GRITGLOBAL PRIVACY POLICY

Last Revised: January 17th, 2024

Thank you for choosing to be part of our community at GRITGLOBAL (“Company”, “We”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. When you visit our website, and use our services, you trust us with your personal information. We take your privacy very seriously. In this privacy policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of our Sites and our services. This privacy policy applies to all information collected through our website, and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the “Services”). Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at support@gritglobal.io.

WHAT INFORMATION DO WE COLLECT?

1. Personal information

As a visitor, you do not have to submit any personal information in order to use the Website. We only collect personal information that you provide to us. We collect personal information that you voluntarily provide to us when registering at the Services expressing an interest in obtaining information about us or our products and services when participating in activities on the Services, or otherwise contacting us. The personal information that we collect includes [your name, phone number, email address, country, company, and title].

2.  Log File Information

Like the majority of website services delivered over the Internet, we gather log file information which is automatically reported by your browser or mobile application every time you interact with our website and Services. The data gathered is non-personal and may include information such as Internet Protocol (IP) address, browser type, referring/ exit pages and URLs, number of clicks, date/time stamp, pages viewed, and other such information. The data is used to help us analyze trends, track users’ movement on the site, and gather demographic information for aggregate use. We do not link this automatically-collected data to personally identifiable information and none of the log file information gathered enables us to personally identify you.

3.  Cookie

We use cookies and other online identification technologies like web beacons or pixels to enhance your experience. For more information please read our website’s Cookie policy.

4.  Payment Data

We collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by https://stripe.com. You may find their privacy policy link(s) here: https://stripe.com/en-gb-us/privacy. All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

5.  Information from Third-party service

We may also receive personal information from third parties such as social media, data enrichment, or authentication Services when, for example, you sign up for our Services, fill in forms on our website, or log onto your Account through such Services. Any access we may have to such information is governed by the authorization procedures of that Service. By authorizing us to connect with a third-party Services, you authorize us to access and store your name, email address(es), location, URL of profile picture, and other personal information that the third-party Services makes available to us, and to use and disclose it in accordance with this Privacy Policy.

6.  Minors information collection

We do not knowingly collect data from or market to children under 16 years of age or under the age of majority under any applicable law. We do not knowingly solicit data from or market to children under 16 or under the age of majority under any applicable law. By using the Services, you represent that you are at least 16 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services.

7.  Store Data

In order to use the service, you hereby grants to Gritglobal a license to access and use Store Data to provide the Service to you and fulfill its obligations under this Agreement, including without limitation, accessing, storing, recording, transmitting, reproducing, maintaining, displaying and otherwise using, manipulating and/or modifying the Store Data as necessary to provide the Service. The store data may include information such as order details, product details, store and inventory details or customer data details and other information which are granted by the user.

If we learn that personal information from users less than 16 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under the age of 16, please contact us via email: support@gritglobal.io.

WHY DO WE COLLECT YOUR INFORMATION?

We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent. We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below. We use the information we collect or receive:

TRANSFER OF PERSONAL INFORMATION 

We transfer Personal Information to other jurisdictions as necessary for the purposes described above, including to jurisdictions that may not provide the same level of data protection as your home country. If you are a non-resident of the United States, submitting your personal information constitutes a cross-border transfer of your data.

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations. We may process or share data based on the following legal basis:

More specifically, we may need to process your data or share your personal information in the following situations:

PERSONAL INFORMATION RETENTION 

We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law. We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). 

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

PERSONAL INFORMATION SECURITY 

We have implemented reasonable security policies and procedures to safeguard personal information from unauthorized loss, misuse, alteration, or destruction. While we take extensive precautions, it’s essential to acknowledge that no security measures can provide an absolute guarantee against all potential threats. To the best of our ability, access to your personal information is restricted to individuals with a legitimate need-to-know basis. Those who have access are obligated to uphold the confidentiality of such data.

We may store personal information in locations outside our direct control (for instance, on servers or databases co-located with hosting providers).

CONTROL AND ACCESS TO YOUR PERSONAL INFORMATION 

At any time, while we are in possession of or processing your personal information, you as the data subject, have the right to submit Data Subject Access requests (DSARs) to perform the following rights:

Right of access: You have the right to request a copy of the information that we hold about you.

Right of rectification: If the data we hold about you is inaccurate or incomplete, you have the right to correct it.

Right to be forgotten: Under certain circumstances, you can ask us to erase the data we hold about you from our records.

Right to restriction of processing: Where certain conditions apply to have a right to restrict the processing.

Right of portability: You have the right to have the data we hold about you transferred to another organization.

Right to object: You have the right to object to certain types of processing such as direct marketing.

Right to object to automated processing, including profiling: You also have the right to be subject to the legal effects of automated processing or profiling.

Right to withdraw consent: If the processing of personal information is based on consent, data subjects have the right to withdraw their consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

All the above requests will be forwarded should there be a third party involved in the processing of your personal information.

If you have any DSARs please contact us at support@gritglobal.io and we will respond to your DSARs within 30 days. Please note that we may need some additional information to certify your identity before carrying out any DRARs. 

DATA BREACH

A privacy breach occurs when there is unauthorized access to or collection, use, disclosure or disposal of personal information. You will be notified about data breaches when GRITGLOBAL believes you are likely to be at risk or serious harm. For example, a data breach may be likely to result in serious financial harm or harm to your mental or physical well-being. In the event that GRITGLOBAL becomes aware of a security breach which has resulted or may result in unauthorized access, use or disclosure of personal information GRITGLOBAL will promptly investigate the matter and notify the applicable Supervisory Authority not later than 72 hours after having become aware of it, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.

CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.

DO WE MAKE UPDATES TO THIS POLICY?

Yes, we may update this policy as necessary to stay compliant with relevant laws. We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

LINK TO OTHER WEBSITES

Our Services may contain links to other sites. We have no control over and take no responsibility for the privacy practices or content on other sites. You are responsible for checking the privacy policy of any such sites so that you can be informed of how they handle personal information.

HOW CAN YOU CONTACT US ABOUT THIS POLICY?

If you have questions or comments about this policy, you may contact GritGlobal, by email at support@gritglobal.io, or by post to: GRITGLOBAL, 18 Handico Tower, Pham Hung, Hanoi 10000 Vietnam

Book a Product Demo

Request a demo for GritGlobal’s BigCommerce solutions.

I understand that I can withdraw my marketing consent at any time by submitting an opt-out request via email: support@gritglobal.io. By submitting this form, I acknowledge that I have read and understand the GritGlobal's Privacy Policy.