PLEASE NOTE THAT GATHER WILL NEVER SELL YOUR PERSONAL DATA (E.G. NAME, ADDRESS, EMAIL) TO ANY THIRD PARTY.
When you access the Site or Services, you trust us with certain information (we will call this “data” for the sake of consistency). We are committed to keeping that trust, and that starts with helping you to understand our privacy practices. We collect several different types of data for various purposes, but mainly to provide the Services and improve our Services for the benefit of our customers.
The Gather Platform is an application for a customized virtual space that is accessed via web browser. Here are some highlights of our privacy practices on the Gather Platform:
- Gather does not store or view user audio or video, which are encrypted in transit (similar to Google Meet)
- Gather does not store chat messages on our server. Chat messages are cached in your browser settings or your system (for desktop computer usage).
- Gather stores documents and images, where they are encrypted at rest in cloud storage
- Gather stores user email addresses, the date and time that a user created an account to access the Platform, and the last time a user logged in to the Platform
- Gather stores metadata about virtual spaces on the Platform, including which map that space was created with, the unique URL for that space, a salted hash of the space password (if one exists), which user created that space and which users are authorized to moderate it, and the list of emails and names in the guestlist associated with that space (if any)
- If you provide feedback via the feedback form on the Platform, we store your message, along with your name and email, if you provide them, which are used only to respond to your feedback.
The MapMaker tool is necessary for users to create or customize a virtual space that is the backbone of the Platform. Here are some highlights of our privacy practices on the MapMaker Tool.
- Gather stores everything you upload to MapMaker, including without limitation background images and other user assets. Everything uploaded is encrypted at rest with AES256 in cloud storage.
- Gather stores metadata about the map for any virtual space, like what squares are impassable, where the spawn points are, and who owns the map.
- Gather does not share maps with other users without your explicit consent, although you may share it yourself by, for example, inviting a user to the virtual space.
Data We Collect
A. Personal Data
Types of Personal Data we collect includes:
- Email address
- First name and last name
- The nickname or other information you might provide in connection with an avatar
- Any Personal Data that you provide when you contact our sales team via the Contact Form on the Site
If you use the Services to make payments of any kind, or to set up the capability to make payments, you may provide us (or our third-party payment processors) additional Personal Data including financial data (such as your credit card data or other applicable payment method, billing address, billing telephone number, or date of birth). We store very little, if any, customer financial data and such financial data is typically stored by our third-party payment processors, but we may use this data under certain circumstances to create and to provide support related to your account and to communicate with you relating to customer support inquiries as well as other communications related to the Services. We encourage you to review the privacy policies of any third-party payment processors used in connection with and to contact them directly if you have questions relating to your data, including Personal Data, as it relates to such payments. We currently use Stripe to process debit and credit card payments and their data policies can be found here.
B. Usage, Location and Tracking Cookies.
We collect anonymized data on how the Site and Services are accessed and used (“Usage Data”). This Usage Data may include data such as your computer’s Internet Protocol address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers, and other diagnostic data.
We may use and store data about your location (“Location Data”) when you visit the Site. We use this data to improve and customize our Site or Services. You can enable or disable location services when you use our Site and Services at any time by way of your device settings.
To opt out of receiving targeted advertising use the link to the DAA opt-out site www.aboutads.info or the NAI opt-out site at networkadvertising.org/choices, in Europe, the EDAA opt out site at youronlinechoices.eu.
How We Use Personal Data
Gather reserves the right to use your Personal Data for any legitimate business purpose as set forth in the California Consumer Privacy Act (the “CCPA”). Specifically, we use Personal Data:
- To provide, maintain and improve our Site and Services
- To monitor the usage of our Site and Services
- To detect, prevent, and address technical issues in connection with our Site and Services
Additionally, we may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers or email you about updates to the Services or your use of the Services. These promotional emails contain the ability to opt-out. Also, we may receive a confirmation when you open an email from us. This confirmation helps us make our communications with you more interesting and improve our services.
