Gamify Privacy Policy

Last revised and effective as of: Dec 20, 2018

This Privacy Policy relates to information collected online by Gamify, Inc. (“Gamify” "we" or “us” or “our”) through your use of the Gamify website at http://gamify.science/ and any subdomains (the “Site”) and the services, features, and information, mobile applications and/or video, computer or mobile games we may offer, including without limitation the “Agent One” mobile game (together with the Site, along with associated and successor websites, applications, features, information, and services, or any part thereof, the “Service”). This Privacy Policy is incorporated into, and part of, and governed by the Gamify End User License Agreement  (the “EULA”). As used herein, “you” and “your” mean a user of the Service and in addition, when the user of the Service is a minor registered by a parent and/or guardian, the terms “you” and “your” also include such parent and/or guardian.  

You should carefully read this Privacy Policy. By using the Service or permitting your child to use the Service, you are signifying your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you may not use the Service and you may not register a minor to use the Service.

To the extent that the Service is available to individuals located in the European Economic Area and the United Kingdom, this Privacy Policy sets out our practices and obligations under the  General Data Protection Regulation 2016/679 (the “GDPR”). If your affiliated organization signs up to use our Service, we may receive personal information about you in connection with our provision of the Service to your affiliated organization, which will only be used as necessary to provide the Service to your affiliated organization and as otherwise specified in this privacy notice. Under the GDPR, to the extent applicable, we will act as a processor (as defined in the GDPR) on behalf of your affiliated organization in respect of that personal information and your affiliated organization will act as a controller (as defined in the GDPR) in respect of that personal information and is responsible for obtaining all necessary consents and providing you with all requisite information as required by applicable law.

As used in this Privacy Policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization or among our affiliates within the United States or internationally.

This Privacy Policy serves to notify you of the following:

What information about me is collected?

Where and when is information collected (including through the use of cookies and action tags)?

Is information submitted to the public areas of the Service private?

Does Gamify collect information from children under 13 years of age?

What does Gamify do with the information it collects?

When does Gamify disclose information to third parties?

Does this Privacy Policy apply when I link to other websites or services?

Is the information collected through the Service secure?

Could my information be transferred to other countries?

For how long will my personally identifiable information be kept?

What choices do I have regarding my personally identifiable information?

How will I know if there are any changes to this Privacy Policy?

Who do I contact if I have any privacy questions?

WHAT INFORMATION ABOUT ME IS COLLECTED?

Depending on your use of the Service, we may collect two types of information: personally identifiable information and non-personally identifiable information.

Personally Identifiable Information. 

Personally identifiable information is information that identifies you or can be used to identify or contact you. Such information may include your name, e-mail address, social media handle, username, display name, IP address, password, age, gender, handedness, socioeconomic status and health information, including health history and family health history. Personally identifiable information amounts to ‘personal data’ for the purposes of and as defined in the GDPR. All references to personally identifiable information shall be deemed to include ‘personal data’ as defined and used in the GDPR (to the extent applicable).

We may collect from you, or you may make available to us, some special categories of personal data. By agreeing to this Privacy Policy, you explicitly consent to the processing of any such special categories of personal data. “Special categories of personal data” consist of personal data for the purposes of and as defined in the GDPR which is to be treated with particular sensitivity, and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic or biometric data, data concerning health or data concerning a person’s sex life or sexual orientation.

Non-Personally Identifiable Information.

Non-personally identifiable information is information, any single item of which, by itself, cannot be used to identify or contact you, including demographic information (such as age, profession, gender, current general location, zip code, birth date, or year of birth), browser types, unique device identifiers, device types, requested URL, referring URL, browser language, the pages you view, the date and time of your visit, domain names, and statistical data involving the use of the Service. Certain non-personally identifiable information may be considered a part of your personally identifiable information if it were combined with other identifiers (for example, combining your zip code with your street address) in a way that enables you to be identified. However, the same pieces of information are considered non-personally identifiable information when they are taken alone or combined only with other non-personally identifiable information (for example, your viewing preferences).

Anonymized Data.

We may collect, analyze and anonymize data, statistics or other information obtained through the provision, use and performance of various aspects of the Service and aggregate such data, statistics or other information (collectively, “Anonymized Data”). Please note that Anonymized Data is not personally identifiable information and we may use or disclose such Anonymized Data for any lawful business purpose without your consent. We will not re-identify, or attempt to re-identify, any of the Anonymized Data or otherwise link or associate Anonymized Data with any information relating to an identified or identifiable natural person.

