PRIVACY POLICY
This PRIVACY POLICY is the entire personal data protection policy (hereinafter “Privacy Policy”) for the product or service provided by Gastromind Inc.
We appreciate that you are trusting us with your personal information. We take your privacy very seriously. In this Privacy Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it.
Before accessing or using the application, please ensure that you have read and understood our Privacy Policy. If there are any terms in this Privacy Policy that you do not agree with, please discontinue use of our Services immediately.
If you have any queries about this Privacy Policy or data protection in general, please contact: privacy@gastromind.co
1. GENERAL INFORMATION
1.1. This Privacy Policy was drawn up by Gastromind Inc. a company registered at 1401 Pennsylvania Ave. Unit 105 Wilmington New Castle 19806 Delaware, USA (hereinafter “Gastromind Inc.”, “we,” “us” or “our”) who is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, share and protect data that identifies or is associated with you (“personal data”) in relation to our mobile application Gastromind (as well as any other media form, website, web application, media channel, mobile website, linked, or otherwise connected thereto) including the services offered on such website (hereinafter collectively the “Platform” or “Site”), and your choices about the collection and use of your information.
1.2. This Privacy Policy will enter into force on the date stated above. If this document is updated, we will notify you of the revised versions through our regular channels. For more information regarding updates please see the section titled “Updates to the Privacy Policy” below.
1.3. As Gastromind Inc. is a company residing and operating in the State of Delaware in the United States of America, it is subject to any and all federal and state laws applicable to Delaware entities. Please note that this Privacy Policy was prepared in line with the applicable laws of the State of Delaware relating to data privacy. Recognizing the global nature of the Internet, throughout the Privacy Policy, reference has been made to other jurisdictions and regulations which may be applicable to some users. However, we hereby expressly state that any such reference was made for ease of understanding of users and those persons who choose to access the Site from other locations do so on their own initiative and does not mean or imply that Gastromind Inc. is subject to the laws and regulations of said jurisdiction.
1.4. Hereinafter, any person who is registered to the Platform shall be referred to as “Member”. Any person who visits the Platform without registration shall be referred to as “User”. Gastromind Inc. hereby acknowledges its Data Controller status in terms of Members and Users of the Platform.
1.5. Gastromind Inc.’s mobile application Gastromind uses artificial intelligence to provide Members the ability to view suggested restaurants, dishes and beverages based on their location according to their personal preferences (based on their palate, dietary needs and preferences etc.) based on the ratings given by other Members for said specific dishes and to in turn comment on their experiences with restaurants, dishes and beverages. This Privacy Policy applies to all the products and services provided on the Platform to Members and Users by Gastromind Inc. as the Data Controller. However, this Policy is not applicable to any information collected offline or via channels other than the Platform.
1.6. Please note that this Privacy Policy has been prepared in line with …’s Terms and Conditions available at privacy and Gastromind Inc. does not intend for the Platform to be used by persons who are prohibited from using the Platform as per its Terms and Conditions. In terms of the collection of personal data, we would like to stress that we do not knowingly solicit data from children under 13 years of age. As stated in our Terms and Conditions, by using the Platform, you represent that you are at least 13. For persons between the age of 13 and 18 who want to register to the Platform, we may require personal parental consent or confirmation for registration depending on your jurisdiction. Also, please note that certain content of Gastromind Inc.’s mobile application Gastromind may be restricted or unavailable to Members below the age of 18 due to applicable laws regarding the provision of certain content to minors. If we learn that personal data from users who are under 18 years of age has been collected due to their misrepresentation during Membership, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at privacy@gastromind.co
.
2. WHAT IS PERSONAL DATA?
2.1. “Personal Data” used throughout this Privacy Policy means in short personally identifiable information of Users and Members of the Platform that is collected through the Gastromind Inc.’s mobile application Gastromind and through the online by Gastromind Inc. from User/Member and maintained by Gastromind Inc. in an accessible form, and by definition may include personal identifiers such as a first and last name, a physical address, an e-mail address, a telephone number, a Social Security number, or any other identifier that permits the physical or online contacting of the User/Member, and any other information concerning the User/Member collected by Gastromind Inc. from User/Member and maintained in personally identifiable form in combination with any identifier described in this paragraph.
2.2. This section is intended to provide you with a definition of personal data. Please see Section 4.2. titled “What Data Do We Use?” and Section 12 titled “Notice For California Residents; Categories of Personal Data Processed” for details regarding the data actually processed by Gastromind Inc. as a Data Processor.
3. ON WHAT BASIS DO WE COLLECT OR USE PERSONAL DATA?
3.1. Data protection laws require that we meet certain conditions before we are allowed to use your personal data in the manner described in this Privacy Policy. To use your personal data, we will rely on one of the following conditions, depending on the activities we are carrying out:
3.1.1. You have given us consent;
3.1.2. Processing is necessary for our legitimate business interests or those of a third party: provided this does not override any interests or rights that you have as an individual.
