UserGems Privacy Notice
Thank you for your interest in UserGems! This Privacy Notice explains how information relating to an identified or identifiable natural person (“personal information”) is collected, used, disclosed, and otherwise processed by UserGems in connection with our website and services, and the rights and choices you have with respect to your personal information. This Privacy Notice applies to the personal information we collect and use for our own purposes (i.e., as a “data controller”).
When we use the terms “UserGems”, “we”, “us”, or “our” in this Privacy Notice, we are referring to ShelfFlip, Inc. dba UserGems.
If you have you not heard from us before, and are you wondering why you received this notice, please click here: WHAT PERSONAL INFORMATION WE COLLECT AND HOW WE COLLECT IT.
We may need to change this Privacy Notice from time to time as our processing activities and applicable laws change. We will post any changes we make to this Privacy Notice on this page and, where appropriate, we will provide you with reasonable notice of any material changes before they take effect or as otherwise required by law. The date the Privacy Notice was last updated is identified at the top of this page.
Table of Contents
- SCOPE AND APPLICABILITY
- PERSONAL INFORMATION WE COLLECT AND HOW WE COLLECT IT
- WHY WE COLLECT YOUR PERSONAL INFORMATION
- WHY WE SHARE PERSONAL INFORMATION
- NECESSARY INFORMATION FOR SERVICES
- RETENTION
- SECURITY
- YOUR CHOICES
- ADDITIONAL NOTICE FOR CALIFORNIA RESIDENTS
- ADDITIONAL NOTICE FOR NEVADA RESIDENTS
- ADDITIONAL NOTICE FOR EUROPEAN RESIDENTS
- CONTACT US
1. SCOPE AND APPLICABILITY
UserGems as a Data Controller.
For purposes of data protection laws,
ShelfFlip, Inc. dba UserGems
Attn: Privacy Officer
2443 Fillmore Street #380-3416
San Francisco, CA 94115
privacy@usergems.com
is the “data controller” and is thus generally responsible for and controls the processing of your personal information collected when you use our Website and our Services as a non-paying user (“FREE USER”).
When we use the term “Services”, we are referring to the "Meeting Assistant", a business service where we provide daily summaries on all daily events and background information on persons that are attending meetings with our users, and the "Email Assistant", a business service where we obtain information about the contacts of our users from their email communications and enrich them in order to find the most promising leads.
When we use the term "Website", we are referring to https://www.usergems.com/ and its subsites as well as any other website that links to this Privacy Notice.
UserGems as a Data Processor.
When providing our Services to our subscription customers (“Customers”) we process personal information on their behalf (“Customer Data”). In such instances, UserGems acts as a “data processor” (or similar term under applicable laws), and only process such Customer Data on behalf and under the instruction of the Customer, who is the data controller. This Privacy Notice does not apply when we are acting as a data processor, If you are an individual who uses a Customer’s instance of our Services, then except as otherwise noted in this Privacy Notice, the processing of your personal information will be subject to the Customer’s privacy practices, and you should contact that Customer for assistance with any requests or questions relating to the processing of your personal information. the privacy notice of the respective subscription customer applies if their processing concerns your personal information.
Children. Third Party Services.
Our Services are integrated to third party services, and the Services and Website may contain links to third party websites, including those of our business partners. By interacting with these third parties, you are providing information directly to the third party and not UserGems. This Privacy Notice does not apply to those third party services. Please note that UserGems is not responsible for the privacy practices of these third parties or any entity that it does not own or control. We encourage you to review the privacy notices and online terms of those third parties to learn more about how they handle your personal information.
2. PERSONAL INFORMATION WE COLLECT AND HOW WE COLLECT IT
When you interact with us, or you come in contact with one of our users, we are collecting personal information about you as described below.
A. Personal Information You Provide
We may collect the following personal information you provide in connection with our Services and our Website:
- Account Creation and Profile Information for a UserGems Account. We may collect personal information that you provide when you register for an account with us. This information includes your email, name and company name.
- Payment and Transaction Information. If you sign up for one of our Services requiring payment, we collect the information provided in connection with such payment. Please note, that we use third party payment processors to process payments made to us. As such, all such information is provided directly by you to our third-party processor. The payment processor’s use of your personal information is governed by their privacy notice. We will only receive the last 4 digits of the credit card number along with transaction-related information (i.e., payment date, amount, etc.). If custom billing is arranged, the account contact’s name, email, job title, company and address may be collected as well.
- Communications. When you contact us through any method of communications, including for “Support” functions or you request a demo of the Services, we may collect your name, email address, type of inquiry, or any other personal information you choose to provide to us.
