Updated: February 1, 2021
1. PII that We Collect because You Provide It.
a. Registration. If you register and create a profile through our Services, then we will collect the information you provide when you register for our Services and create an account profile. This information will generally include your basic contact information, such as a mobile phone number and an email address, as well as your mailing address.
b. Communications. If you use the Services to upload information and/or communicate with other Users, we will collect the information you provide in those communications. In addition, if other users provide information about you in response to your communications, we may collect that information too.
c. Customer Support. We may collect information about you through your communications with our customer-support team.
2. PII that We Collect Automatically.
a. Location Information. If you enable the geolocation settings in your mobile device to send location information about you, we will automatically collect that information. GridBright uses both real-time and archived location data in as part of its Services. You have full control of any location data sharing with other Users at any time even when the App is not in use. GridBright never shares your location data with third parties for marketing or supporting ads.
b. Computer and Mobile Device Information. When you use our Services, we will collect certain information that your browser on your Internet Access Device sends to us (such as your browser type and version), your device’s Internet Protocol address, your location (if geolocation is enabled), your operating system, and statistics about how you use the Services.
c. Cookies. We also automatically collect “cookie” information. “Cookies” are identifiers that we transfer to your browser or device that allow us to recognize your browser or device and tell us about your visit to our Services: for example, we will gather information about your navigation history through our Services.
3. How We Use Your PII.
We may use the information we collect in the following ways:
a. Communications. We may use your PII to respond to your submissions, questions, comments, requests and complaints, and to provide you with customer service. When you request support, you authorize us, only if required, to access your PII for the limited purposes of responding to, and troubleshooting your specific support request. Also, a small subset of our personnel sometimes has access to PII as necessary to support our Websites and software platform, but such access is granted only to fulfill job responsibilities and is closely monitored.
b. Contract Performance. We may use your PII to fulfill our obligations in a contract you have purchased for our Services.
c. General and Marketing Communications. We may use your PII to deliver marketing communications to you as a supplement to the App. If we send you a marketing communication through the Services, it will include instructions on how to opt out of receiving these communications in the future (for more information about opting out, see Section 6 below).
d. Combined Information. We may combine your PII with information we automatically collect from your computer or mobile device to serve you specifically, or for advertising or advertising targeting purposes.
e. Security. We may use your PII to improve our security measures as part of our efforts to keep the Services safe and secure.
f. Analytics. We may use your PII to facilitate our internal operations, including troubleshooting, data analysis, testing, research, customization, and enhancements and improvements to the Services. As part of these efforts, we strip PII of its sensitive and individual data and make it anonymous so that it is no longer PII (“non-PII”), and then we aggregate that non-PII and subject it to analysis in its aggregate form. Quantitative analyses of aggregated non- PII data can tell us how often Users access a particular feature of the Services, and we can use that knowledge to make the Services more efficient, and to make them as useful to as many Users as possible. We also use anonymous non-PII, some of which is obtained via pixels or web beacons, for internal research and development purposes to improve our products, and to improve and test the features and functions of our Services.
g. Administrative Communications. We may use your PII to send you confirmations, updates, security alerts, and support and administrative messages about the state of the Services or about your account.
h. Legal Enforcement. We may use your PII to protect our users and to protect or enforce our users’ or GridBright’s legal rights.
4. The Limited Ways in which we Share PII with Third Parties.
GridBright will never sell or rent your PII. However, GridBright may share PII with a third party in the following ways:
a. Consented Uses. If we obtain your consent, such as when you choose to opt-in to the sharing of data, we may share your PII in order to provide the Services to you. Similarly, we may need to disclose some of your PII in order to fulfill a request from you.
b. Contracts with Partners and Service Providers. We may enter into contracts with other companies and people (“Service Providers”) to perform tasks on our behalf, and so we may need to share your PII with them to provide products or services to you. These vendors do not have any right to use the PII we share with them beyond what is necessary to assist us, and their agreements with us bind them to confidentiality obligations in regard to your PII.
