Privacy Notice and Policy
Last Updated May 23, 2018
gimp.us.com is a website owned and operated by Tightrope Interactive, Inc. ("Company").
The Company takes privacy matters very seriously. This document describes our obligations under EU’s General Data Protection Regulation (GDPR), explains what type of data we are collecting and how we are using this data. This document pertains to the usage of our websites and browser extensions.
Sections 2-3 of this document apply to all data subjects in the European Union and European Economic Area whose personal data is collected, in line with the requirements of the GDPR Article 6.1(f).
The GDPR Owner is responsible for ensuring that this notice is made available to data subjects as the Company is collecting/processing their personal data.
3. Privacy Notice
3.1 Who are we?
The Company develops and markets browser extensions. We create browser extensions and offer them to consumers.
Our GDPR Owner can be contacted directly here:
- Tightrope Interactive: GDPR REQUEST
- 588 Sutter St #551
- San Francisco, CA 94102
The personal data we will collect from you is:
- IP Address: sent to us from your browser when you access one of our websites.
- GUID: an identification string created upon installing one of our extensions.
The personal data we collect will be used for the following purposes:
- Fraud detection to ensure our services are not being accessed or used in a fraudulent manner.
- Geography Detection to ensure we deliver correct services to users around the world.
Our legal basis for processing for the personal data:
- GDPR Article 6.1(f) - where processing is necessary for the purposes of the legitimate interests pursued by the controller
- GDPR Recital 47 - The processing of personal data strictly necessary for the purposes of preventing fraud also constitutes a legitimate interest of the data controller concerned.
Any legitimate interests pursued by us, or third parties we use, are as follows:
- We use IP address and GUID to track and prevent fraudulent use of our services.
- We use IP addresses to determine geography of our users, in order to deliver correct geographic services to users.
- We use GUID to deliver correct services and functionality to users of our extensions.
The special categories of personal data concerned are:
- We do not collect or process any special categories of personal data as defined by GDPR.
3.2 Consent & Lawfulness of Processing
We lawfully process the personal data outlined in this document under GDPR Article 6.1(f).
You can object to our processing of the personal data outlined in this document by contacting the GDPR owner with your IP address and GUID.
The Company will pass on your personal data to third parties without first obtaining your consent. The personal data we will pass on is IP Address.
The following third parties will receive your personal data as part of the processing activities:
3.4 Retention Period
Company will process personal data outlined in this document immediately upon your connection to our websites or installation of our extensions.
IP address and GUID information in server logs will be retained for a period of 20 days. GUID information will be retained for a period of 90 days after the last connection to our services from a user with that GUID.
3.5 Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access — you have the right to request a copy of the information that we hold about you.
- Right of rectification — you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten — in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing — where certain conditions apply to have a right to restrict the processing.
- Right of portability — you have the right to have the data we hold about you transferred to another organization.
- Right to object — you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling — you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that Organization Name refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in clause 3.6 below.
You can contact the GDPR Owner outlined in this document in writing to exercise any of these rights. Include your IP Address and GUID in your communication in order to exercise these rights.
All of the above requests will be forwarded on should there be a third party involved (as stated in 3.3 above) in the processing of your personal data.
In the event that you wish to make a complaint about how your personal data is being processed by the Company (or third parties as described in 3.3 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the GDPR Owner.
Our GDPR Owner can be contacted directly here
Read more about how and why we use your data here.
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:
- “any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
What Personal Data does the Company collect and Store?
The personal data we will collect from you is:
- IP Address — sent to us from your browser when you access one of our websites.
- GUID — an identification string created upon installing one of our extensions.
How we use your information
This privacy notice tells you how the Company will collect and use your personal data for delivery of our website and extension services.
Why does the Company need to collect and store personal data?
In order for us to provide you our website and extension services we need to collect personal data for geography detection and fraud detection purposes. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
Will the Company share my personal data with anyone else?
We may pass your personal data on to third-party service providers contracted to the Company in the course of dealing with you. The personal data we may share is your IP Address.
Any third parties that we may share your data with are obliged to keep your details securely.
How will the Company use the personal data it collects about me?
The Company will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary.
We will use your IP Address to help prevent fraudulent use of our services. For example, we can detect for abusive use of our services from any particular IP address or set of IP addresses and use firewalls to block this traffic from accessing our services.
We will use the GUID generated upon installation in ensure proper delivery of the extension services. The GUID reflects which extension was installed and which country it was installed in. We use this information to deliver the correct content for each extension.
What non-personally identifiable information does the Company store?
Non Personally Identifiable Information is data that cannot be used to identify a specific person. Examples of NPII can include items such the type of Web Browser you are using, the version of the web browser, the Operating System and the country you are located in.
The Company retains some non-personally identifiable information to improve our website and for statistical purposes.
A cookie is a small text file sent to your browser. Cookies are stored on your computer’s hard drive for record keeping purposes.
When you visit our website, the Company may store a cookie on your computer; such cookie identifies that you previously visited this website, and allows us to analyze our web traffic to improve our services and better serve our visitors.
Web beacons or Pixels
Web beacons or Pixels are tiny graphics, similar in function to cookies. They track your online Web movement on our web pages and extensions. We embed Pixels invisibly on Web pages. They are about the size of the period at the end of this sentence. We do not tie the information gathered by Pixels to our customers’ Personally Identifiable Information.
We may use web beacons on our site to help track consumers how consumers use our websites and extensions in order to help improve our website sites and extensions. We do not collect or store personal data with web beacons or pixels
Under what circumstances will the Company contact me?
The Company will not contact you in the course of normal business. We do not collect any contact information in the course of normal business.
If you contact us by phone or email — we may communicate with you via the email or phone number you have contacted us with.
Children's Online Privacy
We do not knowingly collect information about children under the age of 13. We encourage parents and guardians to be familiar with the web sites that their children visit the Federal Trade Commission ("FTC") regulates the means by which web site operators collect and use personal information from children under 13, pursuant to the Children’s Online Privacy Protection Act of 1998 (the "Act"). For more information about the Act and children’s on-line privacy in general, visit the FTC’s web site at www.ftc.gov/privacy. For safety tips on privacy visit www.OnGuardOnline.gov.
Document Owner and Approval
The GDPR Owner is the owner of this document and is responsible for ensuring that this record is reviewed in line with the review requirements of the GDPR.
We reserve the right to modify this policy at any time. If we make material changes to this policy, we will notify you here.Enforcement / Redress
Alternatively, if you would like, contact us via e-mail at firstname.lastname@example.org