- Events, Surveys, Feedback and Promotions (including Webinars and Training Sessions). If you fill out any forms or otherwise provide your information to us in connection with UserGems events, surveys, or other promotional events as well as when you provide feedback to us, we may collect your contact information (such as your name, email, and phone number), your organization company, your job title, the office address and any other information you provide to us.
- Requesting a Demo Call. If you request a demo call on our Website, we will collect your contact information, and you may voluntarily tell us your company and how you have heard about us.
User Quotes and Customer Stories. If you decide to give us a quote to display at our Website, we will collect your name, title, company, picture, the content of your quote and some additional information you may give us, such as the increase in your ROI.
B. Personal Information You Provide
We and our third-party providers and partners collect certain personal information automatically, or subject to your consent depending upon the applicable law, when you use our Services and our Website:
- When you use our Website or interact with our emails. When you use our Website or receive, open or otherwise interact with our emails, we may collect the following types of personal information:
- Log Data. Including your internet protocol (IP) address, operating system, browser details such as type, ID, and configuration, unique identifiers, device type and version, the referring URL, date/time of your usage, the time you spent on our Service and any errors that may occur during your visit to our Service.
- Analytics Data. Including the electronic path you take to our Services, through our Services and when exiting our Services, UTM source, as well as your usage and activity on our Services, such as the time zone, activity information (first and last active date and time), and usage history.
- Location Data. When you use our Services or visit our Website, we estimate your general geographic location based on the IP address we collect.
- Live Chat on our Website. When you use the live chat offered on our Website, we will collect information you voluntarily provide to us.
- Cookies. On our Website, we may use cookies and other tracking technologies such as pixels and Local Storage Objects (LSOs) like HTML5 (together "Cookies"). Our processing activities in connection with Cookies, including information on the data collected and the purposes of use, and your choices, are set out in our Cookie Notice.
- Meeting Assistant – Free Users
- Free Users’ Data. When you use our Meeting Assistant as a free user, you will provide your affirmative agreement for us to access your Google Calendar. We will then get access to your meetings via Google API. We will scan these meetings automatically and we will collect the time and date as well as the participants of your meetings. We will also collect "opportunity records" which means details about deals, including which accounts they are for, who the parties involved are and the amount of potential sales.
- Meeting Partners’ Data. We collect data about the meeting partners from the calendar of our users when you participate in or are invited to a meeting together with a free user of our Meeting Assistant. To do this, the free user will grant us access to its Google Calendar and we will automatically scan the meetings of the relevant free user to extract business related information. We will collect your name, phone number, email address, company name and address, meetings you have been invited to and your attendance to meetings, as well as other participants of those meetings. Please note that this privacy notice does not apply to you if you are a meeting partner of one of our paid users.
- Meeting Assistant - Customers
- When you use our Meeting Assistant as a Customer (paying user), you will provide your affirmative agreement for us to access your Google Calendar. We may then collect the same information as we do for the free users (see above), but only as far as this is strictly necessary to provide you with the Meeting Assistant service. We will only process the data to provide you with the Services.
- Email Assistant - Free Users
- When you use our Email Assistant, you will provide your affirmative agreement for us to access your Gmail account. We will then get access to your contact list and emails via Google API. We will scan these automatically and we will collect the further below specified contents of your email communication. We will collect information from the header and signature of emails, and only in case of out-of-office notifications also from the body of an email. We will only collect your name, title, company name, email address, and phone number as well as your IP-address. Please note, that during this process we automatically scan the whole contents of the emails in real time. As our Service is business facing, we do not collect information from emails sent via certain consumer-facing email-providers, such as Yahoo or Gmail. Please note, that access to your contact list and email communication may also be given to us by your employer.
- Correspondence Partners of our Free Users. When you write to or receive emails from a free user of our Email Assistant, or your information is contained in a free user's contact list, we will collect your name, title, company name, email address, and phone number. We will collect this information from the header and signature of the emails, and only in case of out-of-office notifications also from the body of an email. Please note, that during this process we automatically scan the whole contents of the emails as well as our free users' contact list in real time. As our Service is business facing, we do not collect information from emails sent via certain consumer-facing email-providers, such as Yahoo or Gmail. This Privacy Notice does not apply if you are a meeting partner of one of our Customers, and in such situations please visit the Customer’s privacy notice.
- Email Assistant - Customers. When you use our Email Assistant as a Customer, you will provide your affirmative agreement for us to access your Gmail account. We may then collect the same information as we do for the free users (described above), but only as far as this is strictly necessary to provide you with the Email Assistant service.
