Last updated: May 25th 2018
GIS Cloud, we and us refers to GIS Cloud Ltd., GIS Cloud Inc., GIS Cloud d.o.o., considers the privacy and online security of our Users to be of utmost importance.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to, your email address, name, phone number, postal address, credit card information and other information (“Personal Information”). We collect this information for the purpose of providing the Services, identifying and communicating with you, responding to your requests/inquiries, servicing your purchase orders, and improving our services.
We may collect Personal Information from you such as email address, phone number or mailing address when you choose to request information about our Services, register for GIS Cloud’s newsletter or a program that we may offer from time to time, request to receive customer or technical support, or otherwise communicate with us.
The Services include the GIS Cloud products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include. Examples of content we collect and store include: maps and layers that you create and setup, tables you create and populate in our database with your data, etc. Content also includes the files and links you upload to the Services. If you use on-premises version of the Services, we do not host, store, transmit, receive or collect information about you (including your content), except in limited cases, where permitted by your administrator.
We collect certain payment and billing information when you register for certain paid Services. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.
We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services.
We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; the type, size and filenames of attachments you upload to the Services; and how you interact with others on the Services. We also collect information about organizations and people you work with and how you work with them, like who you collaborate with.
We collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
We may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Service’s functionality. These third party service providers have their own privacy policies addressing how they use such information. When you access the Services by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, your location information and other statistics.
Please see the section regarding Location Information below regarding the use of your location information and your options.
We may use and store information about your location depending on the permissions you have set on your device. We use this information to provide features of our Service, to improve and customize our Service. You can enable or disable location services when you use our Service at anytime, through your mobile device settings.
We use unique identifiers such as cookies, e-mail or your pseudonymized customer ID to track individual usage behavior on our Service, such as the length of time spent on a particular page and the pages viewed during a particular log-in period. Unique identifiers collect information about a user’s use of our Service on an individual basis.
Mobile device identifiers are identifiers stored on your mobile device that track certain data and activities occurring on or through your device. Mobile device identifiers enable collection of Personal Information (such as media access controls) as well as non-personally identifiable information (such as usage and traffic data).
We and our third party service providers collect information about you, your device, and your use of the Service through cookies, clear gifs (a.k.a. web beacons/web bugs) (“Web Beacons”), and other tracking tools and technological methods (collectively, “Tracking Tools”). Tracking Tools collect information such as computer or device operating system type, IP address, browser type, browser language, mobile device ID, device hardware type, the website or application visited or used before or after accessing our Service, the parts of the Service accessed, the length of time spent on a page or using a feature, and access times for a web page or feature. These Tracking Tools help us learn more about our users and analyze how users use the Service, such as how often users visit our Service, what features they use, what pages they visit, what emails they open, and what other sites or applications they used prior to and after visiting the Service.
Like many websites and mobile application operators, we collect certain information through the use of “cookies,” which are small text files that are saved by your browser when you access our Service. Cookies can either be “session cookies” or “persistent cookies”. Session cookies are temporary cookies that are stored on your device while you are visiting our Website or using our Service, whereas “persistent cookies” are stored on your device for a period of time after you leave our Website or Service. We use persistent cookies to store your preferences so that they are available for the next visit, and to keep a more accurate account of how often you visit our Service, and how your use of the Service varies over time. We also use persistent cookies to measure the effectiveness of advertising efforts. Through these cookies, we may collect information about your online activity after you leave our Service. For more information on cookies, including how to control your cookie settings and preferences, visit http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm, https://ico.org.uk/for-the-public/online/cookies/ and http://www.allaboutcookies.org/.
Web Beacons help us better manage content on our Service by informing us what content is effective. Web Beacons are embedded in, or otherwise associated with, certain emails or other communications that you receive from us or our partners. Web Beacons help us track your responses and interests and deliver relevant content and services to you. For example, they may let us know when you take actions based on the emails that we send. Web Beacons also allow us to enhance our Behavioral Advertising (defined below), which is further discussed below in the section titled “Online Behavioral Advertising” below.