3.1.3. Processing is necessary in order to enter into or perform a contract with you.
3.1.4. Processing is necessary for compliance with our legal obligations.
3.1.5. Processing is necessary for legal claims.
3.1.6. Processing is necessary for substantial public interest.
3.2. Below you will find detailed information on the basis that we collect and use your personal data. If we look to use your personal data for any other purpose not covered in this Privacy Policy, we will let you know about any proposed new purposes before using your personal data in this way.
3.3. Consent
3.3.1. We ask that you provide affirmative and informed consent to the use of your personal data as described in this Privacy Policy when you access the Platform and participate in the Services. Please discontinue using the Services if you do not have such consent.
3.3.2. We do not collect personal data for the purpose of sale of such information in a way that specifically identifies the individual (i.e., we don’t sell Member information).
3.3.3. We may provide you with marketing information about our services or products where you have indicated your consent for us to do so (to the extent that we are required to collect consent under data protection laws). We may contact you by mail or email, phone and electronic notifications (where you have agreed to those methods of communication) to provide you with the information on your requested service or product. We may also provide you with information, special offers, research, promotions, and similar products and services. Where you have indicated your consent to us doing so, we may also pass your details to our group companies for marketing purposes. You may change your marketing preferences at any time from your account settings.
3.3.4. We will also provide you with access to, or transfer your personal data at your written request, provided that we aren’t legally restricted from doing so or otherwise prevented from doing it due to circumstances beyond our reasonable control. Please relate your request for access to or transfer of personal data to privacy@gastromind.co
3.3.5. If we are relying solely on your consent to process your personal data, you may withdraw your consent to our processing of your personal data at any time; however, withdrawing consent may result in your inability to continue using some or all of the services in the Platform. Please note that the withdrawal of your previous consent will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
3.4 Legitimate Interest
3.4.1. Sometimes our collection and use of your personal data may not depend on your informed consent but our legitimate interests. It is in our legitimate interests to collect your personal data as it provides us with information that we need to provide our Services to you and to make our Platform available.
3.4.2. This requires us to carry out a balancing test of our interests in using your personal data (for example, in order to provide you with access to the Platform, against the interests you have as a person and the rights you have under Delaware Online Privacy and Protection Act and other applicable Data protection law (for example, to not have your personal data sold to third party marketing companies without your knowledge).
3.4.3. The outcome of this balancing test will determine whether we may use your personal data in the ways described in this Privacy Policy. We will always act reasonably and give full and proper consideration to your interests in carrying out this balancing test.
3.4.4. Our legitimate interests are: managing our business and relationship with you or your company/organization; understanding and responding to inquiries and Member and User feedback; understanding how our Members and Users use the Platform; identifying what our Members and Users want and developing our relationship with you, your company or organization; improving our Platform and offerings; managing our supply chain; developing relationships with business partners; sharing data in connection with acquisitions and transfers of our business.
3.5. Contractual Performance
3.5.1. Please note that when you become a Member and User of the Platform you enter into a contractual relationship with Gastromind Inc. via the Terms and Conditions which you accept by use of our Platform. This contractual relationship necessitates the processing, use and storage of your personal data for the purpose of fulfilling our contractual obligations and/or facilitating our contractual rights. Therefore, at this stage the contractual relationship itself becomes the legal basis of our processing of your personal data.
3.5.2. In short, we are permitted to hold and process some of your personal data because it is necessary to do so in order to provide you access to, and to enable you to make use of, the Platform. Without this personal data, we could not provide you with access to the Platform.
3.6. Legal Obligations and Legal Claims
3.6.1. We are permitted to process your personal data where it is necessary for compliance with our legal obligations. We are also permitted to process your personal data where it is necessary to establish, pursue or defend a legal claim.
3.6.2. We may disclose your personal data to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact, or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users of the Services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. We may disclose personal data when we believe in good faith that such disclosure is required by and in accordance with the law.
3.7. Substantial Public Interest
3.7.1. We are permitted to process your personal data where it is necessary for reasons of substantial public interest, on the basis of data protection laws.
4. USE OF COLLECTED DATA
4.1. We use your personal data to help us provide and support (the Services on) our Platform. This section provides you with details of what personal data we use and why we use it.
4.2. What Data Do We Use?
4.2.1. We collect information directly from you and in some instances from third party service providers whom you authorize to share your information with Gastromind Inc.
4.2.2. Depending on whether you are a User or Member, personal data collected from you will differ. As explained above, if you only visit the website www.gastromind.co without becoming a Member you are categorized as a User. The only personal data collected from User’s are explained in the Section titled “Cookie Policy” below.
