Privacy Shield

Gong.io, Inc. (“Gong.io US”, “us“, “we” or “our”) has self-certified with the EU-US and Swiss-US Privacy Shield Frameworks with respect to the personal data of any individuals residing in the EU and Switzerland that we receive or process, including on behalf of any of our affiliated companies worldwide (collectively, “Gong.io Group”). To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov. Our Privacy Shield certification is available here.

Accordingly, Gong.io US adheres to the principles of the EU-US and Swiss-US Privacy Shield Frameworks, as set forth by the US Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union and Switzerland to the United States (“Privacy Shield Principles”). If there is any conflict between this Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

1. Scope

Our participation in the Privacy Shield Frameworks applies to personal data that Gong.io US receives from and processes on behalf of our customers, business partners or any other member of the Gong.io Group, which relates to data subjects residing in the EU or Switzerland, or directly from such data subjects themselves.

In the event that the United Kingdom ceases being a Member State of the European Union, Gong.io US will continue to adhere to the Privacy Shield Principles also with respect to the collection, use and retention of personal data transferred from the United Kingdom to the United States, or with any successor framework between the United Kingdom and the United States.

Gong.io US acts as a sub-processor or processor of the personal data we process on behalf of our customers, business partners or any other member of the Gong.io Group – who are each either the processor (where we act as sub-processor) or controller (where we act as processor) with respect to such personal data we process on their behalf. 

2. Data Subject Rights

EU and Swiss data subjects, as well as UK data subjects, have the right to access personal data about them, and in some cases to limit use and disclosure of their personal data. If you would like to request access to your personal data processed by us, or to limit use and disclosure of your personal data, please contact privacy@gong.io and provide your name and contact information. If your request pertains to data processed on behalf of another member of the Gong.io Group, or on behalf of any of our customers, we will refer your request to them, and will support them as needed in responding to your request. 

3. Onward Transfers of Personal Data 

We will not transfer personal data originating in the EU, Switzerland, or the UK to third parties unless such third parties have entered into a written agreement with us requiring them to provide at least the same level of privacy protection to such personal data as required by the Privacy Shield Principles. In cases of such onward transfer, Gong.io US remains responsible and potentially liable, other than for events outside of its reasonable control.

Such third parties include selected companies and individuals that we have engaged to provide us with services complementary to our own, as further described in our Privacy Policy. These include cloud data hosting and delivery services, data and cyber security services, web analytics, content distribution and monitoring services, session or activity recording services, performance measurement, support and customer relation management systems, and our legal, financial and compliance advisors.

We may also engage in data transfers internally within the Gong.io Group, for the purposes described in our Privacy Policy. In addition, should Gong.io US or any member of the Gong.io Group undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, then personal data may be shared with the parties involved in such an event. We may also share personal data with others if we believe in good faith that this will help protect the rights, property or personal safety of Gong.io Group members, any of our customers, partners or users, or any members of the general public.

4. Compelled Disclosures

Gong.io US may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

5. Recourse Mechanism

In compliance with the Privacy Shield Principles, Gong.io US is committed to resolve complaints about our collection or use of personal data. EU, Swiss, and UK individuals with inquiries or complaints regarding our privacy practices should first contact Gong.io US at privacy@gong.io or by postal mail sent to:

Gong.io, Inc.
Attn: Eilon Reshef, CTO
814 Mission St, Floor 4
San Francisco, CA 94103, USA

Gong.io US is further committed to refer unresolved privacy complaints under the Privacy Shield Principles to JAMS, a non-profit alternative dispute resolution provider located in the United States to assist with the complaint resolution process. If you do not receive timely acknowledgment of your complaint from us, or if your complaint is not satisfactorily addressed, please visit JAMS for more information and to file a complaint. The services of JAMS are provided at no cost to you.

6. Enforcement

Gong.io US is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with the EU-US Privacy Shield outlined in this Notice. 

7. Arbitration

Under certain conditions, more fully described on the Privacy Shield website, you may also be able to invoke binding arbitration when other dispute resolution procedures have been exhausted.