Gimbal Inc. Privacy Policy

This is the Gimbal, Inc. (collectively “us” or “we” or “Gimbal”) Privacy Policy (“Privacy Policy”). This Privacy Policy is written to explain what information we collect, how we use it, whom we share it with, and the choices that we give you to control, access, and update your information.

TRUSTe Privacy

Gimbal, Inc. participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.  Gimbal is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles.  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.

Gimbal is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf.  Gimbal complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Gimbal is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.  In certain situations, Gimbal may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

For questions regarding the Privacy Policy or practices, please contact Gimbal at privacy [at] gimbal [dot] com. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.  

Gimbal complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from Switzerland. Gimbal has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Gimbal’s certification, please visit https://safeharbor.export.gov/swisslist.aspx.

GIMBAL WEBSITE (OR “GIMBAL SITE”)
The Gimbal site includes Gimbal.com, related websites with addresses ending in Gimbal.com and any other sites controlled or owned by Gimbal.

1. What Information We Collect

Information you choose to give us. We may collect your information where you actively submit it to us via the Gimbal Site. For example, you send us your information when you subscribe to or order a Gimbal product or service, register as a Gimbal user, or respond to an online Gimbal survey. We may collect your name, email address, mailing address, telephone number, and certain information related to the business you represent. Also, we may collect your payment information (e.g., credit card number and related verification information), phone number, and billing and shipping addresses when you purchase a product or service.

Information we get when you use our services. When you visit or use the Gimbal Site, we may collect information from your computer, phone, or other mobile device from which you access the Gimbal Site, including but not limited to your browser type, operating system, IP address, domain name, type of mobile device from which you access the Gimbal Site, and your mobile advertising identifier. We may collect information about your browsing behavior, such as the date and time you visit the Gimbal Site, the areas or pages of the Gimbal Site you visit, the amount of time you spend viewing the Gimbal Site, the number of times you return to the Gimbal Site and other click-stream data in order to analyze trends in the aggregate and to administer the site.

Information we get from third parties. We may obtain information from other companies that are owned or operated by Gimbal, or any other third party sources, and combine that with the information we collect through our services. We will only use this information for the specific reason for which it was provided to us.

Cookies and Other Technologies. Gimbal and its business partners use cookies or similar tracking technologies. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the Gimbal Site, and to gather demographic information about our user base. We may receive or generate reports on either an individual or aggregated basis.

We may use cookies to collect the information described above. A cookie is a small text file that may be stored on the hard drive of your computer or device when you access the Gimbal Site. We may use cookies to: (1) provide or maintain a basic function, including but not limited to keep you logged-in where registration is required, to provide a shopping cart or to provide you with customized content; (2) monitor Gimbal Site usage; (3) conduct research to improve Gimbal content and services; or (4) to conduct third party advertising where a third party advertising company has our permission to serve ads on our behalf across the Internet or to display ads for other companies on the Gimbal Site.

You are free to decline cookies. You decide whether cookies are stored on your computer or device and can choose to delete them. By doing so, you may not be able to use certain features on the Gimbal Site or take full advantage of all of the Gimbal offerings. Check the “Help” menu of your browser to learn how to change your cookie preferences.

Our business partners may employ a software technology called clear gifs (a.k.a. Web Beacons/Web Bugs). Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. Clear gifs enable us to better determine what content is effective on the Gimbal Site. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. The information gathered by clear gifs is not tied to the personally identifiable information of Gimbal’s customers.

2. How We Use Your Information

We may use your information to support our products and services, as well as to create relevant new offerings. Our use includes where we:

• Respond to you when you contact us, including by way of an example where you contact us for sales, marketing and support;

• Notify you of relevant events, promotions or other interesting content;

• Verify your identity and prevent fraud or other unauthorized or illegal activity;

• Provide us and the application with location-triggered information, such as when arrive at or leave a designated location;

• Monitor and analyze aggregate trends and usage;

• Create aggregate or de-identified and anonymous audience segments for business purposes, as well as for other analytical purposes such as attribution, segmentation, de-duping, and re-targeting;

• Reference your comments or other feedback in our advertising, marketing, or promotional materials;

• Process and ship orders for Gimbal products and/or services

• And any other use that we describe at the point where we collect data or information with your consent;

3. How We Share Information

People use our services and products to create mobile engagement and more relevant experiences. We make this possible by sharing information in the following ways:

With our affiliates. We may share information within the Gimbal family of companies.

With third party data processors. We may share or ask you to share your information with agents, service providers, vendors, contractors, or affiliates who process the data or provide services on our behalf. These companies are authorized to use your personal information only as necessary to provide these services to us.

