We are Intros.at Ltd, the provider of the Grip mobile application. We are committed to protecting and respecting your privacy.
SCOPE OF POLICY
and Any of the services accessible through Grip (Services).
This policy sets out the basis on which any personal data we collect from you, or that you or others provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. In particular, note that we will use your data to propose ‘handshakes’ with other Grip users. This is based on the content of social media platforms hosting accounts you notify us of, and information provided to us by the promoter of an event for which you have registered and we have produced a branded version of Grip (“Event Promoter”). For the purpose of data protection legislation, the data controller is Intros.at Ltd whose registered office is Treviot House, 186-192 High Road, Ilford, Essex, England, IG1 1LR.
INFORMATION WE MAY COLLECT FROM YOU
Information you give us (Submitted information): You may give us information about you by completing your profile or filling in forms on Grip, or by corresponding with us (for example, by e-mail or chat). This includes information you provide when you register to use Grip, subscribe to any of our Services, search for another user, ‘handshake’ with another user, share data via Grip’s social media functions, enter a competition, promotion or survey, and when you report a problem with Grip. The information you give us may include your name, address, e-mail address and phone number, access to your LinkedIn, FaceBook or other social media account, the Device's phone number, your age, username, password and other registration information, personal description and photograph. It will also include the details of any event for which you have registered with an Event Owner.
Information we collect about you and your Device. Each time you use Grip we may automatically collect the following information:
- Technical information, including the type of mobile device you use (model, manufacture and library version), a unique device identifier (for example, your Device's IMEI number, the MAC address of the Device's wireless network interface), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, (Device Information);
- Information contained in your LinkedIn, FaceBook account (if you permit us to access them) or other account we ask your permission to access (Social Information);
- Details of your use of Grip and the resources and features that you access, the users you ‘handshake’ (or you decline to handshake, or who decline to handshake you) (Log Information).
Information we receive from Event Promoters. We work with Event Promoters and may receive information about you from them, in relation to an event you have registered to attend. This information comprises the registration details you provided to the Event Promoter - for example, your name, email address, street address and demographic data. (Event Promoter Information).
If you contact us, we may keep a record of that correspondence.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
Submitted Information: We will use this to help us provide you with Grip’s various features and personalise your experience; we will also use it to display your profile to other users, and propose you as a potential ‘handshake’ for other users. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
Device information: We use this to better understand who uses Grip and quickly understand if bugs are related to specific phones.
Social Information: We use this to build your profile and to help us decide which other users are good potential ‘handshakes’ for you, and whether you are a good potential ‘handshake’ for other users. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
Log information: we use this to optimize and further develop Grip for the benefit of us and all our users. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
Event Promoter Information: we use this to personalise your Grip experience in relation to the event you are attending, and to decide which other users to propose a ‘handshake’ with. We may use an email address we receive from an Event Promoter for the purposes of sending you service messages regarding how to access and use Grip. We also anonymise and aggregate the information such that it can no longer identify you as an individual. We do this for various purposes including research and improving our Services.
We may associate any category of information with any other category of information and will treat the combined information as personal data in accordance with this policy for as long as it is combined.
If we have your consent, we may also use your personal data to provide you with marketing messages about other products and services we provide which may be of interest to you.
Also, we may provide the operator of the MEDICA/COMPAMED app with anonymous aggregate information about our users (for example, we may inform them that 500 men aged under 30 have used the chat function on any given day). This data will not identify you as an individual.
OUR LEGASL BASIS FOR PROCESSING YOUR DATA
It is necessary for the purposes of our legitimate interests, except where our interests are overridden by the interests, rights or freedoms of affected individuals (such as you). To determine this, we shall consider a number of factors, such as what your expectations are about the processing of the data, the nature of the data, and the impact of the processing on you.
In some cases, your consent (such as where we seek your consent to send you details of our products and services by email).
It may be necessary for us to undertake processing in order to comply with mandatory legal obligations to which we are subject under EU or UK law.
DISCLOSURE OF YOUR INFORMATION
We collect, record, and process data on behalf of Messe Düsseldorf GmbH, Stockumer Kirchstr. 61, Messeplatz, 40474 Düsseldorf, Germany, We will disclose any of the above information to Messe Düsseldorf GmbH as the operator of the MEDICA/COMPAMED app you have joined.
Category of data Submitted Information; Event Promoter Information
Recipient Messe Düsseldorf GmbH as the operator of the MEDICA/COMPAMED app you have joined provided by Intros.at. Since you are using a corporate-branded or event-branded version of the app, this includes the owner of that brand and companies doing business under that brand.