4.2.3. Naturally, we collect more personal data from you when you sign up to the Platform as a Member. As a Member you provide more personal data including:
4.2.3.1. contact information such as your username (if you sign up using a third party service provider), display name you choose for use of the Platform (in case it contains your personally identifiable information), your name (if you choose to provide it), email address, mobile phone number used for verification purposes;
4.2.3.2. user picture or “avatar” (in case it contains your personally identifiable information);
4.2.3.3. details of your correspondence with us;
4.2.3.4. technical information which we collect from you when you visit the website … such as your Internet Protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, browser plug-in types and versions, operating system, platform and traffic data, cookies data, web logs and other communication data and details of the resources that you access;
4.2.3.5. phone number or e-mail address to be able to confirm your membership to the platform depending on which method you choose to sign up to Gastromind Inc.’s mobile application Gastromind ;
4.2.3.6. location data which you may choose to share with the Platform during your use in order to optimize and personalize the suggestions made by the Platform; and
4.2.3.7. any other information you provide to us in order to personalize and optimize your experience with the Platform which uses AI technology to personalize its restaurant, food and beverage suggestions based on your personal characteristics and preferences (for example diet type and restrictions, age range, sex). These details are accessible on your profile page on the Platform and can be changed at any time based on your preferences. Therefore this category of information is processed solely based on your consent and such consent can be revoked at any time.
4.2.4. For more detail on the personal data we process, please see Article 12 titled “Notice for California Residents; Categories of Personal Data Processed” below.
4.2.5. When you use your membership and account information with third party service providers, we will receive certain profile information about you from your service provider. The profile information we receive may vary depending on the provider concerned, but will often include your name, email address, and profile picture as well as other information you choose to make public on such service provider platform. We will use the information we receive only for the purposes that are described in this Privacy Policy or that are otherwise made clear to you on our Platform. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy policies to understand how they collect, use and share your personal data, and how you can set your privacy preferences on their sites and apps. As of the entry into force of this Privacy Policy, our Platform offers you the ability to register and login using your Google, Facebook and Apple account.
4.2.6. For registering as a Member on our platform, the provision of a display name, email (which may contain your first and/or last name,) or phone number in case you choose to sign up one of these registration options and verification code which We will send to your e-mail address or phone number is mandatory: if relevant data is not provided, then you will not be able to create an account. Alternatively, you may login using third party service providers as explained above. As of the entry into force of this Privacy Policy, our Platform does not require the provision of any other identifier information solely for membership purposes.
4.3. You are able to view and update much of the information collected about you through your account settings. Please note that if you sign in using a third-party service provider, we cannot allow you to change your email address information and username provided by the service provider. You shall be entitled to collect all of your personal data stored on the Platform upon request via the sections provided on the applications or via e-mail to us at support@gastromind.co .
4.3.1. We automatically collect certain information when you visit, use or navigate the website www.gastromind.co. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Platform and other technical information which may lead to your identification. This information is primarily needed to maintain the security and operation of our Platform, and for our internal analytics and reporting purposes. Please refer to the section titled “Cookie Policy” and the sub-section titled “Service Providers Processing Data on Our Behalf” for more information on automatically collected personal data.
4.3.2. As a Member, please remember that if you use the Platform to share personal data of persons who are not Members themselves (e.g. photographs, documents containing personal data such as receipts, video, etc.), you represent that you have read and understood the Terms and Conditions and agree to be bound by the conditions thereto. In these instances, you further represent that the individuals to whom this data relates have been informed of and have consented to such use and disclosure.
4.3.3. When this product/service was designed, the possibility that it would be used to process special categories of personal data or data regarding criminal convictions and offenses was not taken into account. In fact, our Terms and Conditions specifically state that Members shall not use the Platform for any purpose or in any manner involving transmitting protected health information using Gastromind Inc. unless you have received prior written consent to such use from Gastromind Inc.
4.3.4. Our Platform is intended for the use of persons above the age of 13 only. We do not knowingly collect personal information from children or minors without parental consent. If Gastromind Inc. is made aware that a child has provided us with personal information without parental consent, we will endeavor to delete that information from our databases. If you have questions about personal information that may have been submitted by a child, please email us at support@gastromind.co
4.4. Why Do We Use Your Data?
4.4.1. Service provision: we use the information to carry out and administer the Platform which enables us to provide suggestions and recommendations personalized to you.
4.4.2. Communication: The main reason for processing your personal information for communication purposes is sending emails, newsletters, and other messages to keep you informed of the Platform. You may opt out of receiving any, or all, of any communications which are of a non-primary function (e.g. marketing) from us by following the unsubscribe link. However, please note that we may use your email address to send you emails about legal and administrative issues related to your Member status (such as changes in Terms and Conditions or Privacy Policy, deletion or deactivation of your account, etc.) which we may be legally obliged to inform you about, which are not classified as marketing communications. We also use the personal data to deal with inquiries and complaints made by you relating to the Platform and to address your questions, issues, and concerns;
4.4.3. Platform monitoring: to check the Platform and our other technology services are being used appropriately and to optimize their functionality for the purpose of administering and improving our Services.
4.4.4. Platform optimization: improve, test, and monitor the effectiveness of our Platform and diagnose or fix technology problems;
4.4.5. Managing suppliers: we use information to manage third-party suppliers who deliver services to us;
4.4.6. Statistics: monitor metrics such as total number of visitors, traffic, demographic patterns, and patterns in our test results (on an anonymized and aggregated basis) regarding the website www.gastromind.co ;
4.4.7. Development: develop and test new products and features.
4.5. If we plan to use your personal data in the future for any other purposes not identified above, we will only do so after informing you by updating this Privacy Policy. See further the section of this Privacy Policy entitled “Updates to the Privacy Policy”.
