Gather Privacy Policy

This Privacy Policy is effective as of June 27, 2024

Welcome to Gather. This Privacy Notice explains how Gather Presence, Inc, (“Gather”, “we”, “us”, or “our”) collects, uses, discloses, and processes personal data in connection with https://www.gather.town/ (the “Site”) the software as a service-based platform accessible via the Site or through mobile application that enables you to build customized virtual spaces and host virtual events in those customized virtual spaces (the “Platform”), as well as any specific product, service, or application that we own and control, and that references or links to this Privacy Notice (all collectively, the “Services”). 

This Privacy Notice does not address our privacy practices relating to Gather employees and other employment-related individuals, nor data that is not subject to applicable privacy laws such as deidentified or publicly available information. This Privacy Notice is also not a contract and does not create any legal rights or obligations not otherwise provided by law. 

Our Collection and Use of Personal Data

The categories of personal data we collect depend on how you interact with us and our Services. For example, you may provide us your personal data directly when you register for an account, make a purchase, upload documents and images, provide customer stories, or otherwise contact or interact with us. 

We also collect personal data automatically when you interact with our websites and other services and may also collect personal data from other sources and third parties. 

Personal Data Provided by Individuals

We collect the following categories of personal data individuals provide us:  

  • Contact Information, including first and last name, phone number, email address, mailing address, and communication preferences. We use this information primarily to fulfill your request or transaction, to communicate with you directly, and to send you marketing communications in accordance with your preferences.
  • Account Information, including first and last name, email address, avatar nickname, phone number, account credentials or one-time passcodes, and the products or services you are interested in, purchased, or have otherwise used. We use this information primarily to administer your account, provide you with our Services, communicate with you regarding your account and your use of our Services, and for customer support purposes.
  • Payment Information, including payment card information, billing address, and other financial information (such as, routing and account number). Please note that we use third-party payment providers, including Stripe, to process payments made to us. We do not retain any personally identifiable financial information, such as payment card number, you provide these third-party payment providers in connection with payments. Rather, all such information is provided directly by you to our third-party payment providers. The payment provider’s use of your personal data is governed by their privacy notice. To view Stripe’s privacy policy, please click here.
  • Content from Meetings, Webinars, Videos, Messaging, and Other Platform Interaction Features, including content generated in meetings, webinars, or messages that are hosted on the Platform, or any files, documents, images, data, or communications you choose to input, upload, or transmit to Services, including documents and images uploaded via Mapmaker or the build tool (“Customer Content”), which may include audio, video, in-meeting messages, chat messaging content, transcriptions, as well as related context, such as member and guest lists, ban lists, meeting or chat name, meeting agenda, virtual spaces maps information including layout, configuration, and design. Customer Content may contain your voice and image, depending on your settings, what you choose to share, and what you do on the Services. We use this content primarily to provide you with the Services, to facilitate your requests, and to improve our Services.
  • Survey Information, including information provided when you submit a testimonial. We use this information primarily to administer and facilitate our products and services, respond to your submission, communicate with you, conduct market research, inform our marketing and advertising activities, improve and grow our business, and facilitate the related survey.
  • Feedback and Support Information, including the contents of custom messages sent through the forms, chat platforms, email addresses, or other contact information we make available to customers, as well as recordings of calls with us, where permitted by law (including through the use of automated tools provided by us or our third-party providers). We use this information primarily to investigate and respond to your inquiries, to communicate with you, and to improve our Services.
  • Business Representative Contact Information, including information in connection with the performance of the agreement or potential agreement with us. This information may include your first name, last name, company contact information (e.g., email, phone, address), job title, and any other information related to the company or performance of the agreement with us. We use this information to provide the Services, improve and grow our business, and facilitate the information requested. 

If you choose to contact us, we may need additional information to fulfill the request or respond to your inquiry. We may provide additional privacy disclosures where the scope of the request we receive or personal data we require fall outside the scope of this Privacy Notice. In that case, the additional privacy disclosures will govern how we may process the information you provide at that time. 

