Privacy Policy

Last Updated: May 13, 2024

Gadget Software Inc. (“Gadget”/”we”/”us”) has created this privacy policy (the “Privacy Policy”) in order to set out how we collect, process, and disclose information that identifies or can be used to identify living individuals (“Personal Information”).  This Privacy Policy applies to Personal Information collected through our website, www.gadget.dev and its subsites and their subpages (the “Website”) and through our platform and in the course of providing access to our products, software and services (collectively all of the foregoing are the “Services”).  The Services enable application developers to build, run and host software applications (all as more fully described in the Gadget Terms of Service and other terms of our User Agreement). 

Compliance with privacy laws is important to us. We do not actively collect Personal Information for the purpose of selling or marketing that Personal Information to third parties, Personal Information may be collected about users and visitors to the Website, as well as our Users and their end-users (collectively “Users”) who interact with our Services. 

By visiting our Website or using the Services in any manner, you acknowledge that you accept the practices and policies outlined in this Privacy Policy and you hereby consent to the collection, use and disclosure of your Personal Information in accordance with this Privacy Policy.

1. OVERVIEW

1.1. A Note about Children. 

Our Services are not intended for use by minors.  We do not intentionally gather Personal Information from children. If a child under 13 submits Personal Information to Gadget and we learn that the Personal Information is the Personal Information of a child under 13, we will attempt to delete the Personal Information as soon as possible. If you believe that we might have any Personal Information from a child under 13, please contact our Privacy Officer at privacy@gadget.dev. 

1.2. International Users

Gadget is a Canadian resident corporation.  If you are a non-U.S. or non-Canadian user of the Services, you acknowledge and agree that your Personal Information may be processed for the purposes identified in this Privacy Policy. In addition, your Personal Information may be processed in the country in which it was collected and in other countries, including the United States and Canada, where laws regarding processing of Personal Information may be less stringent than the laws in your country. By providing your data, you consent to such transfer.  If you are in the UK or EEA please see specific terms which apply to you further below in Section 9.1.

1.3. Lawful Processing

We process Personal Information only to the extent necessary for the purposes described in this Privacy Policy. We set out below the type of Personal Information we collect and how we use such Personal Information. Except as set forth in this Privacy Policy, your Personal Information will not be used for any other purpose without your consent. You may withdraw your consent to our processing of your Personal Information at any time. However, withdrawing consent may result in your inability to continue using the Services.

2. SCOPE

This Privacy Policy does not apply to the practices of companies that we do not own or control, to individuals that we do not employ or manage, or to any technology provided by third parties, including without limitation third-party hardware and third-party software (“Third Party Technology”). You are responsible for ensuring that you have obtained the necessary authorizations and consents for any Personal Information you make available to us for use in accordance with this Privacy Policy. In particular, our Users represent and warrant to Gadget that they have the necessary rights under applicable law or have obtained the necessary consents from each End User whose Personal Information is provided by that User to Gadget in order to allow Gadget to use, disclose and otherwise process such Personal Information for the purposes described in this Privacy Policy in the manner described in this Privacy Policy.

3. Changes to our Privacy Policy

We may change this Privacy Policy from time to time. We encourage you to review this Privacy Policy each time you use our Website or our Services to see if the policy has been changed, as indicated by the “Effective Date” set out above. We may at our discretion choose to highlight the fact that we made material changes by posting a notice on our Website and/or by sending you a notice (if we have your contact details), as appropriate.‍

4. Information you provide us

You may give us Personal Information by:

• Using our service as a User of ours. Where you are our User or are an employee of our User you may provide us with Personal Information. The type of information collected includes your name (optional); usage data, email address, IP address, location coordinates, username; password; and basic site information i.e. URL/Channel/Impression Traffic/Analytics/Anonymized activity data etc.
• Corresponding with us by phone, e-mail or otherwise. We ask you to disclose only as much information as is necessary to provide you with our products or services or to submit a question/suggestion/comment in relation to our Website or our services or products.
• Applying to work with us. The type of information you may provide in your CV, a cover letter, your name, address, e-mail address and phone number. CVs should include information relevant to your employment history and education (degrees obtained, places worked, positions held, relevant awards, and so forth). We ask that you do not disclose sensitive personal information (e.g. gender, height, weight, medical information, religion, philosophical or political beliefs, financial data) in your application.
• Supplying us with goods or services. Suppliers may provide us with information which may include a contact name; email address; business address; and telephone number.
  

