Privacy Policy

Effective Date: July 2021

 

Welcome to Gesso -- the app that allows you to experience location based audio from Gesso, Inc. ("Gesso," "we," "us" or "our").

 

This Privacy Policy explains how we collect, use and disclose information about you when you use our mobile application (the "App"), our website, https://www.gesso.app/, (the "Site"), the associated services, data, information, tools, functionality, updates and other online products, materials, and services that we provide (collectively, the "Service") or when you otherwise interact with us. By using the Service, you consent to our collection, use and disclosure of your personal information as described in this Privacy Policy.

 

By using the Service, you hereby consent to allow us to process information in accordance with this Privacy Policy. Please also refer to our Terms of Service, available here https://www.gesso.app/terms, which are incorporated as if fully recited herein. Terms defined in the Terms of Service that are not defined herein shall have the same definition as in the Terms of Service.

 

The Service allows users to experience audio content connected to locations by using Gesso’s location based audio experiences.

 

We may change this Privacy Policy from time to time. If we make changes, we will notify you by posting the revised Privacy Policy on the Service and, in some cases, we will provide you with additional notice (such as adding a statement to our homepage or sending you an email notification). We encourage you to review the Privacy Policy periodically to stay informed about our practices and the ways you can help protect your privacy.  Please refer to the “Effective Date” above to see when this Privacy Policy was last updated.

 

TERRITORIALITY

 

Regardless of where our servers are located, your personal data may be processed by us in the United States, where data protection and privacy regulations may or may not be to the same level of protection as in other parts of the world. In all instances in this Privacy Policy, “our servers” means servers that we own or on which the Service is hosted, or which are otherwise utilized by the Service.  BY VISITING THE SITE AND USING THE SERVICE, YOU UNEQUIVOCALLY AND UNAMBIGUOUSLY CONSENT TO THE COLLECTION AND PROCESSING IN THE UNITED STATES OF ANY INFORMATION COLLECTED OR OBTAINED BY US THROUGH VOLUNTARY SUBMISSIONS, AND, TO THE EXTENT POSSIBLE, THAT U.S. LAW GOVERNS ANY SUCH COLLECTION AND PROCESSING.

This Privacy Policy may be subject to the provisions of the EU General Data Protection Regulation ("EU GDPR"), the UK General Data Protection Regulation (“UK-GDPR”, and together with the EU GDPR, the “GDPR”), and other applicable privacy laws. Under the GDPR, Gesso is a data “Controller”. If you are an individual who resides in the United Kingdom, Northern Ireland, the European Union, or Switzerland (collectively, and for the purposes of this Privacy Policy, the “EEA”), you are a “Data Subject” with certain protected privacy rights concerning your “Personal Data.”  We will take commercially reasonable steps to maintain compliance with GDPR. Your Personal Data may identify you as a person, and thus may be referred to in this Privacy Policy as Personally Identifiable Information ("PII").

 

USE OF INFORMATION

 

Information You Provide to Us: We collect information you directly give us. For example, we collect information about you when you sign up for our Service, participate in any interactive features of the Service, fill out a form, give feedback, ideas or submissions about the Service, communicate with us via third party social media sites, request customer support or otherwise communicate with us. The types of information we may collect include your email address, location information and any other information you choose to provide. For information as to how to restrict the collection of contact information, please see the "Your Choices" section below. If you choose not to provide certain information, we may not be able to provide the Service to you or certain features of the Service may be unavailable or work differently.

 

Financial Information: Although it may appear that we collect financial information from you on the Service, it is actually collected and processed through a third party service provider (“Payment Processor”) to process payments for the Service and any donations through the Service.  The Payment Processor may collect financial information such as banking information or credit card number, name, CVV code or date of expiration, from you on the Service.  We do not hold your financial information.

 

Information We Collect Automatically When You Use the Service: When you access or use our Service, we automatically collect certain information about you. This information includes:

 

  • Log Information: We log information about your use of the Service, including the type of device you use, access times, IP address, pages viewed, and the page you visited before navigating to our Service. We use this information for analytic and product improvement purposes.

 

  • Device Information: We collect information about the mobile device you use to access our Service, including the hardware model, operating system and version, unique device identifiers and mobile network information. We use this information for analytic and product improvement purposes.

 

  • Location Information: We collect information about the location of your device each time you access or use the App. For more details, please see "Your Choices" below.