Personal Data Automatically Collected

We, and our third-party partners, automatically collect information you provide to us and information about how you access and use our products and services when you engage with us. We typically collect this information through the use of a variety of our own and our third-party partners’ automatic data collection technologies, including (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such as web beacons, pixels, embedded scripts, mobile SDKs, location-identifying technologies and logging technologies. Information we collect automatically about you may be combined with other personal information we collect directly from you or receive from other sources. 

We, and our third-party partners, use automatic data collection technologies to automatically collect the following data when you use our Services or otherwise engage with us:  

  • Information About Your Device and Network, including the device type, manufacturer, and model, operating system, IP address, browser type, Internet service provider, and unique identifiers associated with you, your device, or your network (including, for example, a persistent device identifier or advertising ID). We employ third-party technologies designed to allow us to recognize when two or more devices are likely being used by the same individual and may leverage these technologies (where permitted) to link information collected from different devices.
  • Information About the Way Individuals Use Our Services and Interact With Us, including the site from which you came, the site to which you are going when you leave our Services, how frequently you access our Services, whether you open emails or click the links contained in emails, whether you access our Services from multiple devices, and other browsing behavior and actions you take on our Services (such as the pages you visit, the content you view, the communications you have through our Services, and the content, links and ads you interact with). We employ third-party technologies designed to allow us to collect detailed information about browsing behavior and actions that you take on our Services, which may record your mouse movements, scrolling, clicks, and keystroke activity on our Services and other browsing, search or purchasing behavior. These third-party technologies may also record information you enter when you interact with our Services or engage in chat features or other communication platforms we provide.
  • Information About Your Location, including general geographic location that we or our third-party providers may derive from your IP address, as well as more precise geolocation when you grant us access through your device settings (for example, if you enable location services when you use our Site and Services at any time by way of your device settings).

All of the information collected automatically through these tools allows us to improve your customer experience. For example, we may use this information to enhance and personalize your user experience, to monitor and improve our Services, and to improve the effectiveness of our products, services, offers, advertising, communications and customer service.  We may also use this information to:  (a) remember information so that you will not have to re-enter it during your visit or the next time you visit the site; (b) provide custom, personalized content and information, including targeted content and advertising; (c) identify you across multiple devices; (d) provide and monitor the effectiveness of our Services; (e) monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our website; (f) diagnose or fix technology problems; and (g) otherwise to plan for and enhance our Services.

For information about the choices you may have in relation to our use of automatic data collection technologies, please refer to the Your Privacy Choices section below. 

Personal Data from Other Sources and Third Parties

We may receive the same categories of personal data as described above from the following sources and other parties: 