C. Personal Information from Other Sources and Third Parties
We may also obtain personal information from third parties, which we may combine with personal information we collect either automatically or directly from an individual. We may receive personal information from the following third parties:
- Other Users. If other users enter into a contractual relationship with us , they may provide us with your name, job title, email address by giving us access to your calendar, contact list and email communication.
- Social Media. We will collect your publicly accessible data on social networks, such as LinkedIn, process it and provide it to our users in the form of a report or updated contact information. The data we collect is dependent upon an individual’s privacy settings with the social network, but will usually include the full name, contact data (such as email, phone number), current and past company names, start and end dates of employment at different companies for the last seven years, department name, the number of your connections and business title. Individuals should always review and, if necessary, adjust their privacy settings on third-party websites and social media networks and services before sharing information and/or linking or connecting them to other services.
- Databases. We may enrich the information we have about you (e.g. your phone number) from other data providers, such as People Data Labs.
- Web Search and Websites. We may use Google to find your social media profiles and publicly available information about you on websites, such as your employers' website. We may collect information such as your name, contact data (such as email, phone number), current and past company names, start and end dates of employment at different companies for the last seven years, department name and business title. We may also use the Web search to validate information already stored in our database.
3. WHY WE COLLECT YOUR PERSONAL INFORMATION
We may use the personal information we collect for the following purposes:
- Performing our Services, i.e. providing enriched (value-add) information to our Users;
- Account and contract management (including customer support);
- Collect information about individuals to enrich and sell enriched information to our customers;
- Update the information already in our database;
- Communicate with you, including via email, text message, social media and/or telephone;
- Review our business performance and improve our Services, including by recognizing an individual and remembering their information when they return to our Services and analyzing our client-base;
- Process payment for our Services;
- Maintain and service our Website;
- Test, enhance, update and monitor the Services, or diagnose or fix technology problems;
- Help maintain the safety, security and integrity of our property and Services and Website, technology assets and business;
- Enforce our Terms of Service, resolve disputes, carry out our obligations and enforce our rights, and protect our business interests and the interests and rights of third parties;
- Prevent, investigate or provide notice of fraud or unlawful or criminal activity; and
- Comply with legal obligations.
We do not use your personal information for automated individual decision-making.
5. NECESSARY INFORMATION FOR SERVICES
When you have subscribed to our Services, we need certain personal information from you to be able to provide our Services to you. The categories of personal information that are necessary for this purpose are marked with an asterisk in the table below. In all other cases, we are able to provide our Services without processing the personal information. Please note, the quality of the Services will improve when we have more data. If you fail to provide us with necessary information, we will not be able to provide our Services to you, but you may still be required to pay us in accordance with the Terms of Service. If you are not one of our users and your data has thus been collected without your interaction, you may have the right to request that we delete your data. For more information on your rights, see the region-specific disclosures below.
Account Creation and Profile Information
- Email address*
- Password*
- Name*
- Company
- Access tokens (e.g. Salesforce, Outreach)
Creating and maintaining user account.
- Processing is necessary for the performance of a contract or prior to entering into a contract with you.
- When we have a contract with your employer, processing is based on our legitimate interest to perform our Services.
Contract Data Provided by Your Employer
- Name*
- Job title
- Email address*
- Signature
Creating and maintaining user account.
Our legitimate interest to perform our Services to your employer.
Payment and Transaction Information
- Last 4 digits of the credit card number*
- Transaction-related information (i.e., payment date, amount, etc.)
If custom billing is arranged:
- Account Contact’s Name*
- Email*
- Job title*
- Company
- Address
Processing of payments.
The processing is necessary for the performance of a contract or in anticipation of entering into a contract with you.
Communications with Us
- Name*
- Contact data (email address, mailing address, phone number, account ID)*
- Type of inquiry, or any other personal information you choose to provide to us*
Processing and responding to your inquiry.
- Our legitimate interest to answer your request and provide customer service, or
- The processing is necessary prior to entering into a contract with you.
Marketing and Advertising
- Name*
- Contact data* (such as email, phone, address)
Providing information about and advertising our products and services.
- Your consent, or
- Our legitimate interest to advertise and market similar products and services if you have ordered our products and services
Calendar Information if you use our Meeting Assistant as a FREE USER
- Name*
- Email*
- Meeting information (such as time*, date*, participants*/invitees*, title, communication used, agenda, attachments)
- Company name and address; and
- Deal details (accounts, persons involved, potential sales)
- Performing our Service, i.e. providing enriched (value-add) information to you and our other users.
- Collecting information about individuals to enrich and sell enriched information to our customers.
- Updating the information already in our database.
- Test, enhance, update and monitor the Services, or diagnose or fix technology problems.
