Privacy Policy

Last updated on May 20, 2021

GoMage, Inc. having a principal place of business at 100 Congress Avenue, Suite 2000 - #4555, Austin, TX 78701 (hereinafter referred to as the “Company”, “we”, or “us”) collects from the individual user (hereinafter, referred to as “user”, “you” or “your”) certain personal data through the website https://www.gomage.com (hereinafter, referred to as the “Website”).

This Privacy Policy forms an integral part of Terms of Use and contains the Company’s policies and procedures governing the processing of personal data through the Website.

The processing of personal data through the Website is done in accordance with the data protection laws of the United States, European General Data Protection Regulation 2016/679 (GDPR) and California Consumer Privacy Act 2019 (CCPA).

Definitions

PERSONAL DATA means data that identifies the natural person directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, etc.;

PROCESSING means any operation or set of operations that is performed on Personal Data, and includes but is not necessarily limited to the collection, recording, organization, structuring, storage, adaptation or destruction of Personal Data;

DATA SUBJECT is an identified or identifiable natural person who can be identified, directly or indirectly, based on particular Personal Data.

Acceptance of This Privacy Policy

By using our Website (whether or not you register or create any kind of account with us), you agree to accept the terms set forth in this Privacy Policy as well as in the Terms of Use. Anyone that does not agree to the terms of this Privacy Policy and the Terms of Use, should not use Our Website. You agree that your only recourse should you not agree to the terms of this Privacy Policy and the Terms of Use shall be to discontinue using our Services and visiting our Website. By using our Services, you consent to having your Personal Data transferred to and Processed by us and our third party vendors.

Consent

By using our Website and Services you consent to our Privacy Policy, as well as the limitation of liability, dispute resolution procedures, refund policy and all the other Terms of Use that form a binding agreement between you and us.

Changes to This Privacy Policy

We reserve the right to revise or amend the terms of our Privacy Policy at any time without prior notice and you agree that the revisions or amendments will be effective upon updating on this Website. We agree to change the “Last Updated” date appearing at the top of this page to reflect each time we make any changes, and you agree it is your responsibility to check back often. Continued use of our Website and Services following the posting of changes shall mean that you agree to and accept those changes.

Privacy Statement

GoMage, Inc. shall be considered a data owner and data controller in relationships with Data Subjects. We acknowledge the privacy of natural persons and make efforts to protect them against any unlawful Processing by applying relevant technical and organizational measures to protect Personal Data of natural persons in accordance with the effective legislation. Although we will make reasonable efforts to ensure safe Processing, we cannot guarantee it to be 100% secure and risk-free and you acknowledge and accept such risks.

We process Personal Data in a way that assures appropriate level of security, including protection against unauthorized Processing, destruction, accidental loss, or damage, while applying suitable organizational and technical measures under industry standards and in compliance with the following principles: (1) lawfully, fairly and transparently; (2) Processing is specified, explicit and only for legitimate purposes; Processing is adequate, relevant and limited to necessary purpose; accurate and kept up to date; limitation of the storage for periods not longer than necessary; Processing is done and the Personal Data is held in a manner that ensures appropriate security of the Personal Data.

We Process Personal Data only when one of the conditions below applies: (1) it is required for the performance of the services pursuant to agreement with the Data Subject; (2) it is required for compliance with the law or our legal obligation; (3) Data Subject has provided us with consent for Processing of their Personal Data for one or more specific purposes; (4) Personal data is Processed for our Legitimate Purpose.

When it comes to Processing, we will not discriminate against Data Subject CCPA rights. Unless permitted by the CCPA, we will not: (1) reject Data Subject's request for goods or services on the basis of discrimination; (2) provide to California based Data Subject different prices for goods or services, including through granting discounts or other benefits; (3) render to Data Subject different level or quality of goods or services in comparison to our other clients. Notwithstanding the aforementioned, we may, at our own discretion, offer Data Subject certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will contain written terms that describe such material aspects.

We do not knowingly Process Personal Data that relates to, or reveals, racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic or biometric data, or data concerning the health, sex life or sexual orientation of the natural person.

We do not knowingly Process Personal Data that related to, or reveal, racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic or biometric data, or data concerning the health, sex life or sexual orientation of the natural person.

We apply the following principles in order to protect your privacy: (a) we will not sell or lease your Personal Data to third parties; and (b) any Personal Data that you provide to us will be secured with industry-standard safety protocols and technology.

Types of Personal Data We Process

Contact data Email, billing address, shipping address
Financial data bank account and payment card details, tax identifiers (like VAT number)
Identity data first name, last name, username, date of birth
Marketing data preferences in receiving marketing from us
Communication data Messages you send to us
Technical data internet protocol (IP) address, clients SSH/SFTP/FTP, Magento username, Github repository identifier, Magento account data

The Company adheres to data minimization principles. We process only the minimal amount of information that is necessary for pursuing the legitimate interests of the Company. At the time you purchase software and/or services through the Website or register a user account on the Website, you will be asked to provide personal data, such as your full name, email address, telephone number and company information.