c. Marketers. We may engage with a Service Provider for marketing and promotional purposes, and effective marketing may require us to provide some PII to the marketing service provider.
d. Asset Purchases or Sales. We may choose to buy or sell business assets. In these types of transactions, customer information is typically one of the business assets that would be transferred. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, PII could be one of the assets transferred to or acquired by a third party. In any transaction of this sort, strict confidentiality and non-disclosure provisions would bind the parties to an obligation to preserve the confidentiality of your PII.
e. Aggregate Non-PII. We may provide anonymized non-PII information in aggregate form to our partners and service providers, who may perform various analytics on our Services or may use the aggregated information to develop their own marketing for their own business purposes. In such circumstances, we never disclose aggregate information to a partner in a manner that would identify you personally, as an individual.
f. Enforcing Legal Rights. We may need to disclose your PII to protect the rights of our users or to protect GridBright’s rights or property.
g. Complying with Legal Orders. We may be required to use and retain PII for legal and compliance reasons, such as the following: to prevent, detect, or investigate a crime such as fraud or identity theft; to prevent loss of confidential information; to meet our internal and external audit requirements; to provide security; to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities; to enforce our terms and conditions; to respond to any other necessary compliance circumstances under applicable laws; and, to protect our rights, privacy, safety, or property, or those of other persons. To help us achieve these lawful purposes, we reserve the right to access, read, preserve, and disclose any information that we believe is necessary for us to comply with law or with an order from a court or regulatory agency, to enforce our agreements, or to protect the rights, property, or safety of our employees, our Users, or others.
5. Your Rights to Control Our Use of Your PII.
a. The Right to Know
You have the right to know what PII is being collected about you, and the right to request information about what specific categories of PII are being collected, our purposes for collecting PII, and the ways in which we may share PII with third parties. We discuss these topics generally in this Policy, but if you desire more information, you may email us at info@GridBright.com or call us at 925-899-9025.
b. The Right to be Notified
You have the right to know when and how your PII is being collected. This Policy constitutes general notice to you of the ways in which we collect and use PII. If you want more information, you may email us at info@GridBright.com or call us at 925-899-9025.
c. The Right to Make Changes
You have the right to change, edit, or delete (see below) any of the PII we have collected from you during your use of our Websites. If you register and create a profile, you can add, edit, or update your PII, or delete your registration account profile in whole or in part.
d. The Right to Delete and Be Forgotten
You have the right to request that we delete any PII we have collected from you. We will comply with any such request that we receive from you, except when we need the PII to complete a transaction that you requested, or when we need to retain your PII to comply with a legal obligation under other applicable laws.
e. The Right to Say No
You have the right to opt-out of any collection we make of PII. If you are receiving texts sent to your handheld device and you wish to opt out, reply STOP to any such message. Alternatively, you may email us at info@GridBright.com or call us at 925-899-9025 to communicate that you are opting out. We do not sell, license, lease, rent, or trade PII, but we nevertheless comply with the CCPA requirement to include a “Do Not Sell My Personal Information” notice on our homepage: clicking on that notice will bring you here to this Policy, where we provide the email address and toll free number above to allow you to communicate to us your desire to opt-out.
f. The Right to Fair and Equal Treatment
In compliance with CCPA’s non-discrimination provisions, we do not distinguish between users based on their choices in regard to exercising their privacy rights.
g. The Right to Not Be Tracked
You have the right not to be tracked for targeted advertising. Your right to opt-out of such tracking is protected under CalOPPA. If you use a popular browser (such as, but not limited to, Safari, Chrome, Internet Explorer, or Firefox) you can set the “Do Not Track” (or DNT) preference setting on your browser to opt-out of online behavioral tracking. We respond to Do Not Track (DNT) signals, as we are required to do under CalOPPA.