We may use third-party services, such as open search tools and social networks, to obtain information about you (such as your name or company) and to enrich your personal information by obtaining publicly available information about you, such as your job title, employment history and contact information.
Some of our advertising (“Behavioral Advertising”) involves using Tracking Tools to collect information about a user’s online activities over time and across non-affiliated websites and applications and providing ads to the user based the user’s interests (as inferred from the user’s online activity) or use of our Service. Behavioral Advertising may appear on our Service or on other websites or services. We work with third parties to provide Behavioral Advertising, such as advertising networks, data exchanges, traffic measurement service providers, marketing analytics service providers, and other third-party service providers (collectively, “Advertising Service Providers”). Advertising Service Providers perform services such as facilitating targeting of advertisements and measuring and analyzing advertising effectiveness on the Service (collectively, all such services, “Targeting Services”). Targeting Services help us display Behavioral Advertising, prevent you from seeing repeated ads, and enable us to research the usefulness of ads.
You have the option to opt out of Behavioral Advertising. Contact us at firstname.lastname@example.org
We receive information about you from other Service users, from third-party services and from our business and channel partners.
Other users of our Services may provide information about you when they submit content through the Services. We receive your email address from other Service users when they provide it in the GIS Cloud Manager in case they are creating your account in their organization.
We work with a global network of partners who provide consulting, implementation, training and other services around our products. Some of these partners also help us to market and promote our products, generate leads for us, and resell our products. We receive information from these partners, such as billing information, billing and technical contact information, company name, what GIS Cloud products you have purchased or may be interested in, evaluation information you have provided, what events you have attended, and what country you are in.
We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements.
We acquire, hold, use and process information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate and maintain the Services.
We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We also provide tailored communications based on your activity and interactions with us. For example, certain actions you take in the Services may automatically trigger a feature or third-party app suggestion within the Services that would make that task easier. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.
We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying GIS Cloud ads on other companies’ websites and applications, as well as on platforms like Facebook and Google. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new product offers, promotions and contests. You can control whether you receive these communications.
We may use Personal Information to create non identifiable information that we may use alone or in the aggregate with information obtained from other sources, in order to help us to optimally deliver our existing products and Services or develop new products and Services. From time to time, GIS Cloud may perform research (online and offline) via surveys. We may engage third party service providers to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve Individuals by learning more about their needs and the quality of the products and services we provide. The survey responses may be utilized to determine the effectiveness of our Services, various types of communications, advertising campaigns, and/or promotional activities. If an Individual participates in a survey, the information given will be used along with that of other study participants. We may share anonymous Individual and aggregate data for research and analysis purposes.
We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services.
We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.
To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
We use information about you where you have given us consent to do so for a specific purpose not listed above.
Data protection law in Europe requires a “lawful basis” for collecting and retaining personal information from citizens or residents of the European Economic Area. Our lawful bases include:
Performing the contract we have with you: In certain circumstances, we need your personal information to comply with our contractual obligation to deliver the Services, enable creators to establish and display their projects, and enable backers to find and make pledges to them.
Legal compliance: Sometimes the law says we need to collect and use your data. For example, tax laws require us to retain records of pledges and payments made through our Service.
Legitimate interests: This is a technical term in data protection law which essentially means we have a good and fair reason to use your data and we do so in ways which do not hurt your interests and rights. We sometimes require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and that does not materially impact your rights, freedom or interests.
For example, we use identity, device, and location information to prevent fraud and abuse and to keep the Services secure. We may also send you promotional communications about our Services, subject to your right to control whether we do so.
We analyze how users interact with our Service so we can understand better what elements of the design are working well and which are not working so well. This allows us to improve and develop the quality of the online experience we offer all our users.
