Privacy Policy
Last Updated: August 2, 2024
Glasp Inc. (“Glasp,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how your personal information is collected, used, and disclosed by Glasp. This Privacy Policy applies to our website, and its associated subdomains (collectively, our “Service”) alongside our application, Glasp.
Information We Collect
We collect information when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.
Information You Provide to Us
- Account Information: When you create an account or otherwise use the Services, we collect information such as your name, email address, and profile picture.
- Communication Information: We collect personal information from you such as email address, phone number, mailing address, and marketing preferences when you request information about the Services, register for our newsletter, request customer or technical support, or otherwise communicate with us.
- User Interaction Information: We may offer interactive features such as forums, blogs, posts, chat and messaging services, and social media pages. We and others who use our Services may collect the information you submit or make available through these interactive features. Any content you provide via the public sections of these features will be considered “public” and is not subject to the privacy protections referenced herein. By using these interactive features, you understand that the information provided by you may be viewed and used by third parties.
- Candidate Information: We may post job openings and opportunities on the Services. If you reply to one of these postings or otherwise provide us with your candidacy information, we will collect and process the information you provide to us.
- Customer Content: We collect information that you create or upload to our Services. This content may include personal information, such as names used in the content. Additionally, we collect titles, metadata, tags, highlights, and annotations from books and articles that you save to Glasp from various sources including websites, PDFs, Amazon Kindle, Instapaper, Pocket, Twitter, newsletters, RSS feeds, EPUBs, and other platforms.
- Sweepstakes, Contests, Surveys and Events Information: In connection with sweepstakes, contests, surveys, conferences, and other events hosted, run or sponsored by us, you may provide information to us, or we may receive information about you, such as name, email address, mailing address, demographic data, and any information specific to the event.
- Third-party Integration Information: When you connect the Services with a third-party service (e.g. Notion, OpenAI, and Google Products), you direct the service to send us your access tokens to authenticate the integration with our Services.
- Other Information: We may collect other information which is not specifically listed here, but which we will use in accordance with this Privacy Policy or as otherwise disclosed at the time of collection.
Information We Obtain from Other Sources
- Payment Information: For users who make purchases through our Services, we use Stripe, a third-party payment processor, to process payments. Stripe may collect and store information necessary to process your payment such as your credit or debit card number and the expiration date. Glasp does not receive or store your payment information, but it may receive and store information associated with your payment information (e.g., the fact that you have paid for a subscription). All payment data is securely processed and stored by Stripe, which is committed to maintaining a robust security framework. For more details about Stripe’s security practices and policies, you can visit their website: https://stripe.com/legal.
- Social Media Information: We may maintain pages on social media platforms such as Twitter, Meta, LinkedIn, and other third-party platforms. When you visit or interact with our pages on these platforms, you or the platforms may provide us with information. We will treat such information in accordance with this Privacy Policy. Please note that the platform provider’s privacy policy will apply to their collection, use, and processing of your personal information.
- Third-party Login Information: When you link, connect, or log in/up to the Services using a third-party service (e.g., Google, Apple, and Microsoft), you direct that service to send us certain information, such as your name and email address.
Information Collected Automatically
- Automatic Data Collection: We keep track of certain information about you when you visit and interact with our Services. This information may include your Internet protocol (IP) address, user settings, MAC address, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information (including inferred general location based off of your IP address), Internet service provider, pages that you visit before, during and after using the Services, information about the links you click, information about how you interact with the Services, including the frequency and duration of your activities, and other information about how you use the Services. Information we collect may be associated with accounts and other devices.
- Cookies, Pixel Tags/Web Beacons, and Analytics Information: We, as well as third parties that may provide content, advertising, or other functionality on or in connection with the Services, may use cookies, pixel tags, local storage, and other technologies (“Technologies”) to automatically collect information through the Services. Technologies are essentially small data files placed on your device that allow us and our partners to record certain pieces of information whenever you visit or interact with our Services.
- Cookies: Cookies are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.
- Pixel Tags/Web Beacons A pixel tag (also known as a web beacon) is a piece of code embedded in the Services that collects information about engagement on the Services. The use of a pixel tag allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement. We may also include web beacons in e-mails to understand whether messages have been opened, acted on, or forwarded.
- Analytics: We use Google Analytics and other service providers to collect and process analytics information on our Services. For more information about how Google uses data, please visit here. You can opt out of Google Analytics’ collection and processing of data generated by your use of our website by going to http://tools.google.com/dlpage/gaoptout.
How We Use Your Information
We use your information for a variety of business purposes, including:
- Providing and Managing the Services or Information Requested, such as:
- Account creation;
- Identifying and communicating with you, including providing newsletters and marketing materials;
- Managing your information;
- Processing your payments (which are processed and stored by our third-party payment processors on our behalf) and otherwise servicing your purchase orders;
- Responding to questions, comments, and other requests;
- Providing access to certain areas, functionalities, and features of our Services; and
- Answering requests for customer or technical support.
