Last updated: October 3, 2018.
We, at Gong I.O Ltd., put great efforts in making sure that your personal information is safe and used properly.
This policy explains our privacy practices for processing personal information on our data analytics services (the “Service” and “Customers”), and on our website at gong.io (“Website“). We process your personal information subject to the terms of this policy.
The Identifiable Information That You Provide
As a Customer representative, you may login to the Service, including through our Website. We will ask you to provide personal information, including your name, your company name, your email address and password.
When you, or someone on your behalf, contact our Customers, we may receive certain personally identifiable information that can be used to provide the Service or to contact or identify you. Personal information may include, but is not limited to, your name, mailing address, email address and telephone number.
When you contact us we may receive and process any personal information that you provide us.
Customers’ Use of our Service
We provide speech analytics services. Our services enable our Customers to record, analyze and share for a limited period of time the recordings of phone calls, video calls and online demos, including associated data and documentation. The recordings and our analysis of the recordings may contain personal information.
The Identifiable Information That We Collect
When you access the Website, our servers log certain ‘traffic/session’ information from your device, such as your user agent and the Internet Protocol (IP) address.
When you use the Website, we collect information about your Service activity, for example your log-in and log-out time, the duration of Service sessions, the content uploaded and downloaded, viewed web-pages or specific content on web-pages, activity measures and geo-location.
What Do We Do with Identifiable Information?
We use the personal information we collect and receive to provide the Service to Customers, to enable the Service’s tools and features, to study and analyze the functionality of the Service, to provide support, to measure Service activity for pricing purposes, to maintain the Service, to make it better and to continue developing the Service.
We may use Customer’s email address to contact Customer when necessary, to send Customer reminders and to provide Customer information and notices about the Service. We may include commercial and marketing information.
We obey the law and expect you to do the same. If necessary, we may use your identifiable information to enforce our terms, policies and legal agreements, to comply with court orders and warrants, and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of the Service, and to take any action in any legal dispute and proceeding.
We commit to process personal information solely for the purposes described in this policy. To the extent relevant and possible, we will make efforts to maintain the information accurate, complete and up-to-date.
Sharing Identifiable Information with Others
We provide our Customers with data analytics of calls and online demos that their personnel have conducted with clients and prospects. Customers are further provided access to the recordings for a limited period of time and they may share the access to the recordings internally and with relevant third parties.
We do not sell, rent or lease your personally identifiable information. We may share your identifiable information with service providers and other third parties, if necessary to fulfill the purposes for collecting the information, provided that any such third party will commit to protect your privacy as required under the applicable law and this policy.
We may also share personally identifiable information with companies or organizations connected, or affiliated with us, such as subsidiaries, sister-companies and parent companies, with the express provision that their use of such information must comply with this policy.
Additionally, a merger, acquisition or any other structural change may require us to transfer your personal information to another entity, provided that the receiving entity will comply with this policy.
We may be liable for onward transfers to third parties in violation of the Privacy Shield Principles. For further information, please below see the EU-US and Swiss-US Privacy Shield chapter of this policy.
Disclosure of Information to Authorities
We may need to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Aggregated and Analytical Information
We may use analytics tools, including Google Analytics, Mixpanel and Mouseflow. These tools help us understand users’ behavior on our sites and applications, including by tracking page content, and click/touch, movements, scrolls and keystroke activities. The privacy practices of these tools are subject to their own policies and they may use their own cookies to provide their services. For further information about cookies, please see the ‘Cookies’ section in this policy. Further information about the privacy practices of our analytics service providers is available at: www.google.com/policies/privacy/partners/; https://mixpanel.com/terms/ and https://mouseflow.com/terms/.
Further information about your option to opt-out of these analytics services is available at: https://tools.google.com/dlpage/gaoptout; https://mixpanel.com/optout; and https://mouseflow.com/opt-out/. Please note that if you get a new computer, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you may also clear the Mixpanel opt-out cookie.
From time to time, we may use additional or alternative analytics services. We will provide a notice of these changes on our website, and to our Customers through email or other available electronic means.
We use anonymous, statistical or aggregated information, which may be based on extracts of your personal information, for legitimate business purposes including for testing, development, control and operation of the Service. We may share such information with our partners. It has no effect on your privacy, because there is no reasonable way to extract data from the aggregated information that can be associated with you. We will share your identifiable information only subject to the terms of this policy, or subject to your prior consent.
At any time, you may unsubscribe our mailing lists, newsletters or disable your account by sending us an opt-out request to: email@example.com. However, we may store and continue using or making available certain personal information that is related to you. For further information, please read the Data Retention section in this policy.
Note that if your personal information is included in content which was provided to the Service by one of our Customers. You may want to contact the Customer who provided that content and request that your personal information is removed.