5. Information we collect

Gadget may also collect certain information from visitors to and Users of the Website, such as Internet addresses. This information is logged to help diagnose technical problems, to administer our Website and in order to constantly improve the quality of the Services. We may also track and analyze non-identifying and aggregate usage and volume statistical information from our visitors and Users and provide such information to third parties.

Our third-party partners also employ clear gifs (a.k.a. Web Beacons/Web Bugs), images, and scripts that help them better manage content on our Website. We do not tie the information gathered to our Users' or End Users' Personal Information.

6. Cookies on the Website

When you interact with the Website we strive to make that experience easy and meaningful. When you come to our Website, our web server sends a cookie to your computer. Cookies are files that web browsers place on a computer's hard drive and are used to tell us whether Users and visitors have visited the Website previously. If you click on a link to a third-party Website, such third party may also transmit cookies to you.

Standing alone, cookies do not identify you personally. They merely recognize your browser. Unless you choose to identify yourself to Gadget, by registering for an account, you remain anonymous to Gadget. Cookies come in two flavors: session and persistent-based. Session cookies exist only during an online session. They disappear from your computer when you close your browser software or turn off your computer. Persistent cookies remain on your computer after you've closed your browser or turned off your computer. They include such information as a unique identifier for your browser.

Gadget uses session cookies containing encrypted information to allow the system to uniquely identify you while you are logged in. This information allows Gadget to process your online transactions and requests. Session cookies help us make sure you are who you say you are after you've logged in and are required in order to use the Gadget application. Gadget uses preference cookies that only Gadget can read and use, to identify the fact that you are a Gadget User or prior Gadget Website visitor (whatever the case may be). We are especially careful about the security and confidentiality of the information stored in preference cookies. We also use security cookies for security purposes and advertising cookies for targeted advertising. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s educational page at https://www.networkadvertising.org/understanding-online-advertising/how-does-it-work. 

7. How we use information we collect

We collect the Personal Information described above in order to provide our Services to our Users and their End Users, to market our products and services, to improve our Website and to recruit staff.

We will use the information we collect in the following ways:

Users

• To fulfill our obligations arising from our contract with you i.e. to provide you with our Services.
• To set your account up as a User on our systems.
• To liaise with you about projects that we are undertaking with you.
• To deliver information about our products and services, where you have subscribed to receive the same.
  

Website users

• To administer and improve our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
• As part of our efforts to keep our Website safe and secure.
• To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
• To make suggestions and recommendations to you and other users of our Website about services that may interest you or them.
  

Suppliers

• To fulfill our obligations arising from our contract with you.
• To liaise with you about projects that you are undertaking for us.
• To manage your delivery of your services to us.‍

8. Who we share your information with‍

We may share your Personal Information with our selected business partners, suppliers and subcontractors for the performance of any contract we enter into with them or you. For example, these business partners may include our web hosting provider and our IT service providers.

We use a number of sub processors and service providers to both assist us in providing the Website and Services and in addition, we may disclose your Personal Information to third parties:

• In the event that we sell or buy any business or assets, in which case we may disclose your Personal Information to the prospective seller or buyer of such business or assets.
• If we are acquired by a third party or if a substantial portion of our assets are acquired by a third party, in which case information held by us about our Users and their End Users will be one of the transferred assets.
• If we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect our rights, property, or safety, our Users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

9. Data Storage

Data Locality

The data that we collect from you may be transferred to, and stored in, Canada which is outside the European Economic Area ("EEA") and for which there is an adequacy decision relating to the safeguards for personal data from the European Commission. The data that we collect from you may also be transferred to, and stored at, the United States of America outside the European Economic Area ("EEA") for which there is an adequacy decision relating to the safeguards for personal data from the European Commission.  