6. Your Additional Controls
In addition to the rights delineated above, you have control over the use of your PII in the following specific contexts:
a. General Communications. If you do not want to receive general communications from us, which will include marketing materials from us and from our partners, you may opt-out of receiving such communications, and we ask that you please indicate your preferences on your account settings. Please remember that even if you opt out of receiving general communications from us, we may still send you important information related to your account or to the Services.
b. Text Messages. If you are receiving texts sent via the Service and you wish to opt out, reply STOP to any such message, or send an email with your cellphone number and the subject line “Opt-Out” to info@GridBright.com.
c. Profile Changes. Under CalOPPA, you have the right to change, edit, or delete any of the PII we have collected from you during your use of our Services. Accordingly, you can add, edit, or update your personal information, or delete your registration account profile in whole or in part. Please know that when you update or delete your information, we may maintain a copy of the unrevised information in our records, but never in a manner that would identify you personally. Also, please keep in mind that if you delete your registration account profile in whole or in part, the Services will no longer be available to you unless and until you re-register.
d. Location Information. You can prevent us from collecting location information from your Internet Access Device by changing the settings on your internet access device.
e. Social Media Notifications. If you connect a social media account such as Facebook or Instagram to your GridBright account profile, you may receive updates on what your friends are doing on the Services. However, you can manage these notifications by toggling your social settings to ensure your privacy or by disconnecting such social media integration.
f. Cookies. Users who prefer not to accept cookies can set their Internet browser to notify them when they receive a cookie or to prevent cookies from being placed on their hard drive. You can read more about cookies at http://www.allaboutcookies.org/cookies/.
g. “Do Not Sell My Personal Information.” We do not sell PII. However, the Service Providers we partner with may use technology that uses PII for interest-based advertising. You can opt out of receiving ads that are personalized by sending us an email with the subject line “Opt-Out” to info@GridBright.com. The opt out will place a cookie on your computer that is unique to the browser you use to opt out. Accordingly, if you change browsers or delete the cookies saved by your browser, you will need to opt out again.
h. Marketing and California’s Shine the Light Law. Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice which identifies the categories of PII that we share with any third parties for marketing purposes, and which provides contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to info@GridBright.com
7. PII and Children.
a. COPPA. The Children’s Online Privacy Protection Act (“COPPA”) requires online service providers to obtain parental consent before they knowingly collect PII from children who are under 13 years of age. We do not knowingly collect or solicit PII from children under 13. If you are a child under 13, please do not attempt to send any personal information about yourself to us through our Services. If we learn that we have collected PII from a child under age 13 without parental consent, we will delete that information as quickly as possible as may be required by COPPA and other laws. If you believe that a child under 13 may have provided us personal information without parental consent, please contact us at info@GridBright.com.
b. California Privacy Rights for Minor Users. (California Business and Professions Code Section 22581) California Business and Professions Code section 22581 allow California residents under the age of 18 who are registered users of online sites, services or applications to request and obtain removal of content or information they have publicly posted. To request removal of such data, you can contact us at info@GridBright.com. Be aware that Your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances (such as if you are not a California resident).
8. Users Who Reside in Jurisdictions Other than the United States.
If you access the Services from a jurisdiction in the European Union or from another jurisdiction with laws governing data collection and use, please note that you are using Services with privacy and security safeguards designed to comply with the applicable state and federal laws of the United States. By using the Services, you are agreeing to the transfer of your information to the United States and processing of such information in the United States in accordance with this Policy.
a. No Guarantee of Complete Security. Although we use commercially reasonable efforts consistent with industry standards to keep your PII secure, we cannot guarantee complete security. If you are a Customer, your account is protected by a password for your privacy and security. You bear the responsibility and obligation to prevent unauthorized access to your account and your PII by selecting and protecting your password and/or other sign-on mechanism appropriately and limiting access to your internet access device. Unauthorized entry or use, hardware or software failure, and other factors beyond our control, may compromise the security of user information at any time.