 

  • Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, and this may include cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory. Web beacons (also known as "tracking pixels") are non-visible electronic images. These technologies are used for analytic and product improvement purposes, such as seeing which areas and features of our Service are popular and determining whether an email has been opened and acted upon. For more information about cookies, and how to disable them, please see "Your Choices" below.

 

Information We Collect From Other Sources: We may also obtain information from other sources and combine that with information we collect through our Service. For example, if you create or log into your account through a social media site like Facebook or Twitter, we will have access to certain information from that site, such as your name, account information and friends lists, in accordance with the authorization procedures determined by these social media sites.

 

USE OF INFORMATION

 

We may use information about you for various purposes, including to:

 

  • Provide, deliver, maintain, test and improve our Service;

 

  • Send you technical notices, updates, confirmations, security alerts and support and administrative messages;

 

  • Create and maintain your account so that you may use the Service;

 

  • Respond to your comments, questions and requests and provide customer service;

 

  • Communicate with you about products, services, offers, promotions, rewards and events offered by Gesso and others, and provide news and information we think will be of interest to you;

 

  • Paying for the Service, and/or making donations, through our Payment Processor, which handles all of the collection and processing of your payment information.

 

  • Monitor and analyze trends, usage and activities in connection with our Service and improve and personalize the Service;

 

  • Detect, investigate and prevent any suspected breaches of our Terms of Service; and

 

  • Link or combine with information we get from others to help understand your needs and provide you with better service.

 

Gesso is based in the United States, and the information we collect is governed by US law.

 

By accessing or using the Service or otherwise providing information to us, you consent to the processing and transfer of information in and to the US and other countries.

 

SHARING OF INFORMATION

 

We may share information about you as follows or as otherwise described in this Privacy Policy:

  • With vendors, consultants and other service providers who need access to such information to carry out work on our behalf, including to allow the Service to function;

  • In response to a request for information if we believe disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, rule or regulation;

  • If we believe your actions are inconsistent with the spirit or language of our user agreements, Terms of Service, or policies, or to protect the rights, property and safety of Gesso or others; and

  • With your consent or at your direction, including if we notify you through the Service that the information you provide will be shared in a particular manner and you provide such information.

 

We may transfer your PII to a third party, or our successor-in-interest, in relation to, or in the event of, a merger, acquisition, sale of all or substantially all of our assets, reorganization, bankruptcy, or other change of control.  After such disclosure or transfer, the third party or successor in interest may use the information in accordance with applicable law.

 

Finally, we may also share aggregated or anonymized information that does not directly identify you with others, including affiliated and un-affiliated entities.

 

STORING AND PROTECTING YOUR INFORMATION

 

After receiving your personal information, we will store it on our servers for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect.  Unfortunately, no data transmission over the internet or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information, we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers' systems.

 

If you are visiting the Site from outside of the USA, you understand that your connection may be through and to servers located in the USA, and therefore may be subject to the laws of the United States.  The information you provide will be securely stored in our servers and internal systems located within one or more of the following countries: the USA; Ireland; and the United Kingdom.

 

We retain and store your PII until you request us to remove it from our servers. We store our logs and other technical records indefinitely.

 

ANALYTICS SERVICES

 

We allow other entities to provide analytics services in connection with the Service. These entities may use cookies, web beacons and other technologies to collect information about your use of the Service and other websites, including your IP address, web browser, pages viewed, time spent on pages, links clicked and conversion information. We and other entities may use this information to, among other things, analyze and track data, determine the popularity of certain content, personalize the user experience, and better understand your activity.  Some of the entities that provide analytics services for our Service include Google Analytics, Mixpanel, and Firebase.

 

Our Service uses Google Analytics, provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 (“Google”).  Google Analytics uses cookies and similar technologies to collect and analyze information about use of the Services and report on activities and trends.  This service may collect information regarding the use of other websites, apps and online resources. 

 

We also use the Firebase service from Google in order to derive application behavioral analytics, we use that information to see how users interact with our Site and App.  Firebase is part of the Google Cloud Platform and offers a number of services for developers, and we use Crashlytics in our Service.  Crashlytics is used to gain insight as to what causes crashes within the App, to notify you in the event of a crash, and to help us debug the issue causing a crash using your unique user identifier, which will be deleted 90 days after the crash occurs.

 

For more information on how Google uses data when you use our Site, App, or Service, please follow this link: https://policies.google.com/technologies/partner-sites.  You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at, https://tools.google.com/dlpage/gaoptout.  For more information about interest-based ads, or to opt-out of having your web browsing information used for behavioral advertising purposes, please visit http://optout.aboutads.info.

