Effective Date: July 2021
Welcome to Gesso -- the app that allows you to experience location based audio from Gesso, Inc. ("Gesso," "we," "us" or "our").
The Service allows users to experience audio content connected to locations by using Gesso’s location based audio experiences.
USE OF INFORMATION
Information You Provide to Us: We collect information you directly give us. For example, we collect information about you when you sign up for our Service, participate in any interactive features of the Service, fill out a form, give feedback, ideas or submissions about the Service, communicate with us via third party social media sites, request customer support or otherwise communicate with us. The types of information we may collect include your email address, location information and any other information you choose to provide. For information as to how to restrict the collection of contact information, please see the "Your Choices" section below. If you choose not to provide certain information, we may not be able to provide the Service to you or certain features of the Service may be unavailable or work differently.
Financial Information: Although it may appear that we collect financial information from you on the Service, it is actually collected and processed through a third party service provider (“Payment Processor”) to process payments for the Service and any donations through the Service. The Payment Processor may collect financial information such as banking information or credit card number, name, CVV code or date of expiration, from you on the Service. We do not hold your financial information.
Information We Collect Automatically When You Use the Service: When you access or use our Service, we automatically collect certain information about you. This information includes:
Log Information: We log information about your use of the Service, including the type of device you use, access times, IP address, pages viewed, and the page you visited before navigating to our Service. We use this information for analytic and product improvement purposes.
Device Information: We collect information about the mobile device you use to access our Service, including the hardware model, operating system and version, unique device identifiers and mobile network information. We use this information for analytic and product improvement purposes.
Location Information: We collect information about the location of your device each time you access or use the App. For more details, please see "Your Choices" below.
Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, and this may include cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory. Web beacons (also known as "tracking pixels") are non-visible electronic images. These technologies are used for analytic and product improvement purposes, such as seeing which areas and features of our Service are popular and determining whether an email has been opened and acted upon. For more information about cookies, and how to disable them, please see "Your Choices" below.
Information We Collect From Other Sources: We may also obtain information from other sources and combine that with information we collect through our Service. For example, if you create or log into your account through a social media site like Facebook or Twitter, we will have access to certain information from that site, such as your name, account information and friends lists, in accordance with the authorization procedures determined by these social media sites.
USE OF INFORMATION
We may use information about you for various purposes, including to:
Provide, deliver, maintain, test and improve our Service;
Send you technical notices, updates, confirmations, security alerts and support and administrative messages;
Create and maintain your account so that you may use the Service;
Respond to your comments, questions and requests and provide customer service;
Communicate with you about products, services, offers, promotions, rewards and events offered by Gesso and others, and provide news and information we think will be of interest to you;
Paying for the Service, and/or making donations, through our Payment Processor, which handles all of the collection and processing of your payment information.
Monitor and analyze trends, usage and activities in connection with our Service and improve and personalize the Service;
Detect, investigate and prevent any suspected breaches of our Terms of Service; and
Link or combine with information we get from others to help understand your needs and provide you with better service.
Gesso is based in the United States, and the information we collect is governed by US law.
By accessing or using the Service or otherwise providing information to us, you consent to the processing and transfer of information in and to the US and other countries.
SHARING OF INFORMATION
With vendors, consultants and other service providers who need access to such information to carry out work on our behalf, including to allow the Service to function;
In response to a request for information if we believe disclosure is in accordance with any applicable law, regulation or legal process, or as otherwise required by any applicable law, rule or regulation;
If we believe your actions are inconsistent with the spirit or language of our user agreements, Terms of Service, or policies, or to protect the rights, property and safety of Gesso or others; and
With your consent or at your direction, including if we notify you through the Service that the information you provide will be shared in a particular manner and you provide such information.
We may transfer your PII to a third party, or our successor-in-interest, in relation to, or in the event of, a merger, acquisition, sale of all or substantially all of our assets, reorganization, bankruptcy, or other change of control. After such disclosure or transfer, the third party or successor in interest may use the information in accordance with applicable law.
Finally, we may also share aggregated or anonymized information that does not directly identify you with others, including affiliated and un-affiliated entities.
STORING AND PROTECTING YOUR INFORMATION
After receiving your personal information, we will store it on our servers for future use. We have physical, electronic, and managerial procedures in place to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect. Unfortunately, no data transmission over the internet or data storage solution can ever be completely secure. As a result, although we take industry-standard steps to protect your information, we cannot ensure or warrant the security of any information you transmit to or receive from us or that we store on our or our service providers' systems.