- When we have a contract with you: The processing is necessary for the performance of a contract or prior to entering into a contract with you; or
- When we have a contract with your employer: Our legitimate interest to provide the Service to your employer and you as the user.
Calendar Information if you use our Meeting Assistant as a CUSTOMER
- Name*
- Email*
- Meeting information (such as time*, date*, participants*/invitees*, title, communication used, agenda, attachments)
- Company name and address
- Deal details (accounts, persons involved, amount of potential sales)
- Performing our Service, i.e. providing enriched (value-add) information to you.
- Test and monitor the Services or diagnose or fix technology problems.
- Develop new products and features
- When we have a contract with you, the processing is necessary for the performance of a contract or prior to entering into a contract with you. or
- When we have a contract with your employer, our legitimate interest to provide the Service to your employer and you as the user.
Email Assistant - FREE USER
- Name*;
- Contact data (such as phone number, email)*;
- Company name and address*;
- Contents of contact list (such as contact information, notes)*;
- Emails*, including content and header; and
- IP-address*
- Performing our Service, i.e. providing enriched (value-add) information to you and our other users.
- Collecting information about individuals to enrich and sell enriched information to our customers.
- Updating the information already in our database.
- Test, enhance, update and monitor the Services, or diagnose or fix technology problems.
- When we have a contract with you: The processing is necessary for the performance of a contract or prior to entering into a contract with you, or
- When we have a contract with your employer: Our legitimate interest to provide the Service to your employer and you as the user.
Email Assistant - CUSTOMER
- Name*
- Contact data (such as phone number, email)*
- Company name and address*
- Contents of contact list (such as contact information, notes)*
- Emails*, including content and header
- IP-address*
- Performing our Service, i.e. providing enriched (value-add) information to you.
- Test and monitor the Services or diagnose or fix technology problems.
- When we have a contract with you: The processing is necessary for the performance of a contract or prior to entering into a contract with you, or
- When we have a contract with your employer: Our legitimate interest to provide the Service to your employer and you as the user.
Data obtained from social media (e.g. LinkedIn)
- Name
- Contact data (such as phone number, email)
- Business title
- Company Name;
- Department Name
- Birthday
- Employment and educational history (such as current and previous position)
- Connections
- Performing our Service, i.e. providing enriched (value-add) information to our users.
- Collecting information about individuals to enrich and sell enriched information to our customers.
- Update the information already in our database.
- We process the number of connections to confirm the validity of the profile.
Our legitimate interest to provide our Services to our customers.
Data obtained from databases
Phone number
- Performing our Service, i.e. providing enriched (value-add) information to our users.
- Collecting information about individuals to enrich and sell enriched information to our customers.
- Update the information already in our database.
Our legitimate interest to provide our Services to our customers.
Web search and Websites
- Name
- Contact data (such as email, phone number)
- Current and past company names
- Start and end dates of employment at different companies for the last seven years
- Department name
- Business title
- Performing our Service, i.e. providing enriched (value-add) information to our users.
- Collecting information about individuals to enrich and sell enriched information to our customers.
- Update the information already in our database.
- Confirm validity of data obtained from other sources.
Our legitimate interest to provide our Services to our customers.
Combination of data obtained from different sources
All of the data obtained as explained above
- Performing our Service, i.e. providing enriched (value-add) information to our users.
- Collecting information about individuals to enrich and sell enriched information to our customers.
- Update the information already in our database.
Our legitimate interest to provide our Services to our customers.
Log Data if you use our Services
- Internet protocol (IP) address*
- Operating system*
- Browser details* (such as type, ID, and configuration, unique identifiers, device type and version)
- Referring URL
- Date/time of your usage
- Time you spent on our Service
- Errors that may occur during your visit to our Service
- Location data based on the IP-address
- Providing our Service to you.
- Find and eliminate errors or illegal activities
- Our legitimate interest to provide the Service to our customers.
- Our legitimate interest to improve our Service and prevent fraudulent or other illegal activities.
Analytics Data if you use our Services
- The electronic path you take to our Services, through our Services and when exiting our Services
- UTM source
- Usage and activity on our Services, (such as the time zone, activity information (first and last active date and time), usage history)
- Find and prevent illegal activities.
- Review our business performance and improve our Services, including by recognizing you and remembering your information when you return to our Services and analyzing our client-base.
- Test, enhance, update and monitor the Services, or diagnose or fix technology problems.
- Our legitimate interest to provide the Services to our customers.
- Our legitimate interest to improve our Services and prevent fraudulent or other illegal activities.
Service-related publications and testimonials
- Name*
- Content of publication or testimonial*
- Company*
Promoting our Services.
Your consent.
Answering court orders and binding authority requests
- Name
- Required content on case by case basis
Complying with the request.
