← Back to Home

Privacy Policy

Effective Date: 5/24/2025 | Last Updated: 5/24/2025

1. Introduction

Welcome to Gleam ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Phone numbers (for early access notifications and account verification)
  • Name and contact information (email address, mailing address if provided)
  • Profile information you provide (username, profile picture, bio)
  • Communication preferences and settings
  • Account credentials (encrypted password and authentication details)
  • Payment information (processed through secure third-party payment processors)

2.2 Usage Information

  • App usage analytics and performance data
  • Device information (device type, operating system, unique device identifiers)
  • Log files, error reports, and crash analytics
  • Location data (approximate location based on IP address, precise location only if you grant permission)
  • Network information (IP address, browser type, internet service provider)
  • Feature usage patterns and user behavior analytics

2.3 Information Collected Through Cookies and Similar Technologies

We and our third-party service providers may use cookies, web beacons, pixel tags, and other tracking technologies to collect information about your browsing activities and to distinguish you from other users of our Services. This helps us to provide you with a good experience, improve our Services, and personalize content and advertisements.

You can set your browser to refuse all or some browser cookies or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of our Services may be inaccessible or not function properly.

3. How We Use Your Information

We use the collected information for the following purposes:

  • To provide, maintain, and improve our Services
  • To process and complete transactions, and send related information including confirmations and receipts
  • To notify you about app updates, changes to our Services, and early access opportunities
  • To improve our app functionality, user experience, and content relevance
  • To provide personalized service, including recommendations and custom content
  • To analyze usage patterns and optimize performance metrics
  • To provide customer support and respond to inquiries
  • To send you marketing communications (with your consent where required by law)
  • To detect, investigate, and prevent fraudulent transactions and unauthorized access
  • To comply with legal obligations and enforce our terms of service

3.1 Legal Basis for Processing (EU/EEA Users)

If you are located in the European Economic Area (EEA), we collect and process your personal information based on one or more of the following legal grounds:

  • Performance of a Contract: To fulfill our contractual obligations to you
  • Legitimate Interests: For our legitimate interests, such as to improve our Services or for administrative purposes
  • Consent: With your consent, which you may withdraw at any time
  • Legal Obligation: To comply with applicable laws and regulations

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties for their marketing purposes. We may share your information only in the following circumstances:

  • With your explicit consent obtained prior to sharing
  • With service providers and business partners who assist in our operations, such as cloud hosting providers, analytics services, customer support platforms, and payment processors, subject to appropriate data processing agreements
  • For legal compliance, to comply with applicable laws, regulations, legal processes, or governmental requests
  • To protect our rights and interests, including to enforce our Terms of Service, protect against fraudulent or illegal activity, and defend against legal claims
  • In connection with corporate transactions, such as a merger, acquisition, sale of assets, or bankruptcy, where personal information may be transferred as a business asset
  • In aggregated or de-identified form that cannot reasonably be used to identify you

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of sensitive data both in transit and at rest
  • Regular security audits and vulnerability testing
  • Secure authentication protocols and access controls
  • Continuous monitoring for suspicious activities
  • Staff training on data protection and security best practices

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

  • The duration of your relationship with us
  • Legal obligations that require us to retain data for specific periods
  • Statute of limitations under applicable law
  • Ongoing or potential disputes or legal claims
  • Guidelines from relevant data protection authorities

When we no longer need personal information, we securely delete or anonymize it.

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Rectification: Request correction of inaccurate or incomplete information
  • Erasure: Request deletion of your personal information in certain circumstances
  • Data Portability: Request transfer of your personal data to you or a third party
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdraw Consent: Withdraw previously given consent for data processing
  • Automated Decisions: Not be subject to decisions based solely on automated processing

To exercise these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within the timeframe required by applicable law. We may need to verify your identity before processing your request.

7.1 California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
  • Right to Delete: You have the right to request the deletion of your personal information that we collect or maintain, subject to certain exceptions.
  • Right to Correct: You have the right to request correction of inaccurate personal information.
  • Right to Opt-Out: You have the right to opt-out of the sale or sharing of your personal information for cross-context behavioral advertising.
  • Right to Limit Use: You have the right to limit the use and disclosure of sensitive personal information.
  • Right to Non-Discrimination: You have the right not to be discriminated against for exercising your CCPA/CPRA rights.

To exercise your rights under the CCPA/CPRA, you may submit a verifiable consumer request by contacting us as described in the "Contact Us" section. You may submit a request twice within a 12-month period. We will respond to your request within 45 days of receipt, which may be extended by an additional 45 days when reasonably necessary, with prior notice to you.

Categories of Personal Information We Collect: Within the past 12 months, we have collected the categories of personal information described in Section 2 of this Privacy Policy. We collect this information directly from you, your device, or from third parties.

Disclosure and Sale of Personal Information: We do not sell your personal information as the term "sell" is traditionally understood. However, under the CCPA/CPRA, sharing information with certain third-party analytics and advertising partners may constitute a "sale" or "sharing" of information. You have the right to opt out of this disclosure at any time by contacting us or using the opt-out mechanisms we provide.

8. Children's Privacy

Our Services are not intended for children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children under these ages. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

If you believe we might have any information from or about a child under the applicable minimum age, please contact us using the information provided below.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers are located and our central database is operated. These countries may have data protection laws that are different from the laws of your country.

When we transfer your information to other countries, we implement appropriate safeguards in accordance with applicable law to ensure your data remains protected. These safeguards may include data protection agreements, standard contractual clauses approved by the European Commission, or other legally acceptable mechanisms.

10. Third-Party Links and Services

Our Services may contain links to third-party websites, services, or applications that are not owned or controlled by us. This Privacy Policy applies only to our Services. We have no control over and assume no responsibility for the privacy practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites or services that you visit or use.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

We will obtain your consent to any material changes if and where this is required by applicable data protection laws. We will notify you of any changes by posting the new Privacy Policy on this page, updating the "Last Updated" date at the top, and, for material changes, providing notification through our Services or via email to registered users.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact our Data Protection Officer:

Gleam Labs Inc.
Attn: Data Protection Officer
Email: privacy@trygleam.app
Website: trygleam.app

We will respond to your inquiry within a reasonable timeframe and in accordance with applicable data protection laws.