9.1. General Data Protection Regulation (GDPR) Privacy Rights

We may be collecting and using information from you (the ‘data subject’) if you visit, access, and/or use our Service, and if you reside in the EEA. The GDPR provides certain rights to EEA residents including the right to request access to, obtain, correct, amend, delete, or limit the use of your personal data.  Any terms defined in the GDPR have the same meaning when used in this section. This section ‎of our Privacy Policy applies specifically to users or visitors who are EEA residents. Notwithstanding the foregoing and for the sake of clarification, this Privacy Policy shall be read as a whole and shall be applicable to EEA residents and users of our Service.

(A) GDPR Principles. Where the GDPR applies, the legal bases we rely upon include:

• The right to be informed. You have the right to be provided with clear, transparent, and easily understandable information about how we use your Personal Information and your rights. Our Privacy Policy sets out how we use your Personal Information and your rights in connection with them. 
• The right of access. You have the right to obtain access to your Personal Information (if we process it). For This will allow you to verify that we are using your Personal Information in compliance with applicable law. If you wish to access the Personal Information we hold about you in this way, please use the contact information referenced below to get in touch with us. 
• The right to rectification. You are entitled to have your Personal Information corrected if it is inaccurate or incomplete. You can request that we rectify any errors in the information that we hold by contacting us using our contact details below. 
• The right to erasure. This is also known as 'the right to be forgotten' and, essentially, it means that you have the right to request the deletion or removal of certain of the information that we hold about you by sending your request to us using our contact details below. We will only retain your Personal Information for the duration and for as long as it is required to satisfy our intended purposes, in compliance with applicable law. So unless we have explicitly stated in this Privacy Policy, the Personal Information stored by us will be deleted as soon as it is no longer required for its intended purpose and its does not conflict with any statutory storage obligations. If it is not deleted for other necessities and legally permissible purposes, its processing is restricted. This means that data is blocked and not processed for other purposes and applies, for example, to data retained for legal, statutory, commercial, or tax purposes. 
• The right to restrict processing. You have rights to restrict,  (i.e 'block' or 'suppress' further use of your Personal Information). When processing is restricted, we can still store your Personal Information, but will not use it further.
• The right to data portability. You have the right to obtain a copy of your Personal Information in an accessible, human-readable, and transferrable format so that you can re-use it for your own purposes across different service providers. This is not a general right however and there are exceptions. To learn more about your rights to data portability, you may contact us using our contact details below.
• The right to withdraw consent. If you have given your consent to anything we do with your information (i.e. we rely on consent as a legal basis for processing your information), you have the right to withdraw that consent at any time. You can withdraw your consent by contacting us. 
• The right to object to direct advertising. You have the right to object to certain types of processing of your Personal Information (if we process it), including processing for direct marketing purposes and profiling. You can object by deactivating your cookie and tracking settings on your web browser. Deactivating these cookies, however, may restrict your use or access to the functionality of the Services. In addition, to learn more about how to object to the use of cookies and trackers, and opting out of our direct marketing, you may visit http://www.aboutads.info/choices/ (the United States and Canada), http://www.youronlinechoices.com/ (EU Website). 
• The right to lodge a complaint. If your request or concern in connection with your Personal Information is not satisfactorily resolved by us, you have the right to lodge a complaint about the way we handle or process your information with the national data protection authority.
• Disclosure to third parties. As an EEA resident, If your Personal Information is disclosed to third parties (for instance, contract processors) as part of our processing, transmitted to them, or access to the Personal Information is otherwise granted, this transaction shall only be done for lawful purposes(for instance, to fulfill our contractual obligations with our third-party payment providers, and only if you have provided your consent, and it fulfills our legitimate interests, such interests which we have outlined in this Privacy Policy. 
  

