Privacy Policy

Published on 8 October, 2022 | 59 views | 19 minutes read

What does Geft Me do?

Geft Me is the launchpad to your latest video, article, recipe, tour, store, website, social post, and other content. We connect your audience to wherever you are online, and make your content more discoverable and easier to manage. Our Website (located at https://geft.me/) and other digital properties (such as our mobile app and Developer Portal) (together our “Platform”) provides information about us and allows individuals and businesses to sign-up as Geft Me Users (to create a personalised, easily-customisable page), as Subscribers (to subscribe to and follow Geft Me Users), or as developers (to create functionality that interacts with our Platform) (together, the Geft Me Services“).

The pages that Geft Me Users are able to create using the Geft Me Services are referred to in this Privacy Notice as “User Profiles“. User Profiles are accessible by the public.

We are headquartered in Melbourne, Australia and have offices in Sydney. For more information about Geft Me, please see the “About” section of our Website at https://geft.me/about/.

How does this Privacy Notice apply to me?

This Privacy Notice only applies to personal information we collect as a controller from:

This Privacy Notice, applies to the processing of personal information by Geft Me as a controller. When we talk about Geft Me acting as a “controller”, we mean that Geft Me determines the purpose and the means of the processing (i.e. we make decisions about how we will handle your personal information). Because of the nature of our services, we can also act as a “processor” on behalf of Geft Me Users. This means that, when we are instructed by a Geft Me User, we can facilitate processing of Profile Visitors’ and Subscribers’ personal information on behalf of that Geft Me User (“Processor Services“). This Privacy Notice does not address Processor Services. If you are a Profile Visitor or Subscriber, and want to know how a Geft Me User handles your personal information, please get in touch with theGeft Me User directly and/or refer to any privacy notice on the relevant User Profile.

If you provide us with information about another person (if, for example, you are a representative of an individual), you must provide them with a copy of this Privacy Notice and let that other person know that we use their personal information in the ways set out in this Privacy Notice.

What personal information do we collect?

The personal information that we may collect about you broadly falls into the following categories:

Why do we collect your personal information?

In general, we will use the information we collect for the purposes described in this Privacy Notice or for purposes that we explain to you at the time we collect your personal information. These include:

Legal basis for processing personal information

Our legal basis for collecting and using personal information described above will depend on the personal information concerned and the specific circumstances in which we collect it.

However, we will normally collect personal information from you only where we have your consent, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person.

If we ask you to provide personal information to comply with a legal requirement we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). As indicated above, we require certain personal information to enter into a contract with you as a Geft Me User. Without your personal information, we will be unable to provide you with Geft Me Services available to Geft Me Users.

If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to develop and improve theGeft Me Services, to provide additional functionality, to ensure appropriate security or to implement sensitive content warnings and content moderation. We may have other legitimate interests, and if appropriate, we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Us” heading below.

Who may we disclose your personal information to?

We may disclose your personal information to the following categories of recipients:

In order to facilitate paid products and/or services within Geft Me Service, we use third party payment processors. We will not store or collect your payment card details. That information is provided directly to our third party payment processors whose use of your personal information is governed by their privacy policies and their own terms and conditions. These payment processors adhere to the standards set by payment card industry data security standards (“PCI-DSS”) as managed by the Payment Card Industry Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. The payment processors we work with are:

Disclosure of personal information to other countries

Your personal information may be transferred to, and processed in, countries other than the country in which you are a resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, Geft Me may transfer personal information to the United States and other countries in which we do business. Geft Me may also subcontract certain activities and share your personal information with third parties located outside of Australia (which is where we are headquartered).

The countries in which these organisations are located will vary, but, in the course of our business operations, we generally disclose personal information to organisations located in Australia, or the United States. Such transfers are made in order to provide the Geft Me Services and carry out the activities specified in this Privacy Notice.

However, we have taken appropriate safeguards to ensure that your personal information will remain protected in accordance with this Privacy Notice and applicable data protection laws. These include entering into data transfer agreements between our group companies and these can be provided on request. We have implemented similar appropriate safeguards with our third party service providers and partners and further details can be provided upon request. No transfer of your personal information will take place to an organisation or another country unless we believe there to be adequate controls in place including the security of your data and other personal information.

How long do we retain your personal information?

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Notice and in each case in accordance with applicable legal and regulatory requirements in respect of permitted or required retention periods and limitation periods relevant to legal action.

How do we secure your personal information?

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

In addition we limit access to your personal information to employees, agents, contractors and other third parties who have a business need for access. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. Therefore, we have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Complaints

We take your privacy concerns seriously. If you have a complaint regarding our handling of your personal information or concerning our privacy practices, you may file a complaint with us using the contact details provided under the “Contact Us” heading below. We will confirm receipt of your complaint and, if we believe necessary, we will open an investigation.

Supplemental Information for California Residents

The following section provides supplemental information to California residents, whose personal information we have collected. This section applies to the personal information we collected from California residents during the 12 months prior to the effective date of this Privacy Notice, depending on interactions with us.

1. Collection and Use of Personal Information

(a) Categories of Personal Information We Have Collected:

(b) Categories of Sources of Personal Information that We Collect:

2. Categories of Personal Information Disclosed

We may disclose the following categories of personal information to service providers for a business purpose, or, at your direction, with third parties such as sponsors of promotions, sweepstakes, or contests. We have disclosed the following:

Category of Personal Information Disclosed for a Business Purpose

Categories of Recipients

We do not sell personal information and we do not believe that our sharing of information would qualify as a sale under California law.

For the avoidance of doubt, we also do not sell personal information of individuals under 16 years of age.

3. California Privacy Rights

(a) Right to Know

You have the right to request that we disclose to you the following information about personal information we collect from you:

(b) Right to Request Deletion of Personal Information

You have the right to request the deletion of your personal information collected or maintained by us, subject to certain exceptions permitted by law.

(c) Right to Opt-Out of Sale of Personal Information

As mentioned above, we do not sell personal information and we do not believe that our sharing of information would qualify as a sale under California law. Nonetheless, if you are a California resident who has purchased products or services from us, you may submit a request to record your preference to opt out by emailing us at [email protected]

(d) Right to Non-Discrimination

You have the right to not be treated in a discriminatory manner for exercising your privacy rights. We do not use the fact that you have exercised or requested to exercise any privacy rights for any purpose other than facilitating a response to your request.

4. Exercising Your California Privacy Rights

To exercise your rights, you can contact us:

Once we receive your request, we are required to verify that you are the person that is the subject of the request. This verification process consists of matching identifying information provided by you with the information we have about you in our records. Upon making a request, you will be asked to provide your name, email address, and request details. A confirmation email will be sent to the email address you provide to begin the process to verify your identity. If we cannot verify your identity, we will not be able to respond to your request.

You may designate an authorized agent to exercise any of the above privacy rights on your behalf, subject to the agent request requirements under California law.

Please note, for your safety and security, we will require authorized agents to provide proof of consent and designation of the authorized agent for the purpose of making the request, and will require authorized agents to provide information necessary to verify the identity of the individual who is the subject of the request. We may also require that an individual verify his/her own identity directly with us before we respond to an authorized agent’s request.

We reserve the right to deny requests in certain circumstances, such as where we have a reasonable belief that the request is fraudulent.

5. Do Not Track

California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn’t an industry standard for recognizing or honoring DNT signals, we do not respond to them at this time.

7. Changes

We reserve the right to change this Supplemental Information for California Residents from time to time. Changes shall become effective on the date they are posted.

Geft Me Service Providers and Partners


Last updated on: 8 October, 2022