- Serving Administrative and Communication Purposes, such as:
- Pursuing legitimate interests, such as research and development (including marketing research), network and information security, and fraud prevention;
- Sending communications about new product features, promotions, Glasp's strategic partners, and other news about Glasp;
- Measuring interest and engagement in our Services, including analyzing your usage of the Services;
- Carrying out surveys for user research and analyzing your feedback;
- Developing new products and services and improving the Services;
- Troubleshooting technical issues and maintaining the security of our Services;
- Ensuring internal quality control and safety;
- Authenticating and verifying individual identities;
- Carrying out audits;
- Communicating with you about your account, activities on our Services and Privacy Policy changes;
- Preventing and prosecuting potentially prohibited or illegal activities;
- Enforcing our agreements; and
- Complying with our legal obligations
- Facilitating Collaboration in a Collaboration Space: If you join a group, collaboration space, and/or work space owned by another user or organization, or collaborate with other users on Glasp, Glasp may share basic information about you such as your name, username, email address, and profile picture, with the other users or organizations.
- How We Use Automatic Collection Technologies: Our uses of Technologies fall into the following general categories: Operationally Necessary; Performance Related; Functionality Related; and Marketing Related.
- Enforcing our agreements, and complying with our legal obligations including to share information with law enforcement, the courts and other authorities: We may share information with third parties in response to legal processes, such as a court order or subpoena, or to comply with other legal requirements.
- De-identified and Aggregated Information Use: We may use de-identified and/or aggregated information that can no longer be reasonably linked to you or your device from the information we collect. De-identified and/or aggregated information is not subject to this Privacy Policy, and we may use and disclose such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes.
Disclosing Your Information
We may share any personal information we collect with the following categories of third parties:
- Service Providers: We may share personal information we collect about you with our service providers. The categories of service providers to whom we entrust personal information include service providers for: (i) the provision of the Services; (ii) the provision of information, products, and other services you have requested; (iii) marketing and advertising; (iv) payment and transaction processing; (v) customer service activities; (vi) the provision of IT and related services; and (vii) fraud prevention and user authentication.
- Google API Services User Data Policy: Glasp's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.”
- Your Organization and Administrator: If you access the Services on behalf of an organization (such as with your organization’s domain) or have your account paid for by another party, we will share your information with that organization or paying party at its request and give such organization certain rights over your information. For example, your organization may request that we provide extra security controls around your account to protect information about your organization or your organization may request that we link your Glasp account with your organization’s account to enhance collaboration. If you are the administrator of a team, organization or other account holder within the Services, we may share your contact information with current or past Service users related to you, for the purpose of facilitating Service-related requests. Please note that your information may also be subject to your organization’s privacy policy, and we are not responsible for the privacy or security practices of our customers.
- Share Content with Friends or Colleagues: Our Services may allow you to provide information about your friends, and may allow you to forward or share certain content with a friend or colleague. You agree to only provide information about a friend or colleague with their consent.
- Agents, Consultants, and Professional Advisors: Glasp, like many businesses, sometimes hires other companies and professional advisors to perform certain business-related functions and services. Examples of such functions include mailing information, maintaining databases, processing payments, and providing professional services such as legal, banking, auditing, and insurance. When we engage another entity or advisor to perform a function of this nature, we only provide them with the information necessary to perform their specific function or service.
- The Public: Content can be made publicly available by you or others collaborating on it, and in such cases any information about you included in such content is also publicly available and can be indexed by search engines. You can check at any time whether particular content is public or private by viewing the content’s settings. In addition, we will publicly share your profile picture, name, user handle, and Twitter (or other social networking site) handle (to the extent you have provided us with this information).
- Disclosures to Protect Us or Others: We may access, preserve, and disclose any information we store in association with you to external parties if we, in good faith, believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) protect your, our, or others’ rights, property, or safety; (iii) enforce our policies or contracts; (iv) collect amounts owed to us; or (v) assist with an investigation and prosecution of suspected or actual illegal activity.
- Disclosure in the Event of Merger, Sale, or Other Asset Transfer: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of some or all assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
International Data Transfers
All information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. When we engage in such transfers, we endeavor to safeguard your information consistent with the requirements of applicable laws.
Your Rights and Choices
- General: You have the right to opt out of certain uses of your personal information.
- Email Communications: If you receive an email from us and do not want to receive future emails from us, you can use the unsubscribe link found at the bottom of the email to opt out of receiving future emails. Note that you will continue to receive transaction-related emails regarding products or services you have requested. We may also send you certain non-promotional communications regarding us and our Services, and you will not be able to opt out of those communications (e.g., communications regarding the Services or updates to this Privacy Policy).
- Mobile Devices: We may send you push notifications through our mobile application. You may at any time opt out from receiving these types of communications by changing the settings on your mobile device.
- “Do Not Track”: Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications that you do not wish such operators to track certain of your online activities over time and/or across different websites. We do not respond to Do Not Track signals or similar mechanisms transmitted by web browsers.
- Information Requests: Depending upon your location and in accordance with applicable laws, you may have the right to:
- Access information about you consistent with legal requirements. In addition, you may have the right in some cases to receive or have your electronic information transferred to another party;
- Request Correction of your personal information where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your personal information;
- Request Deletion of your personal information;
- Request Restriction of or Object to our processing of your personal information; and
- Withdraw your Consent to our processing of your personal information.