Compliance with a legal obligation.
Litigation and enforcement of rights
- Name
- Required content on case by case basis
Defense or enforcement of our rights.
Our legitimate interest to defense or enforcement of our rights.
Log data if you visit our Website
- Internet protocol (IP) address*
- Operating system*
- Browser details* (such as type, ID, and configuration, unique identifiers, device type and version)
- Referring URL*
- Date/time of your usage*
- Time you spent on our Website
- Any errors that may occur during your visit to our Website
- Location data based on the IP-address*
- Providing our Website to you.
- Finding and elimination of errors or illicit activities.
Our legitimate interest to provide a functioning and safe Website.
Events, Surveys, Feedback and Promotions (including Webinars and Training Sessions)
- Name*
- Contact information (such as email, and phone number);
- Organization company
- Job title
- Office address
- Any other information you provide to us.
- Improving our Website and Services.
- Offering you tailored Services.
- Offering the possibility of participating in events and promotions.
Your consent
Requesting a Demo Call
First name, last name, email, and other information you voluntarily provide to us.
Offering you a demonstration of our products and services.
Your consent
Quotes and Customer Stories
- Name
- Title
- Organization company
- Picture
- The content of your quote or user story
- Some additional information you may give us, such as the increase in your ROI
Presentation of customer opinions and experiences on our Website.
Your consent
Video Demo
First name, last name, email, and other information you voluntarily provide to us.
Presenting you a product demonstration that is tailored to your needs and preferences.
Our legitimate interest to show you relevant product demonstration.
Live Chat
First name, last name, email, and other information you voluntarily provide to us.
- Offering a direct contact possibility with our service staff.
- Answering customer inquiries.
- Customer support.
Our legitimate interest to offer a direct contact channel.
Podcast player
- Any browser plug-ins and versions used on your browser
- Log data
- Offering a way to listen to our podcast directly from our Website; and
- Finding and elimination of errors or illicit activities.
Our legitimate interest to offer a possibility to listen to our podcast in an easy and safe way.
6. RETENTION
We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Notice, unless we are otherwise required to retain it to: (i) comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws); (ii) resolve disputes; or (iii) enforce our legal agreements and policies. We may also retain de-identified, aggregate usage data for internal analysis purposes.
7. SECURITY
The security of your personal information is important to us, which is why we maintain administrative, technical and physical safeguards designed to protect your information’s security, confidentiality and integrity. We endeavor to protect the privacy of your account and other personal information we hold in our records, but we cannot guarantee complete security. When you enter your information on our website we encrypt the transmission of that information using transport layer security (TLS). However, the transmission of information via the Internet is not completely secure. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
8. YOUR CHOICES
- Email Communications. From time to time, we may send you emails regarding updates to our Services, products or services, notices about our organization, or information about products/services we offer that we think may be of interest to you. If you wish to unsubscribe from such emails, simply click the “unsubscribe link” provided at the bottom of the email communication. Note that you cannot unsubscribe from certain services-related communications (e.g., account verification, confirmations of transactions, technical or legal notices).
- Modifying Account Information. If you have an online account with us, you have the ability to modify certain information in your account (e.g., your contact information) through the profile options provided on the Website. Not all personal information is maintained in a format that you can access or change. If you would like to request access to, or correction or deletion of personal information, you may send your request to us at the email address provided under "Contact Us". We will review your request and may require you to provide additional information to identify yourself, but we do not promise that we will be able to satisfy your request.
9. ADDITIONAL NOTICE FOR CALIFORNIA RESIDENTS
This Additional Notice for California Residents (“CA Disclosures”) supplements the information contained in our Privacy Notice and applies solely to residents of the State of California (“consumers” or “you”).
These CA Disclosures provide additional information about how we collect, use, disclose and otherwise process personal information of individual residents of the State of California, either online or offline, within the scope of the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”). Unless otherwise expressly stated, all terms in these CA Disclosures have the same meaning as defined in our Privacy Notice or as otherwise defined in the CCPA.
When we use the term “personal information” in this CA Notice section, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
A. Information Collected and Sources of Information
We collect personal information from and about you for a variety of purposes, and from various sources, as described in the How We Collect Your Personal Information and Why We Collect Your Personal Information sections above.
In the last 12 months, we have collected the following categories of personal information:
- Identifiers, such as your name, email address, postal address, or other similar identifiers;
- CA Customer Categories such as your name, address and telephone number;
- Commercial Information, such as records of products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies;
- Internet/Network Information, such as device information, logs and analytics data;
- Geolocation Data, such as approximate location data generated based on your IP address or other information; and
- Professional/Employment Information, such as the business or organization you represent, your title with that business or organization and information relating to your role with the business or organization; and
- Inferences drawn from other information we collect to create a profile about you reflecting information such as your preferences, characteristics and predispositions.
