We are Intros.at Ltd, the provider of the Grip mobile application. We are committed to protecting and respecting your privacy.
SCOPE OF POLICY
This policy sets out the basis on which any personal data we collect from you, or that you or others provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. In particular, note that we will use your data to propose ‘handshakes’ with other Grip users. This is based on the content of social media platforms hosting accounts you notify us of, and information provided to us by the promoter of an event for which you have registered and we have produced a branded version of Grip (“Event Promoter”).
For the purpose of data protection legislation, the data controller is Intros.at Ltd whose registered office is Treviot House, 186-192 High Road, Ilford, Essex, England, IG1 1LR.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
If you contact us, we may keep a record of that correspondence.
Uses made of the information
We use information held about you in the following ways:
We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.
If we have your consent, we may also use your personal data to provide you with marketing messages about other products and services we provide which may be of interest to you.
Also, we may provide various third parties (including Event Promoters) with anonymous aggregate information about our users (for example, we may inform them that 500 men aged under 30 have used the chat function on any given day). This data will not identify you as an individual.
Our Legal basis for Processing Your Data
The legal grounds for processing your personal data are as follows:
It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this, we shall consider a number of factors, such as what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you.
In some cases, your consent (such as where we seek your consent to send you details of our products and services by email).
It may be necessary for us to undertake processing in order to comply with mandatory legal obligations to which we are subject under EU or UK law.
Disclosure of your information
We may disclose some or all of the data we collect from you when you download or use Grip to the following third parties:
Category of data Submitted Information; Event Promoter Information
Recipient Event Promoters will receive activation data in respect of your email address – that is, whether or not you have successfully downloaded and registered on Grip.
Category of data Submitted Information, Social Information
Recipient Other users of Grip.
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.
We may disclose your personal information to third parties:
How long will we retain your data?
We will not retain your personal data for longer than is necessary in relation to the purposes for which the data was collected or otherwise processed. The criteria we use for determining this period data will be any legal or regulatory requirements, statutory retention periods or guidance provided by regulatory bodies such as the Information Commissioners Office. For example, we delete any personally identifying Log Data when you disable your Grip account, or 2 years after your last use of Grip. We use this 2 year period because in our experience users may wish to retain an active Grip registration to access information derived from the Services when they repeat attend the same event in another year. Some events are held on a biennial basis (every 2 years).
We take security seriously. A summary of our security measures employed to protect your data is here.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or through Grip or the Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Grip includes chat features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.
To assist us in providing an effective networking service, in addition to the data that you provide to us if you register, we may also obtain data from your usage of Grip to help us understand what you might be interested in, or who you might be interested in connecting with. This ‘profiling’ activity is powered by some intelligence in our software which makes calculations about potential preferences or requirements you might have about what you see in the app or who we think you might wish to connect with. There’s no consequence for you of this profiling other than hopefully refining and improving what we suggest to you in Grip.
You have the right to ask us not to process your personal data for marketing purposes. we will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. If you are using a third party-branded version of the App, this includes disclosure to the owner of, or companies doing business under that brand. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com.
Websites of others
Grip may, from time to time, contain links to and from the websites of others. If you are using a third-party branded version of Grip, this includes websites of companies providing services under that brand. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.
Disabling your Grip account
You can disable your account at any time using the ‘Delete Profile’ button in Grip.
Transfers of data outside Europe
The information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). These countries may not have similar data protection laws to those in the EEA. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
We currently use various services for Sub Processing as well as Cookies in order to provide our services.
You can find the updated list of cookies and sub processors that we work with here: https://organisers.helpscoutdocs.com/article/358-tracking-sub-processors-and-processing
If you use our Services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those Services.
You have a number of rights regarding our use of your data.
Upon written request, we will provide you with a copy of the personal data which we keep about you, subject to any exceptions under data protection laws (for example, if the data includes information about other people). We will respond to you within the time frame specified within the applicable data protection law, which is generally within one month of receipt of the written request. We will provide the information without charge, but we may charge a reasonable fee for the administrative cost of providing the information where the request for information is excessive.
You can require us to correct any mistakes in your personal data which we hold about you. You can request a copy of your information which we hold (this is known as a subject access request). To the extent required by data protection laws, we will provide you with a readable copy of the personal data which we keep about you. We will respond to you within the time frame specified within the applicable data protection law, which is generally within one month of receipt of the request.
You can ask us to stop contacting you for direct marketing purposes.
You can require us to erase the personal information we hold about you where: the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you object to the processing and there is no overriding legitimate interest for us to continue the processing of the data; your personal data was unlawfully processed, or your personal data must be erased in order to comply with a legal obligation.
You have the right to restrict the processing of your personal data where: you contest the accuracy of the personal data; you have objected to our processing of your data, and we are considering your objection because we have said the processing is necessary for the purpose of our legitimate interests; the processing is unlawful and you do not wish for the data to be erased but require restricted processing of the data instead; or we no longer require your personal data but you require the data to establish, exercise or defend a legal claim.
You have the right to object to us processing your personal data where our legal basis for processing the data is for the purposes of our legitimate interests or for the performance of a task carried out in the public interest. We may refuse if there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the exercise or defence of legal claims.
Should you wish to exercise these rights then you can write to us at firstname.lastname@example.org.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can get in touch with the UK data protection regulator, the Information Commissioner’s Office. Further details can be found at www.ico.org.uk or 0303 123 1113.