As required by law or as necessary to exercise our legal rights. We may share your information as required by law, such as to comply with a subpoena, bankruptcy proceeding, or similar legal process when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others. Also, we may also share your information in the interest of protecting or exercising Gimbal’s or others’ legal rights, e.g., without limitation, in connection with requests from law enforcement officials, to investigate fraud, to respond to a government request and in connection with court proceedings. In certain situations, Gimbal may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In the aggregate or after de-identification. We may also share with third parties, such as advertisers, aggregated or de-identified and anonymous information that cannot reasonably be used to identify you.

In the event that all or substantially all of its assets are acquired, sold or subject to merger, your personal information may be one of the transferred assets. You will be notified via a prominent notice on the Gimbal Site of any change of ownership, uses of your personal information, and choices you may have regarding your personal information.

Information You Choose to Share with Third Parties. Our services may include third party links, integrations, or a co-branded or third party-branded service that’s being provided jointly with or by another company. By going to those links, using the third party integration, or using a co-branded or third party-branded service, you may be providing information (including personal information) directly to the third party, Gimbal, or both. You acknowledge and agree that we are not responsible for how those third parties collect or use your information. We encourage you to review the privacy policies of every third party website or service that you visit or use, including those third parties you interact with through our services.

We may also disclose your personal information to any other third party but only with your prior consent.

4. How Long We Keep Information

We retain information for only as long as it is necessary to:

• Provide products and services to you and others;

• Perform or fulfill our contractual obligations;

• Comply with our legal obligations;

• Resolve disputes; and

• Enforce our agreements.

5. Access

Upon request Gimbal will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging in to your account or by contacting us at privacy [at] gimbal [dot] com for assistance.  We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.

GIMBAL TECHNOLOGY

Gimbal and certain third parties may utilize Gimbal technology in their applications for their end-users. We may collect and use aggregate or de-identified and anonymous information from those applications. Where we collect such information, our collection is dependent on the features that have been enabled by the mobile application and your agreement. Please note that mobile applications may choose to collect information outside of the enabled features. We are not responsible for the information collection and use policies of a particular third party application. We recommend you review the third party application’s privacy policy to better understand their practices.

1. What Information We Collect

We collect information depending on which features are enabled by a Gimbal or third party application and where you agree or when information is provided to us by a third party.

Information you choose to give us. We may collect information you choose to provide an application which utilizes Gimbal technology, such as when you designate a place in the third party application (e.g., “my gym”). Also, we may collect information if you participate in a survey, provide us feedback, interact with our marketing campaigns or send us questions.

Information we get when you use our services. Where bluetooth or applicable location features are enabled, we may periodically collect your location (e.g., latitude/longitude coordinates) and the time of day. Also, we may collect your advertising identifier, information about your device (e.g., make, model, and OS), app permissions info (e.g., deliver notifications, use location services, use of bluetooth, and other similar information), the status of our Software Development Kit (“SDK”) (e.g., the version, whether it is activated/deactivated, and your use thereof), or other similar information related to the use of our services.

Information we get from third parties. We may obtain information from other companies that are owned or operated by us, or any other third party sources, and combine that with the information we collect through our services.

2. How We Use Your Information

We have no direct relationship with the end-users of a third party application. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct related questions to the third party application. If requested to remove data, we will respond to your request within a reasonable timeframe.

We may use your information to support our products and services, as well as to create relevant new offerings. Our use includes where we:

• Respond to you when you contact us;

• Notify you of relevant events, promotions or other interesting content;

• Verify your identity and prevent fraud or other unauthorized or illegal activity;

• Provide us and the third party application with location-triggered information, such as when arrive at or leave a designated location;

• Monitor and analyze aggregate trends and usage;

• Create aggregate or de-identified and anonymous audience segments for business purposes, as well as for other analytical purposes such as attribution, segmentation, de-duping, and re-targeting;

• Reference your comments or other feedback in our advertising, marketing, or promotional materials;

• Process and ship orders for Gimbal products and/or services;

• And any other use that we describe at the point where we collect data or information with your consent.

3. How We Share Information

People use our services and products in a variety of ways, including by way of example in their applications and services to create more relevant experiences. We make this possible by sharing information in the following ways:

With our affiliates. We may share information within the Gimbal family of companies.

With third party data processors. We may share your information with agents, service providers, vendors, contractors, or affiliates who process the data on our behalf. These companies are authorized to use your personal information only as necessary to provide these services to us.

As required by law or as necessary to exercise our legal rights. We may share your information as required by law, such as to comply with a subpoena, bankruptcy proceeding, or similar legal process when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others. Also, we may also share your information in the interest of protecting or exercising our or others’ legal rights, e.g., without limitation, in connection with requests from law enforcement officials, to investigate fraud, to respond to a government request and in connection with court proceedings. In certain situations, Gimbal may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In the aggregate or after de-identification. We may also share with third parties, such as advertisers, aggregated or de-identified and anonymous information that cannot reasonably be used to identify you.