At any time, you may choose (opt out) whether your personal information is (i) to be disclosed to a third party, other than to third parties who act as our agents to perform tasks on our behalf and under our instructions, or (ii) to be used for a purpose that is materially different from the purposes for which it was originally collected, pursuant to this policy, or subsequently authorized by you. You may exercise your choice by contacting us at: firstname.lastname@example.org.
Some web browsers offer a “Do Not Track” (“DNT”) signal. A DNT signal is a HTTP header field indicating your preference for tracking your activities on the Website or through cross-site user tracking. Our Website does not respond to DNT signals.
Your California Privacy Rights
If you are a California resident, California Civil Code Section 1798.83 permits you to request in writing a list of the categories of personal information relating third parties to which we have disclosed certain categories of personal information during the preceding year for the third parties’ direct marketing purposes. To make such a request, please contact us at: email@example.com.
Accessing Your Personal Information
At any time, you may contact us at: firstname.lastname@example.org and request to access the identifiable information that we keep about you. We will make good-faith efforts to locate the data that you request to access.
If you find that the information that we keep about you is not accurate, complete or updated, then please provide us the necessary information to correct it.
Under your right of access, you may obtain confirmation from us of whether we are processing personal data related to you, receive a copy of that data, so that you could verify its accuracy and the lawfulness of its processing, request the correction, amendment or deletion of the data if it is inaccurate or processed in violation of the applicable law or the Privacy Shield Principles (as further explained below).
Response to Requests
When you ask us to exercise any of your rights under this policy and the applicable law, we may need to ask you to provide us certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of personal information related to others and to ask you questions to better understand the nature and scope of data that you request to access.
We may redact from the data which we will make available to you, any personal information related to others.
We retain different types of information for different periods, depending on the purposes for processing the information, our legitimate business purposes as well as pursuant to legal requirements under the applicable law.
We may need to keep personal information for as long as necessary to support the purposes of processing under this policy and for additional legitimate business purposes, for example, for record keeping, for cyber-security management purposes, legal proceedings and tax issues.
We may keep aggregated non-identifiable information without limitation, and to the extent reasonable we will delete or de-identify potentially identifiable information, when we no longer need to process the information.
In any case, as long as you use the Service, we will keep information about you, unless we are required by law to delete it, or if we decide to remove it at our discretion.
Transfer of data outside your territory
We may store and process information in various sites throughout the globe, including in sites operated and maintained by cloud based service providers. If you are a resident in a jurisdiction where transfer of your personal information to another jurisdiction requires your consent, then you provide us your express and unambiguous consent to such transfer.
EU-US AND SWISS-US PRIVACY SHIELD
We comply with the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from European Union and Switzerland to the United States.
We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.
Cookies are packets of information sent to your web browser and then sent back by the browser each time it accesses the server that sent the cookie.
Some cookies are removed when you close your browser session. These are the “Session Cookies”. Some last for longer periods and called “Persistent Cookies”.
We use both types. We use Persistent Cookies to remember your log-in details and make it easier for you to log-in the next time you access the Service. We may use this type of cookies and Session Cookies for additional purposes, to facilitate the use of the Service’s features and tools.
Every browser allows you to manage your cookies preferences. Please bear in mind that disabling cookies may complicate or even prevent you from using the Service.
We and our hosting services implement systems, applications and procedures to secure your personal information, to minimize the risks of theft, damage, loss of information, or unauthorized access or use of information.
These measures provide sound industry standard security. However, although we make efforts to protect your privacy, we cannot guarantee that the Service will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
We do periodical assessments of our data processing and privacy practices, to make sure that we comply with this policy, to update the policy when needed, and to verify that the policy is displayed properly and accessible. If you have any concerns about the way we process your personal information, you are welcome to contact our privacy team at: email@example.com, or write to us at:
1200 Park Place, Suite 100,
San Mateo, CA.
We will look into your query and make good-faith efforts to resolve any existing or potential dispute with you.
We committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to the EU Data Protection Authorities and the Swiss Federal Data Protection and Information Commissioner (FDPIC). We have further committed to comply with the advice given by such authorities with regard to data transferred from the EU and Switzerland. Please contact the EU Data Protection Authorities for more information and to file a complaint, at no charge. You may find the relevant contact details at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Additionally, if you are an EU data subject, you may invoke binding arbitration in certain cases, as further described in Annex I of the Privacy Shield Agreement. For further information, please visit the Privacy Shield web site at: www.privacyshield.gov, or contact our privacy team.
From time to time, we may update this policy. If the updates have minor if any consequences, they will take effect 7 days after we post a notice on the Website. Substantial changes will be effective 30 days after our notice was initially posted.
Note that if we need to adapt the policy to legal requirements, the new policy will become effective immediately or as required.
Please contact our Privacy Compliance Officer at: firstname.lastname@example.org for further information.
Last updated: October 3, 2018.