We collect this information from the following sources: directly from you or from social networks, databases and web-searches, and from your browser or device when you visit our Website or use our Services. We also collect this information from the contact lists, emails and calendars of our users.
B. Sharing of Personal Information
We share personal information with third parties for business purposes. The categories of third parties to whom we disclose your personal information for a business purpose include: (i) our users, (ii) our service providers and advisors; (iii) analytics providers; and (vii) third parties purchasing our Services. In the previous 12 months, we have disclosed all of the categories of personal information we collect to third parties for a business purpose.
C. Selling Personal Information
As further described in the Sharing Your Personal Information section above, we may “sell” your personal information to third parties (as that term is defined by the CCPA), subject to your right to opt out of those sales (see Exercise Your Right to Opt-Out below).
In the last 12 months, we have sold the following categories of personal information to third parties for the purposes described in our Privacy Notice, subject to your settings and preferences and your Right to Opt-Out: Identifiers, such as your name and email address, CA Customer Categories, such as your name, Commercial Information, such as records of meetings and sales opportunities, Professional/Employment Information such as your job title, and Inferences, such as any information we aggregate about you to create a profile of your preferences, characteristics and predispositions. The categories of third parties to whom we may sell the personal information include Customers who buy the information to identify and contact potential sales leads.
D. Privacy Rights
As a California resident, you may be able to exercise the following rights in relation to the personal information that we have collected about you (subject to certain limitations at law):
Right to Access/Know
You have the right to request any or all of the following information relating to your personal information we have collected and disclosed in the last 12 months, upon verification of your identity:
- The specific pieces of personal information we have collected about you;
- The categories of personal information we have collected about you;
- The categories of sources of the personal information;
- The categories of personal information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed;
- The categories of personal information we have sold about you (if any), and the categories of third parties to whom the information was sold; and
- The business or commercial purposes for collecting or, if applicable, selling the personal information.
Right to Request Deletion
You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.
Right to Correct
You have the right to correct any of your personal information in our records and systems. You may request us to rectify, correct or update any of your personal information held by us that is inaccurate.
Right to Portability
You have the right to receive a copy of the personal information we have collected about you in a structured, commonly used and machine-readable format.
Right to Opt-Out of Sharing for Targeted Advertising
You have the right to opt-out of the sharing of your personal information for cross-contextual behavioral advertising. Like many websites, we use cookies, pixels, and similar technology, and we share certain information, such as your IP address or device identifiers, to certain third-party advertisers in order to improve your user experience and to optimize our marketing activities. You have the right to direct us not to share or use your Personal Information for targeted advertising purposes. You have the right to direct us not to share or use your personal information for targeted advertising purposes. To learn more about how third parties collect information through tracking technologies and what other choices you may have in relation to those activities, please see our Cookie Notice.
Right to Opt-Out of the Sale of Your Personal Information
You have the right to direct us not to sell personal information we have collected about you to third parties now or in the future. As mentioned above, we enhance our customers’ provided contact lists using Public Information and/or Personal Information we have obtained from databases and sell such enhanced information back to our customers.
The Right to Non-Discrimination
You have the right not to receive discriminatory treatment for exercising your California privacy rights. However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our Services or engage with you in the same manner.
“Shine the Light”
California residents that have an established business relationship with us have the right to know how their information is disclosed to third parties for their direct marketing purposes under California’s “Shine the Light” law (Civ. Code §1798.83).
Exercising Your Right to Access, Know, Delete, Correct, Port, Non-Discrimination or Shine the Light Request
To exercise your Right to Access, Know, Delete, Correct, Port or Non-Discrimination, please submit a request by:
- Emailing us at privacy@usergems.com with the subject line, “California Rights Request”; or
- Calling us at 415 917 7944.
Before processing your request, we will need to verify your identity and confirm you are a resident of the State of California. In order to verify your identity, we will generally either require the successful authentication of your account, or the matching of sufficient information you provide us to the information we maintain about you in our systems. This process may require us to request additional personal information from you, including, but not limited to, your email address, phone number, and/or date of last transaction on our Services, which we will only use to verify your identity, and for security or fraud-prevention purposes.
In certain circumstances, we may decline a request to exercise the rights described above, particularly where we are unable to verify your identity or locate your information in our systems. If we are unable to comply with all or a portion of your request, we will explain the reasons for declining to comply with the request.