WHERE AND WHEN IS INFORMATION COLLECTED (INCLUDING THROUGH THE USE OF COOKIES AND ACTION TAGS)?

We will collect personally identifiable information that you submit to us, including, with your permission, health tracking information collected through devices that support step or exercise tracking, including wearables. We may also receive personally identifiable information about you from third parties providing digital distribution platforms for our Service, as well as credit and debit card authorization and fraud screening services as part of your use of the Service.

Registering to Use the Service and in the Course of Using the Service.

You may be required to establish an account in order to take advantage of certain features of the Service. If so, if you wish to establish an account you will be required to provide us with information (including personally identifiable information and non-personally identifiable information) such as name, postal address, e-mail address, birth date and credit card and billing information. We may also receive personally identifiable information about you from third parties providing credit and debit card authorization and fraud screening services as part of the registration process. In addition, we may obtain your personally identifiable information from you if you identify yourself to us by sending us an e-mail with questions or comments. Also, we will have access to any personally identifiable information that you choose to share through the Service.    

If you choose to access the Service using the Facebook Login feature, you may be providing us with access to all information, attributes, and data in your Facebook public profile.  We may freely store and use such information in accordance with this Privacy Policy and the EULA.  Such information may be stored by Gamify and may be used in connection with providing the Service or to contact you.

Log Files.

We also collect non-personally identifiable information through our Internet log files, which record data such as user IP addresses, browser types, domain names, and other anonymous statistical data involving the use of the Service. This information may be used to analyze trends, to administer the Service, to monitor the use of the Service, and to gather general demographic information. We may link this information to personally identifiable information for these and other purposes such as personalizing your experience on the Service and evaluating the Service in general.

Public Areas.

The Service may feature various community areas and other public forums (the "Public Areas") where Service users can share information and support one another or where members can post questions for others to answer or where users may be ranked in a leader board. These Public Areas are open to the public and should not be considered private. We cannot prevent such information from being used in a manner that may violate this Privacy Policy, the law, or your personal privacy. We are not responsible for the results of such postings or for the accuracy of any information contained in those postings.

Any information you share in a Public Area (including personally identifiable information) is by design open to the public and is not private. You should think carefully before posting any information in any Public Area. What you post can be seen, disclosed to or collected by others and may be used by others in ways we cannot control or predict. As with any public forum on any website, the information you post may also show up in third-party search engines like Google, Yahoo, MSN, and Bing. If you mistakenly post personal information in a Public Area you can send us an e-mail to request that we remove it by contacting us at privacy@gamify.science. You should understand that in some cases, we may not be able to remove your information.

IS INFORMATION SUBMITTED TO THE PUBLIC AREAS OF THE SERVICE PRIVATE?

No.  Any information shared in the Public Areas (as defined above) of the Service is available to the public, including to all users.  Such information is not protected or treated as confidential, can be used in any manner, and is not subject to this Privacy Policy.  If you wish to keep any information private or proprietary, do not submit it to the Public Areas of the Service.  NOTWITHSTANDING THE FOREGOING, WE HAVE NO RESPONSIBILITY OR LIABILITY IF A USER’S INFORMATION OR IDENTITY IS MISUSED OR STOLEN, OR IF A USER SUFFERS HARM AS A RESULT OF VOLUNTARY DISCLOSURES.

Is A Display Name Private?

No.  A user’s display name is available to the public, including to all users, when information is posted or shared in the Public Areas of the Service. When prompted to create a display name, we advise users to use non-personally identifiable information – that is, to select a display name that is not similar to a user’s actual name – because such information can be publicly available to all users.

DOES GAMIFY COLLECT INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE?

We are committed to protecting the privacy of children. We do not collect personally identifiable information directly from any person we actually know is under the age of 13.

WHAT DOES GAMIFY DO WITH THE INFORMATION IT COLLECTS?

We will only use your personally identifiable information to the extent that the law allows us to do so. Pursuant to the GDPR, legal bases for our processing your personally identifiable information may include (without limitation):

(a) where you have given consent to the processing, which consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal;

(b) where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Service or otherwise); and/or

(c) where it is necessary for the purposes of our legitimate interests (or those of a third party) in providing the Service and your interests or fundamental rights and freedoms do not override those legitimate interests.

We use the information collected to provide the Service to you and process your transactions, to help us understand who uses the Service, for internal operations such as operating and improving the Service, to contact you for customer service and billing purposes, and, if you “opt in”, so that we can contact you about products and services that may be of interest to you.