 

The Service may also use MixPanel, provided by Mixpanel, Inc., One Front Street, 28th Floor, San Francisco, California 94111 (“Mixpanel”) to collect and process certain analytics data. More information about MixPanel’s data practices may be found online at https://mixpanel.com/privacy/. You may be able to opt-out of some, or all, of MixPanel analytics here, to https://mixpanel.com/optout/.

 

YOUR CHOICES

 

Location Information

When you first launch the App, you will be asked to consent to Gesso’s collection of location information. We require this location information in order for the App to function as designed.

 

If you consent to our collection of location information, you may subsequently stop the collection of this location information at any time by pausing location tracking from within the application settings menu, or by changing the location preferences on your mobile device. However, if you stop the collection of this location information, the App can no longer function as intended.

 

If you consent to our collection of location information and you do not subsequently stop the collection of this location information, the App will continue to collect this location information.

 

If you consent to our collection of location information, subsequently stop the collection of this location information and later consent to the collection of this location information, the App will resume the collection of location information.

You may also stop our collection of location information by following the standard uninstall process to remove the App from your device.

 

Account Information

If you wish to delete your account, contact us at . Note that we may retain certain information as required by law or for legitimate business purposes as may be necessary to fulfill the purposes identified in this Privacy Policy. We may also retain cached or archived copies of information (including, location information) about you for a certain period of time.

 

Cookies

Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of the Service.

 

Push Notifications and Alerts

With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.

 

Promotional Communications

You may opt out of receiving promotional communications from Gesso by following the instructions in those communications or by changing your notification settings in the application settings menu. If you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.

 

COLLECTION OF INFORMATION BY OTHERS

For your convenience, our Terms of Service may provide links, and that you may access through our Service, to certain third party websites and services. When you leave our Service, please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.  We are not responsible for the privacy practices of such other sites.  This Privacy Policy applies solely to information collected by Gesso through the Service.

 

‘EEA’ PRIVACY RIGHTS

 

If you currently reside in the EEA, the GDPR applies to your PII and you are a Data Subject.  The GDPR requires that we, in our capacity as a Controller, have a legal basis to process your PII.  

 

  1. We process your PII under one or more of the following legal bases: 

 

  • Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; 

  • For the performance of a contract (e.g., our Terms of Service); 

  • To comply with a legal obligation; and/or

  • If we have your consent to do so, such consent capable of being revoked at any time.

 

  1. Under the GDPR, as a Data Subject you have certain rights. They are:

 

  • The right to be informed. This is your right to be informed about what we are processing, why, and who else the data may be passed to.

  • The right of access. This is your right to see what data about you is held by us.

  • The right to rectification. This is the right to have your data corrected or amended if what is held is incorrect in some way.

  • The right to be forgotten. This is the right to have your personal data to be deleted in the event that such data is no longer required for the purposes it was collected for, your consent for the processing of the data is withdrawn, or the data is being unlawfully processed.

  • The right to restrict processing. This is the right to ask for a temporary halt to processing of your personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.

  • The right to data portability. This is the right to ask for your personal data to be provided to you in a structured, commonly used, and machine-readable format.

  • The right to object. This is the right to object to further processing your personal data if such processing is inconsistent with the primary purposes for which it was collected.

  • Rights in relation to automated decision making and profiling. This is the right to not be subject to a decision based solely on automated processing. The Service does not engage in automated decision making and profiling. 

 

You can find instructions for enforcing some of these rights elsewhere in this Privacy Policy. Otherwise, if you wish to find out more about these rights, please contact us at hello@gesso.app.

 

CHILDREN AND YOUNG PEOPLE’S INFORMATION

 

We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, the Children's Online Privacy Protection Act (“COPPA”), and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about this Site, wish to find out if your child has accessed our services, or wish to remove your child's personal information from our servers, please contact us at hello@gesso.app. Our Site will not knowingly accept personal information from anyone under 13 years old in violation of applicable laws, without consent of a parent or guardian. In the event that we discover that a child under the age of 13 has provided PII to us, we will make efforts to delete the child’s information in accordance with the COPPA. If you believe that your child under 13 has gained access to our Site without your permission, please contact us at hello@gesso.app.

 

CALIFORNIA PRIVACY RIGHTS

 

California law allows California residents to request information regarding our disclosures to third parties in the prior calendar year, if any, of their personally identifiable information. To make such a request, please contact us at hello@gesso.app with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.

 

CONTACT US


If you have any questions or concerns about this Privacy Policy or any privacy issues, please email us at hello@gesso.app.