Category of data Submitted Information, Social Information
Recipient Other users of Grip.
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006, if and as far as said disclosure is necessary for proper operation of the app.
We may disclose your personal information to third parties:
If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.
In order to:
protect the rights, property or safety of Intros.at, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
HOW LONG WILL WE RETAIN YOUR DATA?
We will not retain your personal data for longer than is necessary in relation to the purposes for which the data was collected or otherwise processed. The criteria we use for determining this period data will be any legal or regulatory requirements, statutory retention periods or guidance provided by regulatory bodies such as the Information Commissioners Office. For example, we delete any personally identifying Log Data when you disable your Grip account, or 2 years after your last use of Grip. We use this 2 year period because in our experience users may wish to retain an active Grip registration to access information derived from the Services when they repeat attend the same event in another year. Some events are held on a biennial basis (every 2 years).
We take security seriously. A summary of our security measures employed to protect your data is [here]. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or through Grip or the Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Grip includes chat features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.
To assist us in providing an effective networking service, in addition to the data that you provide to us if you register, we may also obtain data from your usage of Grip to help us understand what you might be interested in, or who you might be interested in connecting with. This ‘profiling’ activity is powered by some intelligence in our software which makes calculations about potential preferences or requirements you might have about what you see in the app or who we think you might wish to connect with. There’s no consequence for you of this profiling other than hopefully refining and improving what we suggest to you in Grip.
You have the right to ask us not to process your personal data for marketing purposes. we will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. If you are using a third party-branded version of the App, this includes disclosure to the owner of, or companies doing business under that brand. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com.
WEBSITED OF OTHERS
Grip may, from time to time, contain links to and from the websites of others. If you are using a third-party branded version of Grip, this includes websites of companies providing services under that brand. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.
DISABLING YOUR GRIP ACCOUNT
If you no longer wish to participate in the matchmaking process, please send an e-mail to firstname.lastname@example.org indicating your name and e-mail address.
TRANSFERS OF DATA OUTSIDE EUROPE
The information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). These countries may not have similar data protection laws to those in the EEA. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. We currently use Mailgun to help us manage our email communication. Mailgun is a US company which participates in and has certified its compliance with the EU-US Privacy Shield Framework. We also use Mixpanel, another US company, to perform simple usage tracking. All data collection is performed by Mixpanel, and no personally identifiable information is used. Mixpanel is also certified under the EU-US Privacy Shield – further details are available on the Mixpanel website, at https://help.mixpanel.com/hc/en-us/articles/115004494783-EU-US-Privacy-Shield-Framework.
If you use our Services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those Services.
You have a number of rights regarding our use of your data. Upon written request, we will provide you with a copy of the personal data which we keep about you, subject to any exceptions under data protection laws (for example, if the data includes information about other people). We will respond to you within the time frame specified within the applicable data protection law, which is generally within one month of receipt of the written request. We will provide the information without charge, but we may charge a reasonable fee for the administrative cost of providing the information where the request for information is excessive.
You can require us to correct any mistakes in your personal data which we hold about you. You can request a copy of your information which we hold (this is known as a subject access request). To the extent required by data protection laws, we will provide you with a readable copy of the personal data which we keep about you. We will respond to you within the time frame specified within the applicable data protection law, which is generally within one month of receipt of the request.
You can ask us to stop contacting you for direct marketing purposes.
You can require us to erase personal information we hold about you where: the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you object to the processing and there is no overriding legitimate interest for us to continue the processing of the data; your personal data was unlawfully processed; or your personal data must be erased in order to comply with a legal obligation.
You have the right to restrict the processing of your personal data where: you contest the accuracy of the personal data; you have objected to our processing of your data, and we are considering your objection because we have said the processing is necessary for the purpose of our legitimate interests; the processing is unlawful and you do not wish for the data to be erased but require restricted processing of the data instead; or we no longer require your personal data but you require the data to establish, exercise or defend a legal claim.
You have the right to object to us processing your personal data where our legal basis for processing the data is for the purposes of our legitimate interests or for the performance of a task carried out in the public interest. We may refuse if there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is necessary for the exercise or defence of legal claims.
Should you wish to exercise these rights then you can write to us at email@example.com.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can get in touch with the UK data protection regulator, the Information Commissioner’s Office. Further details can be found at www.ico.org.uk or 0303 123 1113.