  • Single Sign-On: We may provide you the ability to log in to our Services through certain third-party accounts you maintain. When you use these single sign-on protocols to access our Services, we do not receive your login credentials for the relevant third-party service. Instead, we receive tokens from the single sign-on protocol to help identify you in our system (such as by your username) and confirm you successfully authenticated through the single sign-on protocol. This information allows us to more easily provide you access to our Services.
  • Information we receive from authentication services you connect to our Service: Some parts of our Service may allow you to login through an authentication service such as Google. These services will authenticate your identity and provide you the option to share certain personal information with us, which could include your name, email address, or other information. The data we receive is dependent on that third party’s policies and your privacy settings on that third-party site. We use this information to operate, maintain, and provide to you the features and functionality of the Services.  We may also send you service-related emails or messages (e.g., account verification, purchase confirmation, customer support, changes, or updates to features of the Platform, technical and security notices).
  • Employers: If you interact with our Services in connection with your employment, we may obtain personal data about you from your employer or another company for which you work. For example, we may obtain your contact information from your employer to allow us to communicate with you about your employer’s customer relationship with us.
  • Other Customers: We may receive your personal data from our other customers. For example, a customer may provide us with your contact information as a part of a referral. 
  • Social Media: When you interact with our Services through other social media networks, such as when you follow us or share our content on other social networks, we may receive some information that you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings with the social network, and may include profile information, profile picture, username, and any other information you permit the social network to share with third parties. You should always review and, if necessary, adjust your privacy settings on third-party websites and social media networks and services before sharing information and/or linking or connecting them to other services. We use this information primarily to operate, maintain, and provide to you the features and functionality of our Services, as well as to communicate directly with you, such as to send you messages about features that may be of interest to you.
  • Advertisers, Influencers, and Publishers: We engage in advertising both on our Services and through third-party services. Advertisers, influencers, and publishers may share personal data with us in connection with our advertising efforts. For example, we may obtain information about whether an advertisement on our Services led to a successful engagement between you and a third-party advertiser.
  • Business Partners: We may receive your information from our business partners, such as companies that offer their products and/or services as a part of or in connection with our Services. For example, certain of our Services allow our customers to integrate third-party services such as including Slack, Google Calendar, and Outlook Calendar. If you choose to leverage these third-party service integrations, we may receive confirmation from our business partner regarding whether you are an existing customer of their services, and will use information included in the third-party integration to provide the Services, including, for example, meeting events and invited guests as well as their contact information, and anything else you choose to include in those services. 
  • Service Providers: Our service providers that perform services on our behalf, such as analytics and certain marketing providers, collect personal data and often share some or all of this information with us. For example, we receive personal data you may submit in response to requests for feedback to our survey providers.
  • Other Sources: We may also collect personal data about you from other sources, including publicly available sources, third-party data providers, brand partnerships, or through transactions such as mergers and acquisitions.
  • Inferences: We may generate inferences or predictions about you and your interests and preferences based on the other personal data we collect and the interactions we have with you.

Additional Uses of Personal Data

In addition to the primary purposes for using personal data described above, we may also use personal data we collect to:

  • Fulfill or meet the reason the information was provided, such as to fulfill our contractual obligations, to facilitate payment for our Services, or to deliver the services requested;
  • Manage our organization and its day-to-day operations; 
  • Communicate with you, including via email, text message, chat, social media and/or telephone calls;
  • Facilitate the relationship we have with you and, where applicable, the company you represent; 
  • Request you provide us feedback about our product and service offerings; 
  • Address inquiries or complaints made by or about an individual in connection with our Services; 
  • Create and maintain accounts for our users;
  • Verify your identity and entitlement to our Services;
  • Market our Services to you, including through email, phone, text message, push notification, and social media;
  • Administer, improve, and personalize our Services, including by recognizing you and remembering your information when you return to our Services;
  • Develop, operate, improve, maintain, protect, and provide the features and functionality of our Services; 
  • Identify and analyze how you use our Services;
  • Infer additional information about you from your use of our Services, such as your interests; 
  • Create aggregated or de-identified information that cannot reasonably be used to identify you, which information we may use for purposes outside the scope of this Privacy Notice; 
  • Conduct research and analytics on our user base and our Services, including to better understand the demographics of our users;  
  • Improve and customize our Services to address the needs and interests of our user base and other individuals we interact with;
  • Test, enhance, update, and monitor the Services, or diagnose or fix technology problems; 
  • Help maintain and enhance the safety, security, and integrity of our property, products, services, technology, assets, and business;
  • Defend, protect, or enforce our rights or applicable contracts and agreements (including our Terms of Service), as well as to resolve disputes, to carry out our obligations and enforce our rights, and to protect our business interests and the interests and rights of third parties;
  • Detect, prevent, investigate, or provide notice of security incidents or other malicious, deceptive, fraudulent, or illegal activity and protect the rights and property of Gather and others; 
  • Facilitate business transactions and reorganizations impacting the structure of our business; 
  • Comply with contractual and legal obligations and requirements;
  • Fulfill any other purpose for which you provide your personal data, or for which you have otherwise consented.