5. A. COOKIE POLICY FOR OUR PLATFORM
5.1. We use cookies on our website to distinguish you from other users of our Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve the Site.
5.2. A cookie is a commonly used automated data collection tool. Cookies are small text files that are placed on your computer or device by websites that you visit or HTML-formatted emails you open, in order to make websites work, or work more efficiently, as well as to provide information to the owners of the Site.
5.3. We do not use persistent cookies since the website does not provide for a login feature. We use session cookies to enable certain features of the Site, to better understand how you interact with the Site and to monitor aggregate usage by users and web traffic routing on the Site. Session cookies are deleted from your computer when you log off from the Site and then close your browser. We may also use advertising cookies which enables our advertising service providers to collect some data regarding your device in order to be able to determine your interests and provide targeted advertising services. Details of the cookies used on our website are set out in our cookie policy available at www.gastromind.co/privacy-policy.. Please be advised that our cookie policy is an integral part of this Privacy Policy with regard to our website.
5.4. You can set up your browser options, to stop your computer accepting cookies which require consent (such as social plug-in tracking cookies like those used for behavioral advertising, analytics or market research; third party cookies used for behavioral advertising) or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may be unable to access certain parts of our Site or to receive certain Services. Please note that some cookies are necessary for the Site to perform its functions and may not be stopped (such as cookies that allow the processing of web server requests over a pool of machines instead of just one, authentication cookies, etc.) if the Site is to be used; these are noted as “necessary cookies” in our cookie policy.
5.5. Your browser may feature a preference which alerts websites you visit that you do not want them to collect certain information about you. This is referred to as a Do-Not-Track (“DNT”) signal. Please note that our Site may not recognize or take action in response to DNT signals from your browser.
5. B. TRACKING WITHIN THE MOBILE APPLICATION …
5.6. Our Platform incorporates advertising from third-party service providers. This necessitates certain tracking features in mobile applications. If you are using the iOS mobile version of the Platform, your device will ask you to enable or disable tracking features.
6. WHERE WE STORE YOUR DATA
6.1. Platform is hosted, stored and processed by Gastromind Inc. leveraging data centers which are located in EU Region. Processing of the information collected about you is only undertaken for the purposes described in this Privacy Policy.
6.2. For Members located in Europe, considering the fact that Gastromind Inc. is a Delaware (US) corporation, we would like to expressly state that the personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA") or the UK. It may also be processed by staff operating outside the EEA or the UK who work for us or for one of our suppliers or partners. Such staff or subcontractors may be engaged in, among other things, the processing of your payment details or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing outside of the USA, EEA or the UK.
6.3. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. In particular, this means that your personal data will only be transferred where the recipient is bound by contractual clauses requiring the confidentiality and protection of personal data.
6.4. Our Platform is accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Platform from outside the USA, EEA or the UK. This means that where you chose to post your data on our Platform, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA or the UK may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.
7. DISCLOSURE OF YOUR PERSONAL DATA
7.1. We do not sell, lease, rent or give away the information collected about you without your permission. We only disclose your information as described below. If we disclose your information, we require those we share it with to comply with adequate privacy and confidentiality requirements, and security standards.
7.2. Disclosure to Affiliates: Gastromind Inc. is a global business, headquartered in the United States. Your personal information collected by us in accordance with this Privacy Policy is used and shared by Gastromind Inc. to our affiliate company based in Turkiye (Gastromind Teknoloji Anonim Åžirketi) for the purposes of providing the Platform, delivering our Services, managing your accounts, IT, support, billing, marketing, and communications.
7.3. We may disclose your personal data to third parties without your consent if we have reason to believe that disclosing this information is necessary to identify, contact, or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our rights or property, other users of the Services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities. We may disclose personal data when we believe in good faith that such disclosure is required by and in accordance with the law. In certain instances, it may be necessary for Gastromind Inc. to disclose the information that we’ve collected about you to government officials or otherwise as required by applicable law. No personal data will be disclosed to any law enforcement agency or governmental agency except in response to:
7.3.1. A subpoena, warrant or other process issued by a court of competent jurisdiction;
7.3.2. A legal process having the same consequence as a court-issued request for information, in that if Gastromind Inc. were to refuse to provide such information, it would be in breach of local law, and it or its officers, executives or employees would be subject to liability for failing to honor such legal process; or
7.3.3. Where such disclosure is necessary for Gastromind Inc. to enforce its legal rights pursuant to the laws of the jurisdiction from which such information was gathered.
7.4. We may also disclose your personal data, subject to appropriate confidentiality protections, in connection with a corporate re-organization, a merger or amalgamation with another entity, a sale of all or a substantial portion of our assets or stock, including any due diligence exercise carried out in relation to the same, provided that the information disclosed continues to be used for the purposes permitted by this Privacy Policy by the entity acquiring the information.