Exercising Your Right to Opt-Out of Sharing for Targeted Advertising
You may opt-out of sharing by using an opt-out preference signal for each participating browser system that you use. We will honor and process the opt-out preference signal in a frictionless manner. To start using an opt-out preference signal, please refer to the instructions provided here. You will need to submit a separate opt-out of sharing request on each device and browser you use to visit our Websites. Please note that you may still receive generalized ads after opting out of targeted advertising. You may also opt out by clicking on the Do Not Sell or Share My Personal Information link in our Websites’ footer.
Exercising Your Right to Opt-Out of Selling
Unless you have exercised your Right to Opt-Out, we may disclose or “sell” your personal information to third parties for monetary or other valuable consideration. The third parties to whom we sell personal information may use such information for their own purposes in accordance with their own privacy policies.
You do not need to create an account with us to exercise your Right to Opt-Out. However, we may ask you to provide additional personal information so that we can properly identify you to track compliance with your opt-out request. We will only use personal information provided in an opt-out request to review and comply with the request. If you choose not to provide this information, we may only be able to process your request to the extent we are able to identify you in our data systems.
To exercise the Right to Opt-Out of Sales, you may submit a request by clicking the link below to be added to our suppression list:
DO NOT SELL MY PERSONAL INFORMATION
Authorized Agents
In certain circumstances, you may permit an authorized agent to submit requests to exercise your California Privacy Rights on your behalf. The authorized agent must provide a letter signed by you confirming the agent has permission to submit a request on your behalf or must provide sufficient evidence to show that the authorized agent has been lawfully vested with power of attorney.
For security purposes, we may need to verify your identity and confirm directly with you that you have provided the authorized agent permission to submit the request, and it may take additional time to fulfil agent-submitted requests. We may deny a request in the event we are not able to verify the authorized agent’s authority to act on your behalf. Please note that for privacy and security reasons, we will direct future communications to the data subject on whose behalf the request was made.
10. ADDITIONAL NOTICE FOR NEVADA RESIDENTS
If you are a resident of the State of Nevada, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered information that a website operator has collected or will collect about the resident. If you would still like to submit such a request, please contact us at privacy@usergems.com.
11. ADDITIONAL NOTICE FOR EUROPEAN RESIDENTS
UserGems directs its Website and Services to individuals located in the EEA and the United Kingdom (European Residents). In these instances, the following disclosures apply to our processing of personal data.
When we use the term “personal data” in this section, we mean information relating to an identified or identifiable natural person.
A. Contact Details
You can contact our data protection officer at:
ShelfFlip, Inc.
Attn: Privacy Officer
2443 Fillmore Street #380-3416
San Francisco, CA 94115
privacy@usergems.com
Our EU representative is:
Stephan Kletzl
Irrsdorfer Bachstraße 48
5204 Strasswalchen
Austria
privacy@usergems.com
B. Legal Basis for Processing
Regularly, we use your personal data based on the following legal grounds according to the Regulation (EU) 2016/679 (the "EU GDPR") or, where applicable, the "UK GDPR" as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the UK European Union (Withdrawal) Act 2018 GDPR:
- Perform of our contractual services or prior to entering into a contract with you: If you order the Services from us or if you contact us to request our Services, for example, when you grant us access to its emails and accepts our terms of service, we use your personal data to provide you with the Services, including for account and contract management and to facilitate user benefits and services, including customer support.
- Justified by our legitimate interests: The usage of your personal data may also be necessary for our own business interests. For example, we may use some of your personal data, which you provided to us or which we collected from publicly available sources, to provide our customers with background information about their contacts or meeting partners; market our Services to individuals; administer, improve and personalize our Services, including by recognizing an individual and remembering their information when they return to our Service and analyzing our client-base; process payment for our Service; conduct market research; opportunity tracking, conversion and lead generation; test, enhance, update and monitor the Service, or diagnose or fix technology problems; help maintain the safety, security and integrity of our property and Service, technology assets and business; enforce our Terms of Service, resolve disputes, carry out our obligations and enforce our rights, and protect our business interests and the interests and rights of third parties; and prevent, investigate or provide notice of fraud or unlawful or criminal activity. UserGems's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
- Consent: In some cases, we may ask you to grant us separate consent to use your personal data.
- Compliance with legal obligations. We are obligated to retain certain personal data because of legal requirements, for example, tax or commercial laws, or we may be required by law enforcement to provide personal data on request.
For more detailed information, please see Section 5, above.
C. Retention of Your Personal Data
We will usually store the personal data we collect about you for no longer than necessary for the purposes as set above, and in accordance with our legal obligations and legitimate business interests.
