Gain GDPR compliance
The General Data Protection Regulation (GDPR) is an EU law regulation that took effect on May 25, 2018. GDPR addresses data protection and privacy for all individuals within the European Union and any European citizen living abroad. For more information on GDPR, click here.
This article is a summary to help answer any questions you have about your experience with Gain. We are committed to maintaining our users’ privacy rights and giving them more control and transparency with their data.
When do we collect personal data?
Personal Data means any information relating to an identified or identifiable natural person, such as name and last name, home address, identification number, location data, IP address, etc. Sensitive Personal Data means any information consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health, or data concerning a natural person's sex life or sexual orientation.
We are committed to maintaining our users’ privacy and protection. Thus we will never knowingly collect or ask for Sensitive Personal Data from you.
We collect Personal Data when:
- You provide it directly to us.
- Third parties such as our service providers (e.g., companies with whom we integrate our Service), provide us with Personal Data about you.
- Personal Data about you is automatically collected in connection with your use of our Service.
When we have no legitimate business need to process your Personal Data, we will either delete or anonymize it. In the limited circumstances where this is impossible, we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
We collect the following Personal Data from you in connection with the Service:
- Contact and User Account Information: information we collect to contact you and identify you in the system, such as your first and last name, physical address, email address, telephone number, profile picture, password, and mobile device identification.
- Company Information: information you provide about companies or organizations you work with/for, such as the company or brand name, website, logo, and social media accounts.
- Financial Account Information: information that you provide connected with your purchase of the Service, including credit card number, credit card expiration date, credit card verification code, bank account number, bank account title, bank name, and routing number.
- Transaction Information: Information related to transactions you conduct on the Service, such as purchases, interactions with customer support, or when you register for a demo or webinar.
- User Content: to the extent that you choose to input Personal Data as part of such content, images, comments, and other content you post to or through the Service.
- Data Collected Automatically: this may include your IP address, device or browser type, general geographic location (e.g., country or city-level location), and information about how your device has interacted with our Service, including the pages/content accessed, mouse movements and links clicked.
We use this Personal Data for the following purposes:
- To operate and improve the Service
- To provide customer support and assistance
- To monitor the use of the Service to ensure reliability, uptime, security, and fraud prevention.
- To learn more about our users and their behavior in the Service.
- Send you reminders, technical notices, administrative messages, announcements, newsletters, or marketing material through email or other means.
- To evaluate offers, products, or services that may be of interest to users or customers. Target offers, products, or services to users or customers
Your Data Protection Rights
We will only collect Personal Data, where we have your consent to do so. We have extended the following data protection rights to all users of our Service, including members of the European Union/ European Economic Area under GDPR:
- You have the right to access, correct, or update your Personal Data at any time.
- You have the right to withdraw consent to us processing your Personal Data at any time.
- You have the right to request a full copy of all your Personal Data we have collected at any time.
- You have the right to request us to delete all your Personal Data we have collected at any time.
- You have the right to request that we port your data in a machine-readable format to a new provider if you meet the qualifications outlined in Article 20, Recital 68 of the GDPR.
- You have the right to object to the use of your data for direct marketing purposes, use of personal data based on particular public interests or exercise of official authority, and use of Personal Data for research and statistical purposes.
To requests any of the above, please contact us at firstname.lastname@example.org. We will acknowledge and complete your request within 30 days.
Note: Some of these requests may prohibit your continued use of Gain.
In addition to requests to access data and deletion of all your Personal Data:
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you or by turning off this option in the settings area of your Account.
- You have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.
- You have a right to be notified of any severe breaches to your Personal Data no later than 72 hours after becoming aware of such a breach.