7.5. The Platform may contain links to third party websites. When you click on a link to any other website or location, you will go to another site, and another entity may collect personal or anonymous data from you. We have no control over, do not review, and cannot be responsible for these outside websites or their content. Please be aware that this Privacy Policy does not apply to these outside websites or content, or to any collection of your personal data after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content, or websites.
7.6. Service Providers Processing Data on Our Behalf
7.6.1. We may use contractors and service providers to process the information collected about you on our behalf for the purposes described in this Privacy Policy. We contractually require service providers to keep information secure and confidential and we do not allow our data processors to disclose your information to others without our authorization, or to use it for their own purposes. However, if you have an independent relationship with these service providers their privacy statements will apply. Please also see Article 6 above for information on where we store your data as it may contain information on service providers.
7.6.2. Google Analytics (Google LLC.): This third-party service enables Gastromind Inc. to monitor and analyze the Site traffic. Google Analytics is a web analysis service provided by Google LLC. Google utilizes the information collected to track and examine the use of the Site to prepare reports that may be used for optimization of the Site. Information collected for this purpose is cookies and usage data. Place of processing of Google LLC is the US. Please check the Google privacy policy at https://policies.google.com/privacy?hl=en for more information. Opt-out option is also available as a browser add-on at: https://support.google.com/analytics/answer/181881?hl=en
7.6.3. Google Ads (Google LLC.): This third-party service enables Gastromind Inc. to display advertisements on the Site. Regarding the website, advertising cookies and your options on enabling them are explained in our cookie policy available at https://www.Gastromind.io/cookies. For our mobile application, please note that the information collected for the purposes of targeted advertising is determined by the service provider. Therefore, we refer you to the privacy policies of our service provider available at https://support.google.com/adspolicy/.
7.6.4. Google LLC.: As stated above, our Platform offers you the ability to register and login using your Google account. When you use your Google account to register and login to our Platform, we will receive certain profile information about you from this service provider. The profile information we receive will depend on the policies of the service provider, but at the date of the entry into force of this Privacy Policy includes at the minimum your email address, the name you have provided for the email address and your profile picture. Therefore, we recommend that you review the privacy policy of your service provider available at https://policies.google.com/privacy.
7.6.5. Apple Inc.: As stated above, our Platform offers you the ability to register and login using your Apple account. When you use your Google account to register and login to our Platform, we will receive certain profile information about you from this service provider. The profile information we receive will depend on the policies of the service provider, but at the date of the entry into force of this Privacy Policy includes at the minimum your email address, the name you have provided for the email address and your profile picture. Therefore, we recommend that you review the privacy policy of your service provider available at apple.com/legal/privacy/data/
8. RETENTION OF YOUR PERSONAL DATA
8.1. We will retain your personal data for as long as needed to fulfill the purpose for which we collected it and for a reasonable period thereafter in order to comply with audit, contractual, or legal requirements, or where we have a legitimate interest in doing so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
8.2. Please note that even when the deadline for a Gastromind has ended, any Gastromind Member Content you may have shared with other Users or Members in the Gastromind would remain stored therein. You may access such Gastromind Member Content in the Gastromind.
8.3. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
8.4. We may retain aggregated or de-identified data indefinitely or to the extent allowed by applicable law. We may retain personal data preserved in automatically generated computer backup or archival copies generated in the ordinary course of our information technology systems procedures.
8.5. All retained personal data will remain subject to the terms of this Privacy Policy. Please note that if you request that your personal data be removed from our databases, it may not be possible to completely delete all of your personal data due to technological or legal constraints, though we will use reasonable efforts to do so.
8.6. No purpose in this notice will require us keeping your personal information for longer than twelve (12) months past the termination of the member’s account, unless as necessary to comply with our legal obligations, resolve disputes, prevent and detect fraud, and enforce our agreements.
9. SECURITY POLICY
9.1. The security of your personal data is important to us. We use commercially reasonable efforts to store and maintain your personal data in a secure environment. We also take technical, contractual, administrative, and physical security steps designed to protect any and all personal data you provide. We have implemented procedures designed to limit the dissemination of your personal data to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you in this Privacy Policy.
9.2. Please note that you are also responsible for helping to protect the security of your personal data. For instance, never give out the credentials you use in connection with accessing the Platform, so that other people will not have access to your personal data. Furthermore, you are responsible for maintaining the security of any personal computing device on which you utilize the Services. We provide e-mail verification upon membership sign up and enable sign in only through the use of your password.
9.3. We are not liable for disclosure of data due to errors in transmission, unauthorized access or acts by third parties, or omissions or acts beyond our reasonable control. Although we employ commercially reasonable measures of security, we also cannot guarantee that your personal data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards by persons or systems with malicious intent.
9.4. In the event we become aware of a security breach that could result in your personal data being disclosed in a manner that is not authorized under this Privacy Policy, we will notify you via e-mail (or other communication channel you have provided to us) if we can and use other means (such as posting a notice on our Platform) to try to alert you as appropriate.
