Grayshift LLC Privacy Policy

Last Updated: May 2021

This privacy policy will explain how Grayshift, LLC (931 Monroe Dr NE Suite A102-340 Atlanta, GA 30308, UNITED STATES) collects and uses your personal data collected via our website and/or our products or services.

Topics:

What personal data do we collect from you?

Grayshift may collect the following data:

How do we collect your data?

You directly provide Grayshift with most of the data we collect. We collect data and process  data directly when you:

We also collect your data via automated means, such as via cookies and similar technologies.   We collect data and process data automatically when you:

Why will we use your data?

Grayshift collects your data so that we can:

How will we share your data?

Grayshift may share your data as follows:

Marketing

Grayshift would like to send you information about products and services of ours that we think you might like.

If you have agreed to receive marketing, you may always opt out at a later date.

You have the right at any time to stop Grayshift from contacting you for marketing purposes.

If you no longer wish to be contacted for marketing purposes, please follow the opt-out instructions included in the email you received or contact privacy@grayshift.com.

What are cookies?

Cookies are text files placed on your computer to collect standard Internet log information and website visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

For further information, visit allaboutcookies.org.

How do we use cookies?

Grayshift uses cookies in a range of ways to improve your experience on our website, including:

What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

How to manage cookies

You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

Third party analytics

We use automated devices and applications, such as Google Analytics, to evaluate usage of our website. We also may use other analytic means to evaluate our website. We use these tools to help us improve our website’s performance and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects, to perform their services. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Do not track

Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking as discussed in this section (e.g., by disabling cookies).  You also may opt-out of targeted advertising by following the instructions in the “Third-Party Ad Networks” section below.

Third party ad networks

We use third parties such as network advertisers to serve advertisements on third party websites or other media (e.g., social networking platforms). This enables us and these third parties to target advertisements to you for products and services in which you might be interested. Third party ad network providers, advertisers, sponsors and/or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), local storage objects and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third party cookies and other technologies are governed by each third party’s specific privacy policy, not this one. We may provide these third party advertisers with information about you.

Users in the United States may opt out of many third party ad networks. For example, you may go to the Digital Advertising Alliance (“DAA”) Consumer Choice Page for information about opting out of interest based advertising and their choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative (“NAI”) Consumer Opt-Out Page for information about opting out of interest based advertising and their choices regarding having information used by NAI members.

Opting out from one or more companies listed on the DAA Consumer Choice Page or the NAI Consumer Opt-Out Page will opt you out from those companies’ delivery of interest based content or ads to you, but it does not mean you will no longer receive any advertising on our website or on other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt out on the DAA or NAI websites, your opt out may not be effective. Additional information is available on the DAA’s website at www.aboutads.info or the NAI’s website at  www.networkadvertising.org.

Security of your data

We have implemented reasonable precautions to protect your data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can ever completely guarantee security. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords.

Privacy policies of other websites

The Grayshift website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Children under the age of 18

Our website and products and services are not designed for children under 18. If we discover that a child under 18 has provided us with data, we will delete such data from our systems.

Changes to our privacy policy

Grayshift keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated as of the date shown at the top of this policy.

How to contact us

If you have any questions about Grayshift’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Contact Grayshift: privacy@grayshift.com

Additional Information for persons in the UK or EEA

Justification for processing personal data (legal basis)

We will only process your personal data if we have a legally-recognized justification (legal basis) for doing so, as described below.

Contract Performance: In some circumstances, we need to process personal data to perform our obligations under a contract with you or your organization. In other cases, we need to process personal data at your request in order to enter into a contract with you or your organization. When we need to process data to perform a contract or take steps to enter into a contract, your failure to provide such personal data may result in our inability to provide services or take requested steps that require such data. The purposes of processing personal data for contract performance are:

Legitimate Interest: We sometimes process personal data to further our legitimate interest or that of third parties, and in particular our interest in developing and marketing our products and services in order to grow our business and reputation. The purposes of processing personal data to pursue our legitimate interest are:

Consent: In some cases, we may process personal data based on the consent you grant to us at the time we collect such data. Our purposes of processing personal data when you consent are:

UK/EEA Legal Obligation: In other cases, we may be required to process personal data under laws of the UK or EEA that apply to us. The purposes of processing personal data under UK/EEA law are:

UK and EEA Data Subject Rights

You have certain rights with respect to your personal data as set forth below. Some of these rights are subject to specific conditions pursuant to applicable law.

Access:  You can obtain more information about the personal data we hold about you and request access to and a copy of such personal data.

Rectification:  If any personal data we are holding about you is incorrect or incomplete, you can require that we correct or supplement such data.

Erasure:  You can require that we erase some or all of your personal data from our systems under specific conditions set forth in applicable law, such as when processing is based solely on your consent and you withdraw it, or when data has been unlawfully processed, and provided that we do not have a UK or EEA legal obligation to continue processing the data.

Portability:  Where we process your personal data based on your consent, or to perform a contract with you, you are entitled to receive a copy of your personal data in a machine-readable format. You can also request that we transmit the data to another controller.

Objection:  You can contact us to let us know that you object to the further use or disclosure of your personal data that we process in furtherance of our legitimate interests, on grounds relating to your particular situation.  

You have the right object at any time to our processing of your personal data for direct marketing purposes.

Withdrawal of Consent:  If we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.

Restriction of Processing: Under specific conditions you can require us to restrict processing of your personal data so that we may only store it and not further process it, such as during the period when we verify the accuracy of your personal data if you claim the data is inaccurate.

For more information about these rights, or to submit a request, please email us at privacy@grayshift.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is excessive or manifestly unfounded, if it jeopardizes the rights of others, or if it is not required by applicable law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include personal data, if necessary to verify your identity and the nature of your request.

Right to File a Complaint:  You also have the right to lodge a complaint about Grayshift’s practices with respect to your personal data with the supervisory authority of your country. The supervisory authority in the UK is the ICO Home | ICO.  A list of supervisory authorities in the EU is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Transfers of personal data

Grayshift and its service providers are located in the U.S., where the laws are not considered by the European Commission to provide adequate protection to personal data. Transfers of personal data to the U.S. are made (i) on the basis of your explicit consent, or (ii) where necessary to perform a contract with you or your organization, or take pre-contractual steps that you have requested, or (iv) pursuant to Standard Contractual Clauses approved by the European Commission. Where we rely on the Clauses, you may obtain a copy of them by contacting us at privacy@grayshift.com.

Retention of personal data

We apply a general rule of keeping personal data only for as long as required to fulfil the purposes for which it was collected. We typically retain certain elements of your personal data for a period of time corresponding to a statute of limitation, for example to maintain an accurate record of your dealings with us, such as pursuant to a contract so that we can raise or defend a legal claim. In some circumstances we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal requirements, where it is necessary for the establishment, exercise or defense of legal claims, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.