EFFECTIVE: 21 May 2018
This Privacy Policy describes how Gribbio collects, uses and discloses information, and what choices you have with respect to the information.
Updates in this version of the Privacy Policy reflect changes in data protection law. In addition, we have worked to make the Privacy Policy clearer and more understandable by:
When we refer to “Gribbio”, we mean the Gribbio entity that acts as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.
Download Gribbio’s Privacy Policy [PDF]
This Privacy Policy applies to Gribbio’s online event management platform: gribb.io (collectively, the “Services”), gribbio.com (collectively, the “Websites”) and other interactions (e.g., customer service inquiries, user conferences, etc.) you may have with Gribbio. If you do not agree with the terms, do not access or use the Services, Websites or any other aspect of Gribbio’s business.
This Privacy Policy does not apply to any third party applications or software that integrate with the Services through the Gribbio platform (“Third Party Services”), or any other third party products, services or businesses. In addition, a separate agreement governs delivery, access and use of the Services (the “Customer Agreement”), including the processing of any applications, files or other content submitted through Services accounts (collectively, “Customer Data”). The organization (e.g., the event organizer or another entity or person) that entered into the Customer Agreement (“Customer”) controls their instance of the Services (their “Brandspace”) and any associated Customer Data. If you have any questions about specific Brandspace settings and privacy practices, please contact the Customer whose Brandspace you use.
As our Service Gribbio offers Customers a platform in which they can manage their event visitor data. The customers of Gribbio’s Customer are Users (“Users”) in the platform and generally seen as event visitors and/or members of the community of Gribbio’s Customer. To offer an adequate Service specific “User Information” is stored about Users that is generic on the total Gribb.io platform. The User can switch between Brandspaces and remain the same User Information.
Within specific Brandspaces the Customer specifies their own “Persona Profiles” with information about the User relevant to the Customer. Upon application for any activities of the Customer the User provides this information in the “Application Form” and gives consent for the storage and usage of this data according to the Terms of Services.
Gribbio may collect and receive Customer Data and other information and data (“Other Information”) in a variety of ways:
Customer Data Customers or individuals granted access to a Brandspace by a Customer to manage the Services within Gribbio.
Other Information
Generally, no one is under a statutory or contractual obligation to provide any Customer Data or Other Information (collectively, “Information”). However, certain Information is collected automatically and, if some Information, such as Brandspace setup details, is not provided, we may be unable to provide the Services.
Customer Data will be used by Gribbio in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. Gribbio is a processor of Customer Data and Customer is the controller. Customer may, for example, use the Services to grant and remove access to a Brandspace, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services.
Gribbio uses Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, Gribbio uses Other Information:
We will not send any Marketing related communication unless you have explicitly given consent to receive this kind of communication.
If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as “Personal Data.”
Gribbio will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. Depending on the Services plan, Customer may be able to customize its retention settings and apply those customized settings at the Brandspace level, channel level or other level. Customer may also apply different settings to messages, files or other types of Customer Data. The deletion of Customer Data and other use of the Services by Customer may result in the deletion and/or de-identification of certain associated Other Information. For more detail, please contact Customer. Gribbio may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy. This may include keeping your Other Information after you have deactivated your account for the period of time needed for Gribbio to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.
This section describes how Gribbio may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and Gribbio does not control how they or any other third parties choose to share or disclose Information.
You may, of course, decline to share your personally-identifiable information with Gribbio, in which case Gribbio will not be able to provide to you some of the features and functionality found on Gribbio. You may update, correct, or delete your user information and preferences at any in your user profile.
To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your information. YOU ARE RESPONSIBLE FOR MAINTAINING THE SECRECY OF YOUR UNIQUE PASSWORD AND ACCOUNT INFORMATION AT ALL TIMES.
Gribbio takes security of data very seriously. Gribbio works hard to protect Other Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Other Information we collect, process and store, and the current state of technology. Given the nature of communications and information processing technology, Gribbio cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.
To the extent prohibited by applicable law, Gribbio does not allow use of our Services and Websites by anyone younger than 16 years old. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us and we will takes steps to delete such information.
Gribbio may change this Privacy Policy from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We will post the changes to this page and encourage you to review our Privacy Policy to stay informed. If we make changes that materially alter your privacy rights, Gribbio will provide additional notice, such as via email or through the Services. If you disagree with the changes to this Privacy Policy, you should deactivate your Services account. Contact the Customer if you wish to request the removal of Personal Data under their control.
In the event that Gribbio is acquired by or merged with a third-party entity, we reserve the right, in any of these circumstances, to transfer or assign the information that we have collected from users as part of that merger, acquisition, sale, or other change of control.
To communicate with our Data Protection Officer, please email privacy@gribbio.com
Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, Customer is the controller of Customer Data. In general, Gribbio is the processor of Customer Data and the controller of Other Information. Different Gribbio entities provide the Services in different parts of the world. Gribbio, a brandname of Ropaki B.V., a Dutch company based in Rotterdam, the Netherlands, is the controller of Other Information and a processor of Customer Data relating to Authorized Users who use Brandspace established for Customers.
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information. You can contact Customer for additional access and assistance.
If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority:
Email: privacy@gribbio.com
Please also feel free to contact Gribbio if you have any questions about this Privacy Policy, or if you are seeking to exercise any of your statutory rights. You may contact us at privacy@gribbio.com or at our mailing address below:
Gribbio – Ropaki B.V.
Marconistraat 16, 3029AK
Rotterdam, The Netherlands