If you are visiting the Site from outside of the USA, you understand that your connection may be through and to servers located in the USA, and therefore may be subject to the laws of the United States. The information you provide will be securely stored in our servers and internal systems located within one or more of the following countries: the USA; Ireland; and the United Kingdom.
We retain and store your PII until you request us to remove it from our servers. We store our logs and other technical records indefinitely.
We also use the Firebase service from Google in order to derive application behavioral analytics, we use that information to see how users interact with our Site and App. Firebase is part of the Google Cloud Platform and offers a number of services for developers, and we use Crashlytics in our Service. Crashlytics is used to gain insight as to what causes crashes within the App, to notify you in the event of a crash, and to help us debug the issue causing a crash using your unique user identifier, which will be deleted 90 days after the crash occurs.
For more information on how Google uses data when you use our Site, App, or Service, please follow this link: https://policies.google.com/technologies/partner-sites. You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at, https://tools.google.com/dlpage/gaoptout. For more information about interest-based ads, or to opt-out of having your web browsing information used for behavioral advertising purposes, please visit http://optout.aboutads.info.
The Service may also use MixPanel, provided by Mixpanel, Inc., One Front Street, 28th Floor, San Francisco, California 94111 (“Mixpanel”) to collect and process certain analytics data. More information about MixPanel’s data practices may be found online at https://mixpanel.com/privacy/. You may be able to opt-out of some, or all, of MixPanel analytics here, to https://mixpanel.com/optout/.
When you first launch the App, you will be asked to consent to Gesso’s collection of location information. We require this location information in order for the App to function as designed.
If you consent to our collection of location information, you may subsequently stop the collection of this location information at any time by pausing location tracking from within the application settings menu, or by changing the location preferences on your mobile device. However, if you stop the collection of this location information, the App can no longer function as intended.
If you consent to our collection of location information and you do not subsequently stop the collection of this location information, the App will continue to collect this location information.
If you consent to our collection of location information, subsequently stop the collection of this location information and later consent to the collection of this location information, the App will resume the collection of location information.
You may also stop our collection of location information by following the standard uninstall process to remove the App from your device.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of the Service.
Push Notifications and Alerts
With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.
You may opt out of receiving promotional communications from Gesso by following the instructions in those communications or by changing your notification settings in the application settings menu. If you opt out, we may still send you non-promotional communications, such as those about your account or our ongoing business relations.
COLLECTION OF INFORMATION BY OTHERS
‘EEA’ PRIVACY RIGHTS
If you currently reside in the EEA, the GDPR applies to your PII and you are a Data Subject. The GDPR requires that we, in our capacity as a Controller, have a legal basis to process your PII.
We process your PII under one or more of the following legal bases:
Processing is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
For the performance of a contract (e.g., our Terms of Service);
To comply with a legal obligation; and/or
If we have your consent to do so, such consent capable of being revoked at any time.
Under the GDPR, as a Data Subject you have certain rights. They are:
The right to be informed. This is your right to be informed about what we are processing, why, and who else the data may be passed to.
The right of access. This is your right to see what data about you is held by us.
The right to rectification. This is the right to have your data corrected or amended if what is held is incorrect in some way.
The right to be forgotten. This is the right to have your personal data to be deleted in the event that such data is no longer required for the purposes it was collected for, your consent for the processing of the data is withdrawn, or the data is being unlawfully processed.
The right to restrict processing. This is the right to ask for a temporary halt to processing of your personal data, such as in the case where a dispute or legal case has to be concluded, or the data is being corrected.
The right to data portability. This is the right to ask for your personal data to be provided to you in a structured, commonly used, and machine-readable format.
The right to object. This is the right to object to further processing your personal data if such processing is inconsistent with the primary purposes for which it was collected.
Rights in relation to automated decision making and profiling. This is the right to not be subject to a decision based solely on automated processing. The Service does not engage in automated decision making and profiling.
CHILDREN AND YOUNG PEOPLE’S INFORMATION
We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the GDPR, the Children's Online Privacy Protection Act (“COPPA”), and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about this Site, wish to find out if your child has accessed our services, or wish to remove your child's personal information from our servers, please contact us at email@example.com. Our Site will not knowingly accept personal information from anyone under 13 years old in violation of applicable laws, without consent of a parent or guardian. In the event that we discover that a child under the age of 13 has provided PII to us, we will make efforts to delete the child’s information in accordance with the COPPA. If you believe that your child under 13 has gained access to our Site without your permission, please contact us at firstname.lastname@example.org.
CALIFORNIA PRIVACY RIGHTS
California law allows California residents to request information regarding our disclosures to third parties in the prior calendar year, if any, of their personally identifiable information. To make such a request, please contact us at email@example.com with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty (30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure only includes information covered by the law.