How We Retain, Transfer, and Disclose Your Personal Data
Typically, if you use our Services, we retain Personal Data about you for as long as you have an open user account with us and will not retain it for more than twelve (12) months after you close your user account, unless a different policy is otherwise agreed upon in an executed agreement. Thereafter, we retain some data in a depersonalized or aggregated form but not in a way that would identify you personally.
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time than Personal Data, except when this data is used to strengthen the security or to improve the functionality of our Site, or we are legally obligated to retain this data for longer periods.
Your data, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide data to us, please note that we transfer the data, including Personal Data, to the United States and process it there.
That said, we will process and disclose your Personal Data to the extent necessary to comply with our legal obligations, complete corporation transactions, resolve disputes, and enforce our legal agreements and policies as follows:
A. Business Transaction
If the Company is involved in a merger, acquisition, or asset sale, we may disclose or transfer Personal Data for purposes consistent with that transaction.
B. Disclosure for Law Enforcement
Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
C. Other Legal Requirements
The Company may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of the Company
- To prevent or investigate possible wrongdoing in connection with the Site or Services
- To protect the personal safety of users of the Site or Services or the public
- To protect against legal liability
The security of your data is important to us, and we use industry standard methods for data encryption and key management to protect data transmitted over public networks and when stored on our systems. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security, as no method of transmission over the internet or method of electronic storage is 100% secure.
How to Request Deletion of Your Personal Data
If you would like to request that Gather delete your personal data, you may contact us directly at email@example.com to submit your request. Gather will respond within a reasonable time frame in accordance with applicable laws and regulations.
A. Your Rights under California Online Protection Act (“CalOPPA”)
We do not support Do Not Track (“DNT”). DNT is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the Preferences or Settings page of your web browser.
In accordance with CalOPPA, we agree to the following:
- Site users can visit our site anonymously
- Site users are able to change their personal data (as defined by CalOPPA) by emailing us at firstname.lastname@example.org
B. Your Rights under the General Data Privacy Regulation (GDPR)
If you are a resident of the European Union (EU) and European Economic Area (EEA), GDPR affords you certain rights. These include:
- The right to access, delete, or update the data we have on you
- The right to have your data rectified if that data is incomplete or incorrect
- The right to object to our processing of your data
- The right to request that we restrict the processing of your data
- The right to request a copy of your personal data in machine-readable and commonly-used format
- The right to withdraw your consent at any time where we rely on your consent to process your personal data
To exercise any of the above rights, please send a request to email@example.com. Please note that we may ask you to verify your identity before responding to such requests.
Additionally, you have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more data, please contact your local data protection authority in the European Economic Area (EEA).
C. Your Rights under the California Consumer Privacy Act (“CCPA”)
If you are a California resident, you are afforded certain rights under the CCPA, such as the right to access what personal data (as defined by the CCPA) we collect about you, the right to ask us to delete your personal data, and the right to tell us not to sell your personal data.
You may ask us to provide you with what personal data we have collected up to two times in a rolling twelve month period. When you make this request, the data provided may be limited to the personal data we collected about you in the previous year.
Please note that Gather does not sell your personal data and we will not discriminate against you under any circumstances for exercising your rights in connection with the CCPA. To exercise your California data protection rights described above, please send a request to firstname.lastname@example.org.
Our Commitment to Children’s Privacy
At Gather we take children’s privacy very seriously. The Services are designed for businesses and individuals 18 and over. Gather does not knowingly collect Personal Data from individuals under the age of 18. If you are under 18, you should not use or attempt to use the Services or send any data about yourself to Gather. If we discover that we have directly collected Personal Data from a person under the age of 18, we will take the appropriate measures to promptly remove that data from our Services.
If you believe that Gather may have directly collected Personal Data about a person under the age of 18 and wish to have us remove that Personal Data, please contact us at email@example.com to let us know. We’ll work with you to make sure that data is removed from our Site and Services, as applicable.
Changes to This Policy and Other Privacy Terms
For data regarding your privacy as a candidate for a position with Gather, please visit our Candidate Privacy Statement.