Our Disclosure of Personal Data

We disclose or otherwise make available personal data in the following ways: 

  • To Your Employer: If you interact with our Services in connection with your employment, we may disclose personal data to your employer or another company for which you work. For example, we may provide information to your employer about your usage of our Services in connection with your work for them.
  • To Other Customers and the General Public: We make available personal data designed for sharing through our Services with certain or all other Gather customers, or the general public, based on the applicable privacy settings and intended recipients. Keep in mind that the customers who view customer-generated content can always reshare or redistribute the content both on and off our Services or save or copy the content outside of our Services. In addition, by publicly posting content on our Services, you are directing us to disclose that information as broadly as possible and directing those accessing the content to do the same.
  • To Marketing Providers: We coordinate and share personal data with our marketing providers in order to advertise and communicate with you about the Services we make available.
  • To Ad Networks and Advertising Partners: We work with third-party ad networks and advertising partners to deliver advertising and personalized content on other websites and services, and across other devices. These parties may collect information automatically from your browser or device when you visit our websites and other services through the use of cookies and related technologies. This information is used to provide and inform targeted advertising, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research. For more information on how to opt out of these services, please see below Targeted Advertising Preferences. 
  • To Service Providers: We engage other third parties to perform certain services on our behalf in connection with the uses of personal data described in the sections above. Depending on the applicable services, these service providers may process personal data on our behalf or have access to personal data while performing services on our behalf.
  • To Other Businesses as Needed to Provide Services: We may share personal data with third parties you engage with through our Services or as needed to fulfill a request or transaction including, for example, payment processing services.
  • In Connection with a Business Transaction or Reorganization: We may take part in or be involved with a business transaction or reorganization, such as a merger, acquisition, joint venture, or financing or sale of company assets. We may disclose, transfer, or assign personal data to a third party during negotiation of, in connection with, or as an asset in such a business transaction or reorganization. Also, in the unlikely event of our bankruptcy, receivership, or insolvency, your personal data may be disclosed, transferred, or assigned to third parties in connection with the proceedings or disposition of our assets. 
  • To Facilitate Legal Obligations and Rights: We may disclose personal data to third parties, such as legal advisors and law enforcement: some text
    • in connection with the establishment, exercise, or defense of legal claims; 
    • to comply with laws or to respond to lawful requests and legal process; 
    • to protect our rights and property and the rights and property of our agents, customers, and others, including to enforce our agreements, policies, and terms of use;
    • to detect, suppress, or prevent fraud; 
    • to reduce credit risk and collect debts owed to us; 
    • to protect the health and safety of us, our customers, or any person; or 
    • as otherwise required by applicable law.
  • With Your Consent or Direction: We may disclose your personal data to certain other third parties or publicly with your consent or direction. For example, with your permission, we may post your testimonial on our websites.

Your Privacy Choices

The following privacy choices are made available to all individuals with whom we interact. You may also have additional choices regarding your personal data depending on your location or residency. Please refer to our Region-Specific Disclosures below for information about additional privacy choices that may be available to you. 

Communication Preferences

  • Email Communication Preferences: You can stop receiving promotional email communications from us by clicking on the “unsubscribe” link provided in any of our email communications. Please note you cannot opt-out of service-related email communications (such as, account verification, transaction confirmation, or service update emails). 
  • Push Notification Preferences: You can stop receiving push notifications from us by changing your preferences in your device’s notification settings menu or in the applicable service-specific application. Please note we do not have any control over your device’s notifications settings and are not responsible if they do not function as intended. 

Automatic Data Collection Preferences

Where a Gather-specific preference manager or privacy setting is not available, you may be able to utilize third-party tools and features to further restrict our use of automatic data collection technologies. For example, (i) most browsers allow you to change browser settings to limit automatic data collection technologies on websites, (ii) most email providers allow you to prevent the automatic downloading of images in emails that may contain automatic data collection technologies, and (iii) many devices allow you to change your device settings to limit automatic data collection technologies for device applications. Please note that blocking automatic data collection technologies through third-party tools and features may negatively impact your experience using our Services, as some features and offerings may not work properly or at all. Depending on the third-party tool or feature you use, you may not be able to block all automatic data collection technologies or you may need to update your preferences on multiple devices or browsers. We do not have any control over these third-party tools and features and are not responsible if they do not function as intended.  

