Privacy Policy for Gruescope
1. Important Information and Who We Are
Purpose of This Privacy Notice
This privacy notice aims to inform you how Gruescope and its subsidiaries (collectively referred to as “Gruescope,” “we,” “us,” or “our”) collect and process your personal data through your use of our site. This includes any data you provide when you sign up for our newsletter, purchase a product, or register an account. Our site is not intended for children, and we do not knowingly collect data related to them. It is important to read this notice together with any other privacy or fair processing notices we may provide on specific occasions to ensure you fully understand how and why we use your data.
Controller and Processor
Gruescope is the data controller and processor responsible for your personal data under the European Union General Data Protection Regulation (GDPR). Our organization includes different legal entities, such as Gruescope in the United States and Gruescope United Kingdom Limited. When we mention “Gruescope,” “we,” “us,” or “our” in this notice, we are referring to the relevant company responsible for processing your data. If you have any questions or wish to exercise your legal rights, please contact us using the details below.
Contact Details
- Full Name of Legal Entity: Gruescope
- Email Address: [email protected]
- Postal Address: 61416 29 Palms Highway #118 Joshua Tree, CA 92252, USA
If you have any concerns, we would appreciate the opportunity to address them directly. For EU citizens, you can also contact the Information Commissioner’s Office (ICO) in the UK. US citizens may contact the attorney general’s office in their home state.
Changes to This Policy
We may update this policy from time to time. Any changes will be posted on this page, with the date of the latest update indicated at the top.
Third-Party Links
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We encourage you to read the privacy notice of every website you visit.
2. The Data We Collect About You
Types of Data
Personal data refers to any information about an individual that can identify them. It does not include data where the identity has been removed (anonymous data). We may collect, use, store, and transfer different kinds of personal data, including:
- Identity Data: First name, last name, username, etc.
- Contact Data: Billing address, delivery address, email, phone numbers.
- Financial Data: Bank account and payment card details.
- Transaction Data: Details about payments and purchases.
- Technical Data: IP address, browser type, time zone, and more.
- Usage Data: Information on how you use our site and services.
- Marketing and Communications Data: Your preferences for receiving marketing from us and your communication preferences.
We do not collect special categories of personal data (e.g., race, religion, sexual orientation). If you fail to provide necessary personal data, we may not be able to fulfill your orders or other requests.
3. How Your Personal Data Is Collected
Direct Interactions:
You may provide data by filling in forms or communicating with us via post, phone, email, or otherwise. This includes data provided when you:
- Place an order
- Create an account
- Subscribe to newsletters
- Request marketing materials
- Provide feedback
Automated Technologies or Interactions:
As you interact with our site, we may automatically collect technical data about your equipment and browsing patterns through cookies and other technologies. We may also receive technical data from third-party analytics providers.
Third-Party Sources:
We may receive personal data from third parties, including:
- Analytics providers (e.g., Google)
- Payment and delivery service providers
- Data brokers or aggregators
- Publicly available sources (e.g., Companies House)
4. How We Use Your Personal Data
We will only use your personal data when legally permitted. The most common reasons for using your data include:
- Performing the contract we are about to enter or have entered with you.
- Fulfilling our legitimate interests or those of a third party, provided these do not override your rights.
- Complying with legal or regulatory obligations.
We generally do not rely on consent as a legal basis for processing your data except for sending third-party direct marketing. You can withdraw consent for marketing at any time.
5. Disclosures of Your Personal Data
We may share your personal data with:
- Internal parties within the Gruescope group.
- External third parties, such as IT support, delivery companies, and payment processors.
- Third parties in the event of a business sale or restructuring.
All third parties are required to respect the confidentiality and security of your data and may only process it for specified purposes.
6. International Transfers
Your data may be transferred internationally, including outside the European Economic Area (EEA). Where we transfer your data outside the EEA, we ensure it is protected by using specific contracts approved by the European Commission.
7. Data Security
We have implemented security measures to protect your data from being lost, used, or accessed in an unauthorized way. Access to your data is restricted to employees, agents, and third parties who have a business need to know. They will only process your data on our instructions and are bound by confidentiality.
8. Data Retention
We will only retain your personal data as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting requirements. If you have subscribed to our communications, we will keep your data for up to 7 years unless you opt out.
9. Your Legal Rights
You have the right to:
- Request access to your personal data.
- Request correction or deletion of your data.
- Object to or restrict the processing of your data.
- Request the transfer of your data to another party.
- Withdraw consent for processing at any time.
If you wish to exercise any of these rights, please contact us. We typically respond to requests within one month.
10. Glossary
Legitimate Interest:
The interest of our business in managing and conducting our business to provide you with the best service and products in the most secure manner.
Performance of Contract:
Processing your data where it is necessary for the performance of a contract to which you are a party or to take steps before entering into such a contract.
Comply with Legal or Regulatory Obligation:
Processing your personal data where it is necessary for compliance with a legal or regulatory obligation to which we are subject.