applicable law, we do not allow use of our Service by anyone younger than 13 years old. If you learn that anyone younger than 13 has unlawfully provided us with personal data, please contact us and we will takes steps to delete such information.
If you have any questions or concerns regarding our privacy policies, please don't hesitate to contact us at firstname.lastname@example.org, and we will try to resolve your concerns.