9.5. We have implemented the following security measures to protect its product or service:
9.5.1. The (database) servers can be accessed only via Gastromind Inc.’s trusted network locations.
9.5.2. Procedures are in place to ensure only authorized personnel have access to the personal data. A non-disclosure and confidentiality agreement ensures this still applies when a member of staff leaves the company.
9.5.3. All mobile carriers (such as laptops, USB sticks and portable HDs) of Gastromind Inc. are password protected.
9.5.4. Our web servers and database servers are firewall-protected.
9.5.5. All data within Gastromind Inc. will be stored as securely as possible.
9.5.6. Encryption will be used when possible.
9.5.7. All data will be transmitted with the highest possible form of encryption that is supported.
9.5.8. We ask for confirmation mail while registering.
9.5.9. We prevent two different users from logging using the same browser.
9.5.10. We keep our content on Azure subject to private access.
9.5.11. Only authorized people can see any details in any Gastromind started by a Member.
9.5.12. We use databases and here we control all access with Row Level Security policies so that only the invitees of a Gastromind can see the details of it.
9.5.13. We have a rate limit definition for requests from the same IP.
9.5.14. We work together with external security service providers regularly to perform penetration test to ensure our protection against unauthorized access.
9.5.15. We regularly revise the security measures outlined in this Privacy Policy to ensure that we are always fully prepared and up to date with regard to data protection.
10. MANAGING YOUR GASTROMIND MEMBER STATUS AND ACCOUNT
10.1. Display name: Gastromind Inc. Members are required to assign themselves a display name that uniquely identifies you on Gastromind Inc. Your display name may contain personal data such as your real name, surname or other identifier. You can change your Gastromind Inc. display name at any time. However, please beware that if you change your display name, your old display name becomes available for anyone else to claim. Please note that references to your Member profile under the old display name may remain the same when you change your display name for future use. Please note that when you login using your Google Account, the name you have used for your Google Account will be displayed in Gastromind Inc. and cannot be changed via Gastromind Inc. but is subject to Google’s options regarding any such changes.
10.2. Profile Picture: You have the option to upload a profile picture under the “Profile” tab on the Platform. Depending on the picture that you use, the profile picture may contain personal and/or sensitive personal data. Please be advised that your profile picture shall be visible to other Members of the Platform when they search you on the Platform.
10.3. Email address: Unless they are using third party service providers for sign up and login, Gastromind Inc. Members are required to give an email address. Gastromind Inc. sends e-mail verification requests to this address to secure your personal data. You can change your email information only after you have verified the last email given.
10.4. Deleting Your Account: Deleting your account will stop all services you receive on the Platform, permanently delete all the data you have uploaded to the Platform, including any specific Gastromind Inc. content and profile information. However, please be aware that due to your interactions with other Members on the Platform, some information, like messages you sent to other Members and comments you have added to their Gastromind, may still be visible after you delete your account. Once you delete your account, there is no going back. Please be certain. We will be sorry to lose you.
11. DATA LEAK PROTOCOL
11.1. In the unfortunate event that something does go wrong, Gastromind Inc. will follow the following data breach protocol to ensure that data subjects are notified of incidents.
11.2. A relevant internal data breach procedure is in place. Gastromind Inc. will set up a team in order to analyze the cause, the impact and the affected Members and Users. Depending on the outcome of this analysis, Members/Users will be notified as soon as possible. Members shall be notified within 24 hours of Gastromind Inc.’s learning of the data leak if possible. If required by any applicable law, Gastromind Inc. shall also notify any applicable Data Protection Authority about the leak.
11.3. Gastromind Inc. will provide highly detailed information about:
11.3.1. The nature of the breach, including a description of the incident, the nature of the personal data or categories of affected data subjects, an estimate of the number of affected data subjects and databases that may be affected, as well as an indication of when the incident occurred;
11.3.2. Any measures already taken by Gastromind Inc. in order to stop the breach;
11.3.3. Any measures to be taken by the affected data subjects (what can the affected data subjects themselves do, such as “keep an eye on your e-mails, change your passwords”, etc.);
11.3.4. Any measures to be taken by Gastromind Inc. in order to prevent a future breach.
12. NOTICE FOR CALIFORNIA RESIDENTS; CATEGORIES OF PERSONAL DATA PROCESSED
12.1. Please note that this notice for residents of the State of California is provided for the ease of said persons; however, the other provisions of this Privacy Policy are equally valid and in force for residents of the State of California. Also, Members and Users accessing this Privacy Policy from other locations may find this section useful.
12.2. Please refer to Article 14 below for more information regarding your rights related to the personal information processed and how to pose questions or requests to us regarding your personal information.
12.3. The chart below includes details on personal data or “personal information” collected for customers. Within the last twelve (12) months, we may have collected the following categories of personal information from the sources identified below for the business and commercial purposes indicated, and disclosed, shared, or sold (as indicated) such categories of personal information with the specified categories of third parties:
Category of Personal Information
Examples of Personal Information Collected by Gastromind Inc.
