Privacy Policy

Effective: January 1, 2014

We value your privacy, and we want to help make your experience with us as satisfying and safe as possible, whether you are accessing Gigya, Inc. (“Gigya”, “we” or “us) through 1) the use of any of our Social Components or Applications and/or 2) our website available at www.gigya.com, including the internal administration system provided to our Clients, available at platform.gigya.com (the “Platform”) (together, the “Gigya Website”).

Gigya is a technology company offering a set of web-delivered tools, plugins, and services for enabling and optimizing social connectivity on third party websites and apps across the Internet and mobile (“Social Components”). Gigya also offers a legacy technology that enables the easy distribution of web content applications such as photos, videos, and other widgets to social networks and a wide variety of other Internet destinations, and directly to mobile devices (“Web Applications”). The Gigya Social Components enable online businesses (“Clients”) to (a) easily connect their websites to all of the major social platforms with Open ID and other external authentication providers (“Social Login”); (b) offer their website and mobile application visitors (“End Users”) on-site (or in-app) authentication through Social Login or through our Registration-as-a-Service product (“RaaS”), as well as social plugins (“Social Plugins”) and gamification features to enhance their on-site experience (“Gamification”); (c) analyze a website’s social, authentication, and gamification activity with helpful usage data and metrics (“Social Analytics”); and (d) outsource user data storage obtained through Social Login or RaaS (“Identity Storage”) or generic data storage as determined by Clients (“Data Store”).

We have established this Privacy Policy to explain how we collect Personal Information (as defined below) on the Gigya Website, and how we use and disclose that Personal Information. We also intend for this Privacy Policy to inform you about our privacy practices as they pertain to your use of our Social Components and Web Applications (together the “Services”). This Privacy Policy applies to all aspects of our Service, whether made available or accessed via our Gigya Website, via the websites of our Clients, via other third parties, or on mobile devices. You may be an End User of one of our Services, but not be a user of the Gigya Website, or a user of the Gigya Website, but not a user of any of our Services. This Privacy Policy also applies to Personal Information that we collect by other means, which we combine with Personal Information collected on the Gigya Website or through our Services.

“Personal Information,” as used in this Privacy Policy, is information that allows a person to directly identify an individual, such as a name or email address, and information that we combine directly with such identifying information. This Privacy Policy is incorporated into and is subject to the Gigya Terms of Service. Any capitalized terms not defined herein have the meaning set forth in the Gigya Terms of Service. By using the Gigya Website or our Services, you expressly consent to the information handling practices described in this Privacy Policy.


Quick Reference


1. How the Gigya Website Operates

In our operation of the Gigya Website, we collect, use, and retain all information, including Personal Information, that you disclose to us. Our use and disclosure of Personal Information is described in this Privacy Policy. Our disclosures of Personal Information to our partners and affiliates are described in greater detail under the “When We Disclose Personal Information” heading below. In general, the types and amount of Personal Information we collect vary depending on the activity on the Gigya Website. We endeavor to limit the collection of Personal Information to information we believe is minimally necessary to achieve our stated collection purposes.


2. How the Gigya Services Operate

In the operation of our Services, we collect, use, and retain certain Personal Information that is necessary to perform the Services for our Clients, this includes End User Personal Information. Our use and disclosure of Personal Information is described in this Privacy Policy, with disclosure being described in greater detail under the “When We Disclose Personal Information” heading below. In general, the types and amounts of Personal Information we collect through the use of our Services will vary depending on the Services implemented and the activity occurring through that Service.

To implement the Gigya Services, our Clients will utilize Gigya’s Javascript Application Programming Interface (API), Representational State Transfer (REST) API (collectively, “the Gigya API”), within their websites and mobile applications. The Gigya API may be used to implement any (or all of) the following: Social Login, Social Plugins, Gamification, RaaS, Identity Storage, and Data Store. Some Clients choose to load Gigya’s API on each page of their website, not just on those pages where a Service is directly implemented. A list of Gigya Services that you, as an End User, may be interacting with are located here: http://www.gigya.com/products/.


3. Information We Collect

A. On the Company Website

We collect two types of data about users: (1) information that you or others voluntarily submit to us (described below under “User-Supplied Information”) and (2) technical data automatically collected from all visitors to the Gigya Website (described below under “Passive Data Collection”).

