Effective as of February 1, 2023
Thanks for visiting Gossh! Gossh (“Gossh”, “we”, “us” or “our”) respects your privacy. When it comes to your personal information, we believe in transparency, not surprises. That’s why we’ve set out here what personal information we collect, what we do with it and your choices and rights.
Some key terms
Personal information we collect
We collect various personal information regarding your or your device. This can include the following:
- Information you provide to create an Account, specifically email address, first name and last name, contact number.
- Your marketing preferences.
- The emails and other communications that you send us or otherwise contribute, such as customer support inquiries or posts to our customer message boards or forums or social media.
- Information you share with us in connect with surveys, contests or promotions.
How we collect personal information
We obtain personal information from various sources, this can include:
- You provide some of it directly (such as by registering for an Account).
- We record some of it automatically when you use our Services.
How we use your personal information
We use the personal information we obtain about you to:
- Provision of the Services. Create and manage your Account, provide and personalise our Services, process payments and respond to your inquiries.
- Communicating with you. Communicate with you, including by sending you emails about your transactions and Service-related announcements.
- Promotion. Promote our Services and send you tailored marketing communications about products, services, offers, programs and promotions of Gossh and our partners and measure the success of those campaigns. For example, we may send different marketing communications to you based on your subscription plan or what we think may interest you based on other information we hold about you.
- Security. Ensure the security and integrity of our Services.
- Third party relationships. Manage our vendor and partner relationships.
- Enforcement. Enforce ourTerms of Service
- and other legal terms and policies.
- Protection. Protect our and others’ interests, rights and property (e.g., to protect our Users from abuse).
- Complying with law. Comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts and law enforcement requests.
We process your personal information for the above purposes when:
- Consent. You have consented to the use of your personal information in a particular way. When you consent, you can change your mind at any time.
- Performance of a contract. We need your personal information to provide you with services and products requested by you, or to respond to your inquiries. In other words, so we can perform our contract with you or take steps at your request before entering into one. For example, we need your email address so you can sign in to your Gossh account.
- Legal obligation. We have a legal obligation to use your personal information, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.
- Legitimate interests. We have a legitimate interest in using your personal information. In particular, we have a legitimate interest in the following cases:
- To operate the Gossh business and provide you with tailored advertising and communications to develop and promote our business.
- To analyse and improve the safety and security of our Services - we do this as it is necessary to pursue our legitimate interests in ensuring Gossh is secure, such as by implementing and enhancing security measures and protections and protecting against fraud, spam and abuse.
- To provide and improve the Services, including any personalised services - we do this as it is necessary to pursue our legitimate interests of providing an innovative and tailored offering to our Users on a sustained basis..
- Protecting you and others. To protect your vital interests, or those of others.
- Others’ legitimate interests. Where necessary for the purposes of a third party’s legitimate interests, such as our partners who have a legitimate interest in delivering tailored advertising to you and monitoring and measuring its effectiveness or our Users who have a legitimate interest in having their sites function properly and securely and analysing the usage of their sites so they can understand trends and improve their services.
How we share your personal information
We share personal information in the following ways:
- Affiliates. We share personal information with our affiliates when it is reasonably necessary or desirable, such as to help provide services to you or analyse and improve the services we or they provide.
- Users. We share with our Users data regarding usage by End Users of their sites. For example, we provide a User with information about what web page the End User visited before coming to their site and how their End Users interacted with their site. This is so Users can analyse the usage of their sites and improve their services.
- Business partners. We may share personal information with business partners. For example, we may share your personal information when our Services are integrated with their Third Party Services, but only when you have been informed or would otherwise expect such sharing.
- Service providers. We share personal information with our service providers that perform services on our behalf. For example, we may use third parties to help us provide customer support, manage our advertisements on other sites, send marketing and other communications on our behalf or assist with data storage.
- Process payments. We transmit your personal information via an encrypted connection to our payment processor.
- Following the law or protecting rights and interests. We disclose your personal information if we determine that such disclosure is reasonably necessary to comply with the law, protect our or others’ rights, property or interests (such as enforcing our Terms of Service
- ) or prevent fraud or abuse of Gossh or our Users or End Users. In particular, we may disclose your personal information in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements.
- Business transfers. If we're involved in a reorganisation, merger, acquisition or sale of some or all of our assets, your personal information may be transferred as part of that deal.
Your rights and choices
Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change or delete personal information.
You can access, update, change or delete personal information (or that of your End Users) either directly in your Account or by contacting us at firstname.lastname@example.org to request the required changes. You can exercise your other rights (including deleting your Account) by contacting us at the same email address.
You can also elect not to receive marketing communications by changing your preferences in your Account or by following the unsubscribe instruction in such communications.
Please note that, for technical reasons, there is likely to be a delay in deleting your personal Information from our systems when you ask us to delete it. We also will retain personal Information in order to comply with the law, protect our and others’ rights, resolve disputes or enforce our legal terms or policies, to the extent permitted under applicable law.
How we protect your personal information
While no service is completely secure, we have a security team dedicated to keeping personal information safe. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing of, the personal information in our possession. We employ security measures such as using firewalls to protect against intruders, building redundancies throughout our network (so that if one server goes down, another can cover for it) and testing for and protecting against network vulnerabilities.
How we retain your personal information
The precise periods for which we keep your personal information vary depending on the nature of the information and why we need it. Factors we consider in determining these periods include the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made with respect to an agreement or other matter, whether the personal information has been aggregated or pseudonymized, and other relevant criteria. For example, the period we keep your email address is connected to how long your Account is active, while the period for which we keep a support message is based on how long has passed since the last submission in the thread.
Personal information that you submit through the Services may be transferred to countries other than where you live, such as, for example, to our servers in the U.S. We also store personal information locally on the devices you use to access the Services.
Your personal information may be transferred to countries that do not have the same data protection laws as the country in which you initially provided the information.
We rely upon a number of means to transfer personal information which is subject to the European General Data Protection Regulation (“GDPR”) in accordance with Chapter V of the GDPR. These include:
- Privacy Shield. We transfer, in accordance with Article 45 of the GDPR, personal information to companies that have certified their compliance with the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (each individually and jointly, the “Privacy Shield”), including Gossh, Inc.
- Standard data protection clauses. We may, in accordance with Article 46 of the GDPR, transfer personal information to recipients that have entered into the European Commission approved contract for the transfer of personal data outside the European Economic Area.
- Other means. We may, in accordance with Articles 45 and 46 of the GDPR, transfer personal information to recipients that are in a country the European Commission or a European data protection supervisory authority has confirmed, by decision, offers an adequate level of data protection, pursuant to an approved certification mechanism or code of conduct, together with binding enforcement commitments from the recipient to apply the appropriate safeguards, including as regards data subjects’ rights, or to processors which have committed to comply with binding corporate rules.
How to contact us
28 Gladwyn Road
London SW15 1JY