Categories of Sources of Personal Information Collected
Business or Commercial Purpose(s) for Which Collected, or Disclosed
Categories of Third Parties to Which Personal Information is Disclosed
Identifiers
A real name, username or alias, unique personal identifier, online identifier, postal address, Internet Protocol address, email address, account name or other similar identifiers.
Directly from you.
Third party service providers which you use to sign up or log in to your account. Third party social media applications if you choose to interact with us via such social media applications. (“Service Providers”).
To provide products, services and access to our websites, mobile applications, and other communication systems and to communicate with you about our products and services.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Personal Information Categories Listed in the California Customer Records statute (Cal. Civ. Code 1798.80(e))
Name, signature, physical characteristics or description, location, telephone number.
Directly from you.
From Affiliates.
From Service Providers.
We do not intend to collect and use these types of data unless you share them with us with your own decision.
You may choose to share your real name with us if you wish but this is not a requirement. Similarly we only request your mobile telephone number if you wish to use this method to register and verify as a member as opposed to other methods of registration.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Characteristics of protected classifications under California or federal law
Gastromind Inc. does not require disclosure of such information from Members or Users and the processing of this type of data is not the primary feature or function of the services provided by Gastromind Inc. Platform. However, you may choose to share such Personal Information directly or indirectly on Gastromind Inc. (e.g. by uploading, storing and/or sharing files and documents containing such information). Also, if you apply for employment in or are employed by Gastromind Inc. such information may be processed subject to a separate privacy policy.
For the avoidance of doubt, examples of characteristic of protected classifications under California or federal law include race, color, age, ethnicity, national origin, citizenship, religion or creed, marital status, medical condition, gender, veteran, military status, or other similar information.
Directly from you.
We do not intend to process this category of information and only do so upon the upload, storage, sharing of such information by Members on the Gastromind Inc. Platform as part of our continued provision of such services.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Commercial Information
Products or services purchased, obtained, or considered, or other purchasing histories or tendencies.
Directly from you.
From Affiliates.
From Service Providers.
To improve service and provide targeted customer experiences and service offerings.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Biometric Information or Genetic Data
We do not collect this category of information from Members or Users. However, if you are employed in Gastromind Inc. such information could be processed subject to a separate privacy policy.
Internet or other electronic network activity information
Browsing history, search history, and interaction with Web sites, apps & ads, and other similar information.
Directly from you.
From Affiliates.
From Service Providers.
To provide targeted customer experience and service offerings.
For security and operations purposes related to the safety and functionality of our information systems.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Geolocation data
Physical location and/or movements and similar information.
Directly from you.
From Affiliates.
From Service Providers.
For purposes of service verification and other operational and contractual compliance purposes.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Sensory Data
Includes audio, electronic, visual, or similar information such as photographs and images (e.g., that you provide us) and call/video recordings (e.g., of customer support calls).
Directly from you.
From Affiliates.
From Service Providers.
Quality control; compliance, job performance assessment; internal communications, training and information sharing.
To provide and improve services, for service verification, safety, quality control and compliance.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
Professional or employment related information
We do not collect this category of information from Members or Users. However, if you apply for employment in or are employed by Gastromind Inc. such information would be processed subject to a separate privacy policy.
Non-public education information
We do not collect this category of information from Members or Users. However, if you apply for employment in or are employed by Gastromind Inc. such information would be processed subject to a separate privacy policy.
(For the avoidance of doubt non-public education information is defined in the Family Educational Rights and Privacy Act (20 U.S.C. 1232g, 34 C.F.R. Part 99))
Inferences drawn from other personal information
We do not collect this category of information from Members or Users. However, if you apply for employment in or are employed by Gastromind Inc. such information would be processed subject to a separate privacy policy.
Sensitive Personal Information
Gastromind Inc. does not require disclosure of such information from Members or Users and the processing of this type of data is not the primary feature or function of the services provided by Gastromind Inc.. However, you may choose to share such Personal Information directly or indirectly on Gastromind Inc. (e.g. by uploading, storing and/or sharing photographs containing such information). Also, if you apply for employment or are employed in Gastromind Inc. such information may be processed subject to a separate privacy policy.
For the avoidance of doubt, examples of sensitive personal information include health information, demographic information, precise geolocation information, company electronic communications, company financial information, and government identifiers such as a social security number or driver’s license number.
Directly from you.
We do not indent to process this category of information and only do so upon the upload, storage, sharing of such information by Members on the Gastromind Inc. Platform as part of our continued provision of such services.
Affiliates.
Service Providers.
Government Entities if required under the applicable law.
13. Notice for EU Residents; GDPR Legal Basis for Processing Personal Data under GDPR
13.1. If you are a resident of one of the countries in the European Economic Area, the following provisions apply to you.