In the event that Gimbal or substantially all of its assets are acquired, sold or subject to merger, your personal information may be one of the transferred assets. You will be notified via a prominent notice on the Gimbal Site of any change of ownership, uses of your personal information, and choices you may have regarding your personal information.

Information You Choose to Share with Third Parties Our services may include third party links, integrations, or a co-branded or third-party-branded service that’s being provided jointly with or by another company. By going to those links, using the third party integration, or using a co-branded or third party-branded service, you may be providing information (including personal information) directly to the third party, us, or both. You acknowledge and agree that we are not responsible for how those third parties collect or use your information. We encourage you to review the privacy policies of every third party website or service that you visit or use, including those third parties you interact with through our services.

We may also disclose your personal information to any other third party but only with your prior consent

4. How Long We Keep Information

We retain information for only as long as it is necessary to:

• Provide products and services to you and others;

• Perform or fulfill our contractual obligations;

• Comply with our legal obligations;

• Resolve disputes; and

• Enforce our agreements.

By default, we store information on your device for up to sixty days and on our servers for up to two years. You may shorten these time periods by selecting the delete option in the Privacy Controls center in Gimbal.

5. Access

Gimbal acknowledges that you have the right to access your personal information.  As regards third party applications, Gimbal has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to our Client (the data controller). If requested to remove data, we will respond within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.

6. Mobile Applications

When you download and use our mobile application(s), we automatically collect information on the type of device you use, operating system version, information about the application permissions (e.g., deliver notifications, use location services, use bluetooth), the status of the Gimbal SDK, end user submitted data, location fixes and the device advertising identifier (e.g., a Google Advertising ID for Android Applications or an Apple Advertising Identifier (IDFA) for iOS Applications).

We collect your location based information for the purpose of tracking beacon information in your area (e.g. location and proximity to beacons and geofences to determine entry or exit of locations and correlating Gimbal unique identifies and advertising identifiers to locations).

We may share your geo-location data with third parties for the purpose of providing them with analytical insights (e.g. information in the aggregate or on a de-identified basis about the end user device, the status of the Gimbal SDK, information about the application permissions) or to enable them to serve you ads. If you do not wish to allow us to share your information in this manner, please opt-out by contacting us at privacy [at] gimbal [dot] com. You may opt-out of location based services at any time by editing the setting at the device level or by emailing us at privacy [at] gimbal [dot] com.

We use mobile analytics software to allow us to better understand the functionality of our Mobile Software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.

Your Choices & Privacy Protections

Resetting Your Data ID. Where available, you may reset the unique ID randomly generated by Gimbal servers for each install of the Software on the device by selecting that option in the third party application settings. Please note, however, resetting the unique ID does not affect the information that was previously shared with the third party application. Please refer to the privacy policies of the third party application to better understand their privacy practices.

Safeguarding Your Data. To protect your privacy, we limit the amount of data that is sent to our servers. We take reasonable safeguards to help protect your personal information that we store on your device and that we transmit to our servers. If you have any questions about the security of your personal information, you may contact us at privacy [at] gimbal [dot] com.

Transferring Your Data Across Borders. We may transfer your personal information outside your country of residence to countries or jurisdictions where we have facilities or to engage third parties to provide services to us for the purposes outlined in this Privacy Policy. Information collected within the European Economic Area (“EEA”) may, for example, be transferred to countries outside of the EEA. Such countries may not have the same level of data protection as within your country. If we do make such a transfer, we will use commercially reasonably efforts to ensure your personal information is protected.

Information of Minors

We do not knowingly solicit or collect personal information from or about children under 13 years of age, and we do not knowingly market Gimbal products or services to children.

California’s “Shine the Light” Law

We acknowledge that California’s “Shine the Light” law permits California residents to annually request and obtain information free of charge about what personal information is disclosed to third parties for direct marketing purposes in the preceding calendar year. Without your consent, we do not distribute your personal information to outside parties for their direct marketing, or any other purpose, except as provided for in this Privacy Policy.

Changes to This Privacy Policy

Gimbal may change this Privacy Policy from time to time. Gimbal encourages you to periodically review this page for the latest information on Gimbal privacy practices. You will be deemed to have acknowledged and accepted any such changes by your continued use of the Gimbal Site and/or Gimbal Technology after the effective date. As required by law, Gimbal will provide you with notice prior to any changes becoming effective.

Contact Us.

Please feel free to contact Gimbal with any comments, questions, or suggestions you may have regarding the privacy practices. You may contact Gimbal by email at privacy [at] gimbal [dot] com, or writing to Gimbal at:

Gimbal, Inc.

Attn: General Counsel

11010 Roselle St, Ste 150

San Diego, California, USA, 92121

Effective. September 29, 2016