We process Personal Data under the following legal basises:

  1. 1On the basis of consent Art. 6 (1) (a) GDPR; Art 7 (I) LGPD.
  2. 2For other legitimate interests, unless those interests are overridden by Data Subject’s or fundamental rights and freedoms that require protection of personal data. For example, we rely on our legitimate interest when it comes to (1) diagnostic analytics to assess the number of visitors, posts, page views, reviews for further optimization of our Platform; (2) optimization of our visitors’ experience; (3) fraud prevention; (4) network and information security, (5) analysing customer satisfaction.

Purposes of Personal Data Processing

Purpose/Activity Type of data Lawful basis for Processing
to register Data Subject account Identity data, contact data to perform our contractual obligations with you
to provide our services Identity data, contact data, marketing data, communication data, technical data, financial data
  1. 1to perform contract with Data Subject;
  2. 2as necessary for our legitimate interest in recovering debts
to manage our relationship with Data Subject, Identity data, contact data, profile data, marketing data
  1. 1to perform our contract with Data Subject
  2. 2as necessary to comply with our legal obligations
to deliver relevant content/advertisements to Data Subject and measure or understand the effectiveness of our advertising Identity data, contact data, profile data, marketing data, technical data
  1. 1as necessary for our legitimate interests in studying how customers use our products/services; to develop them
  2. 2to grow our business and to inform Data Subject about our marketing strategy;
to use data analytics to improve our platform, services, marketing, customer relationships and experiences technical data to keep our Websites and Services updated and relevant, to develop our business and to inform our marketing strategy
to make suggestions and recommendations about goods or services that may be of interest to Data Subject, including promotional offers Identity data, contact data, technical data, profile data as necessary for our legitimate interests to develop our products/services and grow our business

If you provide express consent in advance, we may use your Personal Data for direct marketing purposes (e.g., sending you our newsletter or offering services that may be of interest to you).

Third Party Access to Personal Data

We will not sell, distribute or lease your Personal Data to third parties unless we have your permission or are required by law to do so. We may use your personal data to send you promotional information about third parties which we think you may find interesting if you tell us that you wish for this to happen.

In case third parties perform services (e.g., hosting of the Website) on behalf of the Company, the Company will require that such third parties employ an adequate level of protection of personal data that is consistent with this Privacy Policy. You will be informed in advance if your personal data is transferred to the third parties i.e. before such transfer.

Your personal data may be accessed by the following third parties:

  1. 1The personal data provided by you for signing up for our newsletter will be used by Mailerlite (https://www.mailerlite.com/), which is a trading name of Rocket Science Group LLC having a principal place of business at J. Basanavičiaus 15, LT-03108 Vilnius, Lithuania, to provide you with the requested newsletter. Mailerlite privacy policy is available at https://www.mailerlite.com/legal/privacy-policy
  2. 2The hosting services for the Website are provided by DigitalOcean LLC (www.digitalocean.com) having a principal place of business at 101 Avenue of the Americas, 10th Floor, New York, NY 10013, USA. DigitalOcean privacy policy is available at https://www.digitalocean.com/legal/privacy-policy/
  3. 3When you make payments through the Website using the Credit or Debit Card payment method, your payments will be processed by Stripe Payments Europe, Ltd. having a principal place of business C/O A&L Goodbody, Ifsc, North Wall Quay, Dublin 1. Stripe privacy policy is available at https://stripe.com/en-de/privacy.
  4. 4When you make payments through the Website using the PayPal payment method, your payments will be processed by PayPal Holdings, Inc., Corporate Headquarters, 2211 North First Street, San Jose, California, U.S.. PayPal privacy policy is available at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=en_US
  5. 5Customer relationship management assistance may be provided by ZenDesk Inc. (https://www.zendesk.com) having a principal place of business at 1019 Market Street San Francisco, CA 94103, USA. ZenDesk privacy policy is available at https://www.zendesk.com/company/customers-partners/privacy-policy/

Security and Confidentiality of Personal Data

The Company takes all necessary steps to protect the confidentiality of Personal Data supplied by the user when utilizing Company’s software or services and when visiting the Website. We do not disclose any user’s Personal Data to any third party unless ordered to do so by a court order during the investigation of a criminal offense or as required under other provisions of disclosure of Personal Data.

The Company takes all necessary steps to safeguard your Personal Data when your payment is being Processed, including the use of specialized services to secure payment of all software or services purchased through the Website. All confidential information transmitted and received by us from the specialized services is encrypted with the help of software that uses Secure Sockets Layer (SSL).