13.2. We may process Personal Data under the following conditions:
13.2.1. Consent: You have given Your consent for processing Personal Data for one or more specific purposes. If we are relying solely on your consent to process your personal data, you may withdraw your consent to our processing of your personal data at any time; however, withdrawing consent may result in your inability to continue using some or all of the services in the Site. Please note that the withdrawal of your previous consent will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
13.2.2. Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
13.2.3. Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
13.2.4. Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
13.2.5. Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
13.2.6. Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company. Our legitimate interests are: managing our business and relationship with you or your company or organization; understanding and responding to inquiries and Member and User feedback; understanding how our Members and Users use the Platform; identifying what our Members and Users want and developing our relationship with you, your company or organization; improving our Platform and offerings; managing our supply chain; developing relationships with business partners; sharing data in connection with acquisitions and transfers of our business.
13.3. In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
14. Your Rights under the GDPR
14.1. The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
14.2. You have the right under this Privacy Policy, and by law if You are within the EU, to:
14.2.1. Right to access: You have the right to access, update or delete the information We have on You. Whenever made possible, you can access, update or request deletion of Your Personal Data directly within Your account settings section. If you are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
14.2.2. Right to request correction of the Personal Data: You have the right to have any incomplete or inaccurate information We hold about You corrected.
14.2.3. Right to object:This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object to where We are processing Your Personal Data for direct marketing purposes.
14.2.4. Right to erasure:You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
14.2.5. Right to data portability: You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means. You have the right to receive your Personal Data from us in a structured format and you have the right to (let) transmit such Personal Data to another controller. In that case we will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format.
14.2.6. Right to withdraw Your consent. You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, we may not be able to provide You with access to certain specific functionalities of the Service.
15. Exercising of Your GDPR Data Protection Rights
15.1. You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, we will try our best to respond to You as soon as possible.
15.2. You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
16. Notice for Turkey Residents; KVKK Legal Basis for Processing Personal Data Under KVKK
If you are a resident of Turkey, the following provisions will also apply to you.
16.1. What Kind of Personal Information Do We Collect?
The only personal data collected from User’s are explained in the Section titled “Cookies” above.
16.2. Naturally, we collect more personal data from you when you sign up to the Platform as a Member. As a Member you more personal data including:
16.2.1. contact information such as your email address, first name, last name
16.2.2. user picture or “avatar” (in case it contains your personally identifiable information);
16.2.3. details of your correspondence with us;
16.2.4. technical information, such as your Internet Protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, screen resolution, flash version, time zone setting, browser plug-in types and versions, operating system, platform and traffic data, cookies data, web logs and other communication data, and details of the resources that you access, as well as your sessions records, which we collect from you when you access the Platform; and
16.2.5. any other information you provide to us.
16.3. What Lawful Reasons Do We Have To Process Personal Data?
We collect and process your Personal Data one or more of the below-listed reasons:
16.3.1. Contract - We may process personal data to fulfill our contractual obligations.
16.3.2. Consent - We may rely on your freely given consent at the time you provide your personal data to us.
16.3.3. Legitimate interests - We may rely on legitimate interests based on our assessment that the processing is fair, reasonable and balanced.
16.3.4. Legal obligations and public interest - We may process personal data to fulfill legal obligations.
17. UPDATES TO THE PRIVACY POLICY
17.1. We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Entry Into Force" date and the updated version will be effective as soon as it is accessible. If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes on the Platform or by directly sending you a notification through the Platform. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your personal data.
18. QUESTIONS AND REQUESTS ABOUT YOUR PERSONAL DATA ("CONSUMER REQUEST”)
18.1. As a Member or User of Gastromind Inc. you may request the following from Gastromind Inc. as Data Controller;
18.1.1. Access to your personal data.
18.1.2. Rectification or deletion of your personal data.
18.1.3. A restriction on the processing of your personal data.
18.1.4. Object to the processing of your personal data.
18.1.5. A transfer of your personal data (data portability) in a structured, machine readable and commonly used format.
18.1.6. Withdraw your consent to us processing your personal data, at any time.
18.2. Please note that withdrawing your consent is only effective provided that consent is the only basis for the processing of relevant personal data. Similarly, even if you request the deletion of any personal data, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
18.3. You can make a request in relation to any of the above rights by writing to us at the contact address given at the end of this Privacy Policy. Only you, or someone legally authorized to act on your behalf, may make a consumer request related to your personal data. You may also make a consumer request on behalf of your minor child.
18.4. We will respond to such queries as soon as reasonably possible and deal with requests we receive from you, in accordance with the provisions of any applicable data protection law. Please note that you also have the right to appeal our responses to your consumer requests regarding this privacy policy. You can make your appeals to us using the same contact information below.
19. CONTACT US
19.1. You can contact us via post or email.
19.1.1. Via post:
GASTROMIND INC.
Attn: Privacy
1401 PENNSYLVANIA AVE. UNIT 105 WILMINGTON NEW CASTLE 19806 DELAWARE, USA
19.1.2. Via email:
privacy@gastromind.co. with “Privacy” in the subject line
19.2. If your letter or email involves one of the requests listed above in the section titled “Questions and Requests About Your Personal Data”, we may ask you to verify your identity before fulfilling your request depending on the method of your request.