If you would like to exercise any of these rights, please contact us as set forth below. We will process such requests in accordance with applicable laws. To protect your privacy, we will take steps to verify your identity before fulfilling your request.
Data Retention
We store the information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, provide our Services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws. The specific retention periods depend on the nature of the information and why it is collected and processed and the nature of the legal requirement.
Security of Your Information
We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure.
By using the Services or providing information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Services, by mail or by sending an email to you.
Children's Information
The Services are not directed to children under 13 (or other age as required by local law), and we do not knowingly collect personal information from children. If you learn that your child has provided us with personal information without your consent, you may contact us as set forth below. If we learn that we have collected a child’s personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account, or, if appropriate and possible, seek written consent from such child’s guardian.
Third-Party Websites/Applications
The Services may contain links to other websites/applications and other websites/applications may reference or link to our Services. These third-party services are not controlled by us. We encourage our users to read the privacy policies of each website and application with which they interact. We do not endorse, screen or approve, and are not responsible for, the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk.
Exclusions
This Privacy Policy does not apply to any Personal Data collected by Glasp other than Personal Data collected through the Services. This Privacy Policy shall not apply to any unsolicited information you provide to Glasp through the Services or through any other means. This includes, but is not limited to, information posted to any public areas of the Services, such as forums, any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and Glasp shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.
Other Terms and Conditions
Your access to and use of the Services is subject to the Terms of Service at https://glasp.co/terms-of-service.
Supplemental Notice for California Residents
This Supplemental California Privacy Notice only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of personal information Glasp has collected about them and whether Glasp disclosed that personal information for a business purpose (e.g., to a service provider) in the preceding 12 months. California residents can find this information above, in the respective sections of this Privacy Policy, and below:
Glasp collects the following Categories of Personal Information:
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("personal information"). In particular, we may have collected the following categories of personal information from consumers within the last twelve (12) months:
- Identifiers: A real name, alias, postal address, unique personal identifier, online identifier, IP address, email address, or other similar identifiers.
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)): Name, contact information, education, employment, employment history, and/or financial information.
- Commercial information: Records of products or services purchased, or obtained from Glasp.
- Internet or other electronic network activity: Information on a consumer's interaction with websites, applications, or advertisements related to the Services.
- Geolocation data: Physical location.
- Sensory data: Audio, electronic, visual, or similar information.
Sales of Personal Information under the CCPA
As defined by the CCPA, Glasp does not sell personal information of California residents, nor do we have actual knowledge of any sale of personal information of minors under 16 years of age.
Additional Privacy Rights for California Residents
- Non-Discrimination: California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
- Authorized Agent: Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth below.
- Verification: To protect your privacy, we will take steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include asking you to log in to your account or verify your email address.
If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as set forth below. We will process such requests in accordance with applicable laws.
GDPR Compliance
At Glasp, we're committed to the success of our users and the protection of their data through complying with the General Data Protection Regulation (GDPR) and other privacy-related regulations. The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the use of EU residents’ personal data, providing individuals rights to exercise control over their data and requiring organizations that process personal data to meet certain obligations.
This section of the Privacy Policy applies to users within the European Economic Area (EEA) and Switzerland (collectively, "EU Users"). Under the General Data Protection Regulation (GDPR), we provide specific additional rights for EU Users regarding their personal data. By using our Services, EU Users consent to the processing of their personal data in accordance with this Privacy Policy.
- Data Controller: For the purpose of the GDPR, the data controller is Glasp. If you have any questions or concerns about our data policies or practices, please contact us at [email protected].
- Personal Data We Collect: For EU Users, personal data includes information such as your name, email address, location data, and any other information that can be used to identify you directly or indirectly. A detailed list of the personal data we collect is provided in the "Information We Collect" section above.
- Rights of EU Users: Under the GDPR, EU Users have the right to access, rectify, or erase their personal data, restrict processing, object to processing, and the right to data portability. To exercise these rights, please contact us at the address provided below. You also have the right to lodge a complaint with a supervisory authority competent for your country or region.
- Data Transfer: Personal data collected from EU Users may be transferred to, stored, and processed in a country outside of the EEA, such as the United States, where our servers are located. We ensure that such transfers comply with the GDPR and that adequate protection is provided for your personal data, for instance by using standard contractual clauses approved by the European Commission or relying on or other mechanisms that comply with the GDPR, where applicable.
- Data Retention: We retain personal data for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce our policies. The criteria used to determine the retention period for personal data include the duration of our ongoing relationship with you, whether there is a legal requirement to retain the data, and whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation, or regulatory investigations).
- Automated Decision-Making and Profiling: We do not use your personal data for automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you, without human intervention.
Supervisory Authority
If you are located in the European Economic Area or the UK, you have the right to lodge a complaint with a supervisory authority if you believe our processing of your information violates applicable law.
Changes to Our Privacy Policy
We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use the Services after the new Privacy Policy takes effect.
Contact Us
If you have any questions about our privacy practices or this Privacy Policy, please contact us at:
Glasp Inc.
548 Market St, PMB 26241,
San Francisco, CA 94104
[email protected]