We will use reasonable efforts to maintain the security of and to prevent misuse, loss, unauthorized access, and modification of your Personal Data. However, please note that, due to the inherent risks of using the Internet, you agree to accept such risks and not hold us liable for any destruction, loss, leakage, and falsification of Personal data caused by circumstances beyond our reasonable control.

You are solely responsible for keeping your login details in a private and secure manner.

Processing of Payments and Online eCommerce Platform

We use an online e-commerce platform that allows us to provide the Services to you. Your Personal Data may be transmitted through, and stored on third-party servers. By using our Services, you consent to our collection, disclosure, storage, and use of your personal information in accordance with this Privacy Policy and our Terms of Service.

From time to time, personal financial information (including credit card information) may be transmitted to facilitate transactions with us. We will not share such personal financial information with third parties other than those third parties such as banks, processing gateways and merchant processors required to process your purchase, and you understand that VideoRevv cannot control how the banks, processing gateways or merchant processors will use such personal financial information. Therefore, you hereby consent to such sharing of personal financial information. You agree to assume the risk and agree that it is your responsibility to properly handle, secure, not store and destroy such personal financial information as may be necessary to protect it from misuse. You agree that we shall not be liable for misuse of such personal financial information.

Links to Other Websites

The Website may contain links to other websites of interest. However, once you have used these links to leave the Website, you should note that we do not have any control over that other website. Therefore, you agree to accept such risks and not hold us responsible for the protection and privacy of any information which you provide while visiting such sites and you understand such sites are not governed by this Privacy Policy. You should exercise caution and look at the privacy statement applicable to the website in question.

EEA Data Subjects rights execution

Rights of the data subject

  1. 1Right to rectification. Data Subject has the right to request to rectify, without undue delay, any incorrect data pertaining to the respective Data Subject.
  2. 2Right to limitation of processing. Data Subject can limit the use of Personally Data collected.
  3. 3Right of access. User may request a copy of Personal Data collected during the use of Platform.
  4. 4Objecting to or restricting the use of Personal Data. Data Subject can ask to stop using all or some portion of Personal Data or limit the use thereof by requesting its erasure as described above or sending a request at support@gomage.com.
  5. 5The right to lodge a complaint with a supervisory authority. User has the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where Data Subject resides, work or where the alleged infringement has taken place.
  6. 6The right to data portability. Data Subject can receive Personal Data in a machine-readable format by sending a respective request at support@gomage.com.

Execution of rights

  1. 1Upon Data Subject request we will provide the information free of charge. However, we may charge a reasonable fee if the Data Subject request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with the Data Subject request in those circumstances.
  2. 2Data Subjects exercise their rights by filing a written request containing at a minimum the following information: (1) name, postal address, email address and other data allowing identification of the respective natural person; (2) description of the request; (3) signature, date, correspondence address and mobile number.
  3. 3The filing of the request is free of charge.
  4. 4Upon the filing of a request by an authorized person, the notarised power of attorney must be attached to the request.
  5. 5In case of death of the natural person, his / her heirs exercise his / her rights and the certificate of heirs shall be attached to the request.
  6. 6We will review and pronounce on the request within 1 month as of its filing. This period may be extended by further two months, if necessary, for example, if the Data Subject’s request is particularly complex or when the Data Subject has made a number of requests. We will inform Data Subject as to any such extension within 1 month as of receipt of the request, stating the reasons for the delay.
  7. 7We will provide an answer to the requesting person taking into account their preferred form for the provision of the information (orally or in writing - as a hard copy of electronically).
  8. 8Where Personal Data does not exist or law forbids us from disclosing the information, access to the requesting party to such data is refused, unless required pursuant to a court order.
  9. 9If the requesting party is not satisfied with the response received and/or believes that their rights related to Personal Data protection were violated, they are entitled to exercise whatever rights they feel are appropriate.

Execution of rights by California Consumers

Note: The use of the term “Consumer” in the following sections on California Consumer Rights also refers to “user”, “you” or “your”.

Access to Specific Information and Data Portability Rights

  1. 1Data Subject has the right to request information about what information was Processed over the past 12 months. Once we receive and confirm that the Data Subject is a verifiable consumer, we will disclose to you:
    • The categories of sources for Personal Data we collected about Data Subject.
    • The Personal Data we collected about you (also called a data portability request).
  2. 2For the avoidance of doubts, we do not sell the Personal Data of Data Subjects.

Deletion Request Rights

  1. 1Data Subject has the right to request the deletion of Personal Data Processed, subject to certain exceptions. Once we receive and confirm your verifiable request, we will delete Personal Data from our records, unless Personal Data is necessary for us or our service provider(s) to (1) complete the transaction for which we collected the Personal Data, provide a good or service that Data Subject requested, take actions reasonably anticipated within the context of our ongoing business relationship with Data Subject, or otherwise perform our contract with the Data Subject; (2) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (3) debug products to identify and repair errors that impair existing intended functionality; (4) exercise free speech, ensure the right of another person to exercise their free speech rights, or exercise another right provided for by law; (5) comply with a legal obligation; make other internal and lawful uses of that information that are compatible with the context in which Data Subject provided it.