Targeted Advertising Preferences

We engage third parties to help us facilitate targeted advertising designed to show you personalized ads based on predictions of your preferences and interests developed using personal data we maintain and personal data our third-party partners obtain from your activity over time and across nonaffiliated websites and other services. The data we and our third-party partners use for purposes of facilitating targeted advertising, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research, are primarily collected through the use of a variety of automatic data collection technologies, including cookies, web beacons, pixels, embedded scripts, mobile SDKs, location-identifying technologies and logging technologies. We may share a common account identifier (such as a hashed email address or user ID) with our third-party advertising partners to help link the personal data we and our third-party partners collect to the same person, or otherwise target advertising to an individual on a third-party website or platform. 

In addition to taking the steps set forth in the Automatic Data Collection Preferences section above, you may be able to further exercise control over the advertisements that you see by leveraging one or more targeted advertising opt-out programs. For example:

  • Device-Specific Opt-Out Programs: Certain devices provide individuals the option to turn off targeted advertising for the entire device (such as Apple devices through their App Tracking Transparency framework or Android devices through their opt out of ads personalization feature). Please refer to your device manufacturer’s user guides for additional information about implementing any available device-specific targeted advertising opt-outs. 
  • Digital Advertising Alliance: The Digital Advertising Alliance allows individuals to opt out of receiving online interest-based targeted advertisements from companies that participate in their program. Please follow the instructions at https://www.optout.aboutads.info/?c=2&lang=EN for browser-based advertising and https://www.youradchoices.com/appchoices for app-based advertising to opt out of targeted advertising carried out by our third-party partners and other third parties that participate in the Digital Advertising Alliance’s self-regulatory program. 
  • Network Advertising Initiative: The Network Advertising Initiative similarly allows individuals to opt out of receiving online interest-based targeted advertisements from companies that participate in their program. Please follow the instructions at https://www.optout.networkadvertising.org/?c=1 to opt out of browser-based targeted advertising carried out by our third-party partners and other third parties that participate in the Network Advertising Initiative’s self-regulatory program. 
  • Platform-Specific Opt-Out Programs: Certain third-party platforms provide individuals the option to turn off targeted advertising for the entire platform (such as certain social media platforms). Please refer to your platform provider’s user guides for additional information about implementing any available platform-specific targeted advertising opt-outs. 

Please note that when you opt out of receiving interest-based advertisements through one of these programs, this does not mean you will no longer see advertisements from us or on our Services.  Instead, it means that the online ads you do see from relevant program participants should not be based on your interests.  We are not responsible for the effectiveness of, or compliance with, any third parties’ opt-out options or programs or the accuracy of their statements regarding their programs. In addition, program participants may still use automatic data collection technologies to collect information about your use of our Services, including for analytics and fraud prevention as well as any other purpose permitted under the applicable advertising industry program.

Modifying or Deleting Your Personal Data

If you have any questions about reviewing, modifying, or deleting your personal data, you can contact us directly at privacy@gather.town. We may not be able to modify or delete your personal data in all circumstances. 

Partner-Specific Preferences

Certain of our third-party providers and partners offer additional ways that you may exercise control over your personal data, or automatically impose limitations on the way we can use personal data in connection with the services they provide: 

  • Device-Specific / Platform-Specific Preferences: The device and/or platform you use to interact with us (such as your mobile device or social media provider), may provide you additional choices with regard to the data you choose to share with us. For example, many mobile devices allow you to change your device permissions to prevent our Services from accessing certain types of information from your device (such as your contact lists or precise geolocation data), and many social media platforms allow you to change your platform permissions to prevent integrated products and services from accessing certain types of information connected with your profile. Please refer to your device or platform provider’s user guides for additional information about implementing any available platform-specific targeted advertising opt-outs. 
  • Google Analytics: Google Analytics allows us to better understand how our customers interact with our Services.  For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google's website here: www.google.com/policies/privacy/partners/. You can learn about Google Analytics’ currently available opt-outs, including the Google Analytics Browser Add-On here: https://tools.google.com/dlpage/gaoptout/. We may also utilize certain forms of display advertising and other advanced features through Google Analytics. These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick advertising cookie) or other third-party cookies together to inform, optimize, and display ads based on your past visits to our Services.  You may control your advertising preferences or opt-out of certain Google advertising products by visiting the Google Ad Center, currently available at https://myadcenter.google.com/u/0/personalizationoff?sasb=true&ref=ad-settings