If you register or access the Services using an email address with a domain that is owned by your employer or organization, and such organization wishes to establish an account or site, certain information about you including your name, contact info, content and past use of your account may become accessible to that organization’s administrator and other Service users sharing the same domain. If you are an administrator for a particular site or group of users within the Services, we may share your contact information with current or past Service users, for the purpose of facilitating Service-related requests.
We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.
We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information. Service providers that we use are listed here.
We work with third parties who provide consulting, sales, and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.
The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.
In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect GIS Cloud, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
We use data hosting service providers in the United States and EU to host the information we collect, and we use technical measures to secure your data. Optionally you can request your information to be stored on our servers in Australia.
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure.
However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
We can delete your account if it remains inactive (i.e. not accessed) for 1 year or longer.
We will retain your information as long as your account is active, as necessary to provide you with the Services or as otherwise set forth in this Policy. We will also retain and use this information as necessary for the purposes set out in this Policy and to the extent necessary to comply with our legal obligations, resolve disputes, enforce our agreements and protect GIS Cloud legal rights.
If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account.
If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your GIS Cloud account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and any limitations.
You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Below, we describe the tools and processes for making these requests. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator (see “Notice to End Users” below), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.
Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.
Our Services give you the ability to access and update certain information about you from within the Service. For example, you can access your profile information from your account. You can update your profile information within your profile settings and modify content that contains information about you using the editing tools associated with that content.
If you no longer wish to use our Services, you or your administrator may be able to deactivate your Services account. If you can deactivate your own account, that setting is available to you in your account settings. Otherwise, please contact your administrator. If you are an administrator and are unable to deactivate an account through your administrator settings, please contact GIS Cloud support (email@example.com). For more information on how to delete your information, see below.
Our Services give you the ability to delete certain information about you from within the Service. For example, you can remove content that contains information about you using editing tools associated with that content, and you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don’t have the appropriate rights to do so. For example, if you believe a Services account was created for you without your permission or you are no longer an active user, you can request that we delete your account as provided in this policy. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable). If you object to information about you being shared with a third-party app, please disable the app or contact your administrator to do so.
You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your account settings.
You can prevent the use of certain Tracking Tools, such as cookies, on a device-by-device basis using the controls in your web browser. These controls can be found in the Tools > Internet Options (or similar) menu for your browser, or as otherwise directed by your browser’s support feature. Through your web browser, you may be able to:
Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing from us as described above.
We collect information globally and primarily store that information in the United States. Optionally you can request your information to be stored on our servers in Australia. We transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services. Whenever we transfer your information, we take steps to protect it.
To facilitate our global operations, we transfer information to either United Kingdom, Croatia or the United States and allow access to that information from countries in which the GIS Cloud owned or operated companies have operations for the purposes described in this policy. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based. When we share information about you within and among GIS Cloud corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission.
Many of our products are intended for use by organizations. Where the Services are made available to you through an organization, that organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this policy.
Administrators are able to:
Please contact your organization or refer to your administrator’s organizational policies for more information.
We have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
To contact our Data Protection Officer, please email firstname.lastname@example.org.
Subject to applicable law, if you are a citizen or resident of the European Economic Area, you also have the right to (i) object to GIS Cloud’s use of your personal information and (ii) lodge a complaint with your local data protection authority or the CROATIAN PERSONAL DATA PROTECTION AGENCY, which is GIS Cloud’s lead supervisory authority in the European Union.
CROATIAN PERSONAL DATA PROTECTION AGENCY
Fra Grge Martića 14
HR – 10 000 Zagreb
Tel. 00385 (0)1 4609-000
Fax 00385 (0)1 4609-099
Only persons age 18 or older have permission to access our Service. Our Service does not address anyone under the age of 13 (“Children”).
We do not knowingly collect personally identifiable information from Child(ren) under 13. If you are a parent or guardian and you learn that your Children) have provided us with Personal Information, please contact us. While we are not obligated to police our Services for such activity, if we become aware that we have collected Personal Information from a Children) under age 13 without verification of parental consent, we will do our best to remove that information from our servers.