Exercising Access, Data Portability, and Deletion Rights

  1. 1To exercise the access, data portability, and deletion rights described above, Data Subject should submit a verifiable consumer request to support@gomage.com. Only Data Subjects Based in California, or a person registered with the California Secretary of State as t authorized to act, may make a verifiable consumer request related to Personal Data.
  2. 2Data Subject can make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: (1) provide sufficient information that allows us to reasonably verify Data Subject is the person about whom we collected Personal Data; and contain a clear description allowing us to properly understand, evaluate, and respond to it.
  3. 3We cannot respond to the request or provide Data Subject with Personal Data if we cannot verify the Data Subject’s identity or authority to make the request and confirm the relation of Personal Data.

Response Timing and Format

  1. 1We shall respond to the verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform the Data Subject of the reason and extension period in writing. The response is free of charge unless it is excessive, repetitive, or manifestly unfounded.

Children Using the Website

The Website is not meant to be used by children who are under the age of thirteen (13). If you become aware that your child(ren) has provided us with their personal data without your prior consent, please contact us at support@gomage.com or request that we destroy or de-identify such personal data.

Place

Personal Data is processed at our operating offices and in any other places where the parties involved in the processing are located. It may be necessary to transfer collected Personal Data to countries outside of the European Union for Processing purposes.

Retention Period

Your Personal Data will be kept for as long as is necessary to provide you with the requested service. When your Personal Data is no longer necessary to deliver the requested service, the Company will delete it as soon as possible, unless retaining your Personal Data is required by law for a certain period of time (e.g., for accountancy records).

COOKIES

A cookie is a small file that asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Generally, cookies allow web applications to respond to you as an individual. With the help of a cookie, a web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic to our Website and improve our Website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website experience, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the Personal Data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of our Website.

List of Cookies We Collect

The table below lists the cookies we collect and what information they store.

COOKIE name COOKIE Description
CART The association with your shopping cart.
CATEGORY_INFO Stores the category info on the page, allowing you to display pages more quickly.
COMPARE The items that you have in the Compare Products list.
CURRENCY Your preferred currency.
CUSTOMER An encrypted version of your Customer ID with the store.
CUSTOMER_AU An indicator if you are currently logged into the store.
CUSTOMER_INFO An encrypted version of the customer group you belong to.
CUSTOMER_SEGMENT_IDS Stores the Customer Segment ID.
EXTERNAL_NO_CACHE A flag, which indicates whether caching is disabled or not.
FRONTEND You sesssion ID on the server.
GUEST-VIEW Allows guests to edit their orders.
LAST_CATEGORY The last category you visited.
LAST_PRODUCT The most recent product you have viewed.
NEWMESSAGE Indicates whether a new message has been received.
NO_CACHE Indicates whether it is allowed to use cache.
PERSISTENT_SHOPPING_CART A link to information about your cart and viewing history if you have asked the site.
POLL The ID of any polls you have recently voted in.
POLLN Information on what polls you have voted on.
RECENTLYCOMPARED The items that you have recently compared.
STF Information on products you have emailed to friends.
STORE The store view or language you have selected.
USER_ALLOWED_SAVE_COOKIE Indicates whether a customer is allowed to use cookies.
VIEWED_PRODUCT_IDS The products that you have recently viewed.
WISHLIST An encrypted list of products added to your Wishlist.
WISHLIST_CNT The number of items in your Wishlist.


Miscellaneous

  1. 1If any provision of this Privacy Policy is held unenforceable by a court of law, then the Company will modify such provision to comply with applicable law and all other provisions. will remain in full force and effect.
  2. 2Dispute resolution. Each party will allow the other reasonable opportunity to comply before it claims that the other has not met its obligations under this Privacy Policy. The parties will attempt in good faith to resolve all disputes, disagreements, or claims between the parties relating to this Privacy Policy.
  3. 3Governing law; Place of jurisdiction. Any cause of action, claim and/or dispute that might arise between the parties hereunder, shall be subject to the laws of Finland, without regard to conflict of law principles and provisions. The United Nations Convention on Contracts for the International Sale of Goods does not apply. Non-exclusive jurisdiction and venue for actions related to this Agreement or Licensee's use of the Software will be the state courts located in Finland.

Contacting Us

If you have any questions or concerns regarding this Privacy Policy, please contact us by email at support@gomage.com, or please write to the following address:

GoMage, Inc.

100 Congress Avenue

Suite 2000 - #4555

Austin, TX 78701

Monday - Friday

3:00 a.m. - 12:00 p.m. Eastern Standard Time (EST)

(P) 646-878-6537