We may use your information to send you a welcoming e-mail that may confirm your user name and password. If you opt in, we and third parties on our behalf may subsequently send you electronic newsletters, contact you about the Service, products, services, information and news that may be of interest to you, and provide you with targeted feedback. If you no longer desire to receive these communications, we will provide you with the option to change your preferences in each communication we send to you. You may also inform us by email to: privacy@gamify.science.

If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personally identifiable information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.

We may also use the information collected to send announcements and updates regarding the Service or, if applicable, about your billing account status. You will not be able to unsubscribe from these Service announcements and updates as they contain important information relevant to your use of the Service and are necessary for the performance of our contract with you.

We may also use the information gathered to perform statistical analysis of user behavior or to evaluate and improve the Service. We may link some of this information to personally identifiable information for internal purposes or to improve your experience with the Service.

WHEN DOES GAMIFY DISCLOSE INFORMATION TO THIRD PARTIES?

We generally disclose information we gather from you through the Service to the following types of third parties and as otherwise set forth in this Privacy Policy or our EULA or as specifically authorized by you.

Healthcare Providers

We may disclose your personally identifiable information, particularly your health information, to your physician, other healthcare provider, health insurance provider or other insurance payer, in each case as directed by you. Additionally, if you opt in, we may disclose your health data to third parties for the purpose of performing medical research.

Laws and Legal Rights.

We may disclose your information (including personally identifiable information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. We may disclose personally identifiable information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating the EULA, to detect fraud, for assistance with a delinquent account, or to protect the safety and/or security of our users, the Service or the general public.

Third Parties Generally.

We may provide to third parties non-personally identifiable information, including where such information is combined with similar information of other users of the Service. For example, we might inform third parties regarding the number of unique users who use the Service, the demographic breakdown of our users of the Service, or the products and/or services purchased using the Service and the vendors of such products and services. If you opt in, we may also provide to third parties personally identifiable information. For example, if you opt in, we might share our users’ responses to questionnaires and e-mail addresses with third parties in order for third parties to contact users about products and services that may be of interest. The third parties to which we may provide or who may independently directly collect personally identifiable and non-personally identifiable information may include providers of products or services (including vendors and website analytics and tracking services), merchants, affiliates and other actual or potential commercial partners, sponsors, licensees, researchers and other similar parties.  Additionally, we may use or disclose Anonymized Data for any lawful business purpose.  Please note in particular that the Service may use Crashlytics: Answers, including its data reporting features.  Information collected by Crashlytics includes but is not limited to web metrics.  For information on how Crashlytics collects and processes data, please see Crashlytics’s privacy policy, currently located at https://answers.io/img/onepager/privacy.pdf. For information on opting out of Crashlytics: Answers, we encourage you to visit Crashlytics’s website.

Outside Contractors.

We may employ independent contractors, vendors and suppliers (collectively, "Outside Contractors") to provide specific services and products related to the Service, such as hosting and maintaining the Service, providing credit card processing and fraud screening, and developing applications for the Service. In the course of providing products or services to us, these Outside Contractors may have access to information collected through the Service, including your personally identifiable information.  We use reasonable efforts to ensure that these Outside Contractors are capable of (1) protecting the privacy of your personally identifiable information consistent with this Privacy Policy, and (2) not using or disclosing your personally identifiable information for any purpose other than providing us with the products or services for which we contracted or as required by law.

Sale of Business.

We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of Gamify or any of its Corporate Affiliates (as defined below), or that portion of Gamify or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.

Affiliates.

We may disclose information (including personally identifiable information) about you to our Corporate Affiliates. For purposes of this Privacy Policy: "Corporate Affiliate" means any person or entity which directly or indirectly controls, is controlled by or is under common control with Gamify, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

DOES THIS PRIVACY POLICY APPLY WHEN I LINK TO OTHER WEBSITES OR SERVICES?

Our Service may provide you with access to other websites and services. This may include providing you with the ability to automatically post updates on Facebook and Twitter. Please be aware that we are not responsible for the privacy practices of any websites or services other than the Service. We encourage you to read the privacy policies or statements of each and every such website and service. This Privacy Policy applies solely to information collected by us through the Service.

IS THE INFORMATION COLLECTED THROUGH THE SERVICE SECURE?

We want your information (including personally identifiable information) to remain secure. We strive to provide transmission of your information from your computer or mobile device to our servers through techniques that are consistent with commercially reasonable standards and to employ administrative, physical, and electronic measures designed to protect your information from unauthorized access.

Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information over the Internet. There is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.

COULD MY INFORMATION BE TRANSFERRED TO OTHER COUNTRIES?

Personally identifiable information collected on the Service may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the Service may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. By using the Service and submitting such information on it, you voluntarily consent to the trans-border transfer and hosting of such information. Without limitation of the foregoing, you hereby expressly grant consent to the Gamify to: (a) process and disclose such information (including special categories of personal data) in accordance with this Privacy Policy; (b) transfer such information (including special categories of personal data) throughout the world, including to the United States or other countries that do not ensure adequate protection for personally identifiable information (as determined by the European Commission); and (c) disclose such information (including special categories of personal data) to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements. If you are a user accessing the Service from a jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from those of the United States, please be advised that all aspects of the Service are governed by the internal laws of the United States and the Commonwealth of Massachusetts, USA, regardless of your location.

FOR HOW LONG WILL MY PERSONALLY IDENTIFIABLE INFORMATION BE KEPT?

We will only retain your personally identifiable information for as long as necessary to fulfill the purposes for which we collected it.

To determine the appropriate retention period for personally identifiable information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personally identifiable information and whether we can achieve those purposes through other means, and the applicable legal requirements.

WHAT CHOICES DO I HAVE REGARDING MY PERSONALLY IDENTIFIABLE INFORMATION?

We generally use personally identifiable information as described in this Privacy Policy or our EULA or as authorized by you or as otherwise disclosed at the time we request such information from you. You generally must "opt in" and give us permission to use your personally identifiable information for any other purpose. You may also change your preference and "opt out" of receiving certain marketing communications from us by following the directions provided in association with the communication or such other directions we may provide or by contacting privacy@gamify.science.

Under certain circumstances and in compliance with the GDPR, you have the right to:

Request access to your personally identifiable information (commonly known as ‘subject access request’). This enables you to receive a copy of the personally identifiable information we hold about you and to check that we are lawfully processing it;

Request correction of the personally identifiable information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;

Request erasure of your personally identifiable information. This enables you to ask us to delete or remove your personally identifiable information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your personally identifiable information in certain circumstances;

Object to processing of your personally identifiable information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;

Request the restriction of processing of your personally identifiable information. This enables you to ask us to suspend the processing of your personally identifiable information, for example, if you want us to establish its accuracy or the reason for processing it;

Request the transfer of your personally identifiable information to another party; and

Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your personally identifiable information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.

If you want to review, verify, correct or request erasure of your personally identifiable information, object to the processing of your personally identifiable information, or request that we transfer a copy of your personally identifiable information to another party, please contact privacy@gamify.science.

Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personally identifiable information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

Do Not Track

The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to automated Do Not Track requests. However, if you wish to stop such tracking, please contact us with your request, using our contact details provided below.

HOW WILL I KNOW IF THERE ARE ANY CHANGES TO THIS PRIVACY POLICY?

We may revise this Privacy Policy from time to time.  We will not make changes that result in significant additional uses or disclosures of your personally identifiable information without allowing you to “opt in” to such changes. We may also make non-significant changes to this Privacy Policy that generally will not significantly affect our use of your personally identifiable information, for which your opt-in is not required. We encourage you to check this page periodically for any changes. If any non-significant changes to this Privacy Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the Service. Your continued use of the Service following the posting of non-significant changes to this Privacy Policy constitutes your acceptance of those changes.

WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?

If you have any questions or comments about this Privacy Policy or feel that we are not abiding by the terms of this Privacy Policy, please contact our Privacy Agent in any of the following ways:

By e-mail:

privacy@gamify.science

By postal mail or courier:

Attn: Privacy Agent
Gamify, Inc.
P.O. Box 0194
West Newton, MA 02465

BY USING THE SERVICE OR PERMITTING YOUR CHILD TO USE THE SERVICE, YOU SIGNIFY YOUR ACCEPTANCE OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU SHOULD NOT USE THE SERVICE OR PERMIT YOUR CHILD TO USE THE SERVICE.  CONTINUED USE OF THE SERVICE, FOLLOWING THE POSTING OF CHANGES TO THIS PRIVACY POLICY THAT DO NOT SIGNIFICANTLY AFFECT THE USE OR DISCLOSURE OF YOUR PERSONALLY IDENTIFIABLE INFORMATION, MEANS THAT YOU ACCEPT THOSE CHANGES.

 

{M1284233.6 }