The criteria used to determine the period for which personal data about you will be retained varies depending on the legal basis under which we process the personal data:
- Contract. Where we are processing personal data is based on contract, we generally will retain your personal data for the duration of the contract plus some additional limited period of time that is necessary to comply with law or that represents the statute of limitations for legal claims that could arise from our contractual relationship.
- Legitimate Interests. Where we are processing personal data based on our legitimate interests, we generally will retain such information for a reasonable period of time based on the particular interest, taking into account your fundamental interests and your rights and freedoms.
- Consent. Where we are processing personal data based on your consent, we generally will retain your personal data until you withdraw your consent, or otherwise for the period of time necessary to fulfil the underlying agreement with you or provide you with the applicable service for which we process that personal data.
- Legal Obligation. Where we are processing personal data based on a legal obligation, we generally will retain your personal data for the period of time necessary to fulfil the legal obligation.
- Legal Claim. We may need to apply a “legal hold” that retains information beyond our typical retention period where we face threat of legal claim or need to make such legal claim ourselves. In that case, we will retain the information until the hold is removed, which typically means the claim or threat of claim has been resolved.
In all cases, in addition to the purposes and legal bases, we consider the amount, nature and sensitivity of the personal data, as well as the potential risk of harm from unauthorized use or disclosure of your personal data.
D. Transferring Your Personal Data
Direct Collection. Please note that the direct collection of personal data by UserGems is not considered a transfer. The personal data we collect will be stored in countries outside the EEA and the UK where we and our third-party processors have operations, including in the United States, where ShelfFlip, Inc. dba UserGems is located.
International Transfers. In the event of a transfer by UserGems to third parties, we ensure that: (i) the personal data is transferred to countries recognized as offering an equivalent level of protection; or (ii) the transfer is made pursuant to appropriate safeguards, in this case standard contractual clauses adopted by the European Commission (please see here to access the Standard-Contractual-Clauses), where necessary in connection with additional measures.
Kindly note that the level of data protection provided to your personal data in the United States is not equivalent to the one in the European Economic Area. This does not mean that we value your privacy less, just that the law may require us to treat it differently. We implement safeguards aimed at ensuring that, where we are able to do so under local law, we use your data in a way that meets the standards set by the law in your jurisdiction (available here), where necessary in connection with additional measures.
If you wish to enquire further about these safeguards used, please contact us using the details set out in the Contact section below.
E. Your Rights
In accordance with applicable privacy law, you may have the following rights in respect of your personal data that we hold:
- Right of access. You have the right to obtain certain information about our processing of your personal data which includes:
- confirmation of whether, and where, we are processing your personal data;
- information about the categories of personal data we are processing, the purposes for which we process your personal data and information as to how we determine applicable retention periods;
- information about the categories of recipients with whom we may share your personal data; and
- a copy of the personal data we hold about you.
- Right of portability. You have the right, in certain circumstances, to receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
- Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal data we hold about you without undue delay.
- Right to erasure. You have the right, in some circumstances, to require us to erase your personal data without undue delay, such as if the continued processing of that personal data is not justified.
- Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal data, such as where the accuracy of the personal data is contested by you.
- Right to withdraw consent. When we require your consent to process your personal data, you have the right to withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of our use of your personal data before your withdrawal.
You also have the RIGHT TO OBJECT to any processing based on our legitimate interests for any reason at any time. This applies in particular to individuals who have not signed up to our Services and whose data has been collected as initiated by our Customers/Users.
You also have the right to lodge a complaint to your local data protection authority. If you are based in the EEA, information about how to contact your local data protection authority is available here. If you are based in the UK, your local data protection authorities are the UK Information Commissioner's Office (https://ico.org.uk/global/contact-us/).
If you wish to exercise one of these rights, we kindly ask you to contact us at privacy@usergems.com.
If you wish to unsubscribe from marketing emails, you can also simply click the “unsubscribe link” provided at the bottom of the email communication. Note that you cannot unsubscribe from certain service-related communications (e.g., account verification, confirmations of transactions, technical or legal notices).
Due to the confidential nature of data processing, we may ask you to provide proof of identity when exercising the above rights.
12. CONTACT US
If you have any questions or concerns regarding our privacy policies, please send us a detailed message by email to privacy@usergems.com or by mail to:
ShelfFlip, Inc. dba UserGems
Attn: Privacy Officer
2443 Fillmore Street #380-3416
San Francisco, CA 94115
In addition, pursuant to Article 27 of the General Data Protection Regulations of the European Union and United Kingdom, UserGems has appointed the following individual as their authorized representative for EU and UK data protection matters:
Mr. Stephan Kletzl
Irrsdorfer Bachstraße 48
5204 Strasswalchen
Austria
privacy@usergems.com
We will make every effort to resolve your concerns.