(B) Data Transfers

As referenced in this Privacy Policy, all Personal Information hosted on our behalf may be transferred and stored by our third-party service providers at destinations outside the EEA that may not be subject to equivalent data protection law (i.e. United States and Canada).  It may also be processed by staff situated outside the EEA who work for us or one of our suppliers.  We may transfer your Personal Information outside the EEA:

• to host or store it (see further our list of sub-processors below);

• to enable us to provide goods or services to and fulfill our agreements and legal obligations with you in accordance with our terms of Service;
• where we are legally required to do so;
• to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights. Where your information is transferred outside the EEA, we take steps reasonably necessary to ensure that your data is subject to appropriate safeguards, such as where applicable relying on a recognized legal adequacy mechanism and contracts, to help ensure your rights and protections travel with your data and that your Personal Information is treated securely and in accordance with this Privacy Policy.‍

(C) Exercising your Personal Information Rights as an EEA resident

To exercise these rights to Personal Information under this Privacy Policy as an EEA resident, you may contact us using the contact details we have provided below. We may ask for further information to clarify your identity and location. If you are a User or employee of one of our service provider Users, please contact the service provider that you interact with directly, as in that circumstance we will be acting as a data processor, not a data controller.

(D) Subprocessors

To support Gadget in delivering the Services, Gadget engages third-party service providers as sub-processors. This section identifies our sub-processors, describes where they are located, lists what services they provide to us, and identifies the type of personal information processed. Our business needs may change from time to time and Gadget will periodically update this page to provide notice of additions and removals to our list of sub-processors.

(E) Service Provider

9.2. California Privacy Rights

This section provides additional details about the Personal Information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act (the “CCPA”). For more details about the Personal Information Gadget has collected over the last 12 months, please see the section “Information you provide us” above. We collect this Personal Information for commercial purposes described above. Gadget does not sell (as that term is defined in the CCPA) the Personal Information we collect.   Subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of Personal Information we collect (including how we use and disclose this Personal Information), to delete their Personal Information, to opt-out of any “sales” or “sharing” of Personal Information that may be occurring, and to not be discriminated against for exercising these rights.

California consumers may make a request pursuant to their rights under the CCPA by contacting us at the contact information below. We will verify your request using the information associated with your account, if available, including your email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf.

10. Data Retention

The time periods for which we retain your information depends on the type of information and the purposes for which we use it. We will keep your information for no longer than is required or permitted. We may retain certain data as necessary for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or if required by law. All retained Personal Information will remain subject to the terms of this Privacy Policy.

11. Your data rights

You have the following rights in respect of your Personal Information:

• The right to access the Personal Information we hold about you.
• The right to require us to rectify any inaccurate Personal Information about you without undue delay.

As a User of Gadget, you have the following rights:

• The right to have us erase any Personal Information we hold about you in circumstances such as where it is no longer necessary for us to hold the Personal Information or, in some circumstances, if you have withdrawn your consent to the processing.
• The right to object to us processing Personal Information about you such as processing for profiling or direct marketing.
• The right to ask us to provide your Personal Information to you in a portable format or, where technically feasible, for us to port that Personal Information to another provider, provided it does not result in a disclosure of Personal Information relating to other people.
• The right to request a restriction of the processing of your Personal Information.
• The right to address a challenge concerning the personal information handling policies and practices at Gadget.

Where our processing of your Personal Information is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdraw your consent remains lawful. You may exercise any of the above rights by contacting privacy@gadget.dev.

If you are a resident of the European Union, you may also lodge a complaint with your local privacy commissioner or other Supervisory Authority with respect to our processing of your Personal Information. The local Supervisory Authority in each European country can be found here.

12. Additional Information, Requests and Questions  

Questions regarding this Privacy Policy or our privacy practices can be directed to our Data Protection Officer, who can be reached privacy@gadget.dev.