Children’s Personal Data

Our Services are not directed to, and we do not intend to, or knowingly, collect or solicit personal data from children under the age of 18. If an individual is under the age of 18, they should not use our Services or otherwise provide us with any personal data either directly or by other means. If a child under the age of 18 has provided personal data to us, we encourage the child’s parent or guardian to contact us to request that we remove the personal data from our systems. If we learn that any personal data we collect has been provided by a child under the age of 18, we will promptly delete that personal data.

Third-Party Websites and Services

Our Services may include links to third-party websites, plug-ins, applications and other services. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to any personal data practices of third parties. To learn about the personal data practices of third parties, please visit their respective privacy notices. 

Updates to This Privacy Notice

We may update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will notify individuals by email to their registered email address, by prominent posting on this website or our other platforms, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.

Contact Us

If you have any questions or requests in connection with this Privacy Notice or other privacy-related matters, please contact us at privacy@gather.town. You may also reach us by mail at 2261 Market St. #4095, San Francisco, CA 94114.

Region Specific Disclosures

European Economic Area, United Kingdom or Switzerland 

Important Notice for Individuals of the European Economic Area, United Kingdom, and Switzerland

Gather complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), as set forth by the U.S. Department of Commerce.  Gather has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Gather has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Gather is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). 

Complaints per the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Principles Gather commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, UK, or Swiss individuals with inquiries or complaints regarding this notice should first contact Gather at privacy@gather.town.

Gather has committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism, JAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See DPF Annex 1 at https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.

Onward Transfer to Third Parties

In the event that we disclose your personal data to third parties to perform certain business-related services on our behalf as our “agents” (as such term is utilized under the Data Privacy Framework), we will do so only for limited and specified purposes consistent with any notice provided to you or your choices regarding processing and disclosure. These companies perform services at our instruction and pursuant to contracts which require they provide at least the same level of privacy protection as is required under the Data Privacy Framework and notify us if they are no longer able to provide such protections, at which point we will take reasonable remedial steps. We may also disclose personal information to our affiliates in order to support marketing, sale, and delivery of any services, or other business operations as disclosed in this Privacy Policy.

Gather’s accountability for personal data that it receives under the DPF and subsequently transfers to a third party is described in the DPF Principles. In particular, Gather remains responsible and liable under the DPF Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Gather proves that it is not responsible for the event giving rise to the damage.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Option to Limit Certain Onward Transfers to Third Parties

Individuals have the opportunity to opt-out of sharing of their personal data with third parties other than our agents or before we use it for a purpose other than which it was originally collected or subsequently authorized. To limit the use and disclosure of your personal information under the Data Privacy Framework, please submit a written request to Gather indicating as such.

We will not disclose your sensitive personal information to any third party without first obtaining your opt-in consent. 

In each instance, please allow us a reasonable time to process your response.

Your DPF Rights

Upon request to privacy@gather.town,we will confirm whether we are processing your personal data pursuant to the DPF and provide you with the data in a reasonable time. You also have the right to correct, amend, or delete the personal data processed pursuant to the DPF where it is inaccurate or has been processed in violation of our privacy disclosures to you, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. We may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.

Personal Information Retention

We will retain the personal information processed pursuant to the DPF in a form that identifies you pursuant to our retention policy described above. We may continue processing such personal information for longer periods, but only for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research and statistical analysis, and subject to the protection of our privacy disclosures. After such time periods have expired, we may either delete your personal information or retain it in a form such that it does not identify you personally.

How We Protect Your Data

We will implement reasonable and appropriate security measures to protect your personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in processing and the nature of such data.