B. Through the Gigya Services

We collect two types of data about End Users: (1) information that is passed through the Gigya API as a result of use of the Services (described below under “User-Supplied Information”) and (2) technical data automatically collected from all visitors to pages of a Client’s website that load the Gigya API (described below under “Passive Data Collection”).


4. User-Supplied Information

A. On the Gigya Website

We may collect user-supplied information, including, but not limited to, the following scenarios:

  • If you choose to register on the Gigya Website, for example, in order to request a trial, you may be asked to provide information such as first and last name, email address, telephone number, and the company you are with (including your position). We will also ask you to select a password for your account.
  • If you are a Client and have not previously registered on the Gigya Website and you create an account, or an account is created for you, on the Gigya Platform to manage your Services, you will be asked to provide information such as name and email address. We will also ask you to select a password for your account on the Gigya Platform.
  • When you choose to provide us with your Personal Information via the Gigya Website in any other manner, including when you send us an email asking a question, submit a form to receive marketing materials or email newsletters, or request any research or whitepapers, including, without, limitation, at info.gigya.com.

If you choose to provide information to us, you are giving us permission to use and store that information consistent with this Privacy Policy.

B. Through the Gigya Services

Social Login
If you, as an End User, choose to log into a Client’s website or mobile application using an account you have already established with a social networking platform (e.g., Facebook, Twitter) or an email platform (e.g., Gmail, Yahoo! Mail), you give the website (or mobile application) access to certain Personal Information stored on the given social network or email platform. Gigya, on behalf of our Clients, will collect this Personal Information through the Gigya API as well as other information that you previously provided to the social network or email platform and will pass this information back to our Client’s website or mobile application via Gigya’s API (“End User Passed Data”). This End User Passed Data may include, but not be limited to, your name, email address, postal address, and demographic information such as age and gender. Gigya’s technology facilitates the login process by wrapping the Gigya API around the API of each social network chosen by the Client. This enables the Client’s website or mobile application offering Social Login or Social Plugins to offer you the choice of logging in with more than one social network or email platform. The End User Passed Data collected by Gigya is not permanently stored by Gigya, but may be cached temporarily for performance purposes. Gigya simply facilitates the process of getting the End User Data from the social network back to the Client’s website and is acting as an agent or back-end vendor for our Clients. Gigya maintains no rights to the End User Passed Data other than utilizing the End User Passed Data to make the Services available to our Clients and End Users.

Identity Storage and Registration as a Service (RaaS)
If one of our Clients elects to utilize Gigya’s Identity Storage (database) technology in addition to Social Login, then Gigya will also store the End User Personal Information collected on the Client’s behalf (“Identity Storage Stored Data”). Gigya Clients may also elect to use RaaS to handle traditional (non-Social) login, registration, and profile management in addition to (or separate from) our Social Login Service. As an End User on one of our Client’s websites utilizing RaaS, you may provide certain Personal Information, including, but not limited to first name, last name, and email, via the standard site registration forms. Once you click to complete the registration process, that information is then stored in Gigya’s Identity Storage database (“RaaS Stored Data”).

Additionally, certain End User Personal Information is automatically stored or cached on our servers outside of the use of the Identity Storage Service, such as through Social Plugins or Gamification (“Auto Stored Data”). Identity Storage Stored Data, RaaS Stored Data and Auto Stored Data are collectively referred to as the “End User Stored Data.” Gigya maintains no rights to use this End User Stored Data, other than utilizing the End User Stored Data to make the Services available to our Clients and End Users. Gigya acts as an agent or back-end vendor of the Client’s website or mobile application, to which the End User of our Client granted the permissions (if applicable), and Gigya is storing the End User Stored Data on the Client’s behalf. All of the End User Stored Data is encrypted both at rest in the database, as well as in transit to and from the social networks and the Client’s website or mobile application.

Data Store
If one of our Clients elects to utilize Gigya’s Data Store in addition to any other Social Components (or as a stand alone Service), then Gigya may store additional information, which may include Personal Information, on the Client’s behalf (“Data Store Information”). This Data Store Information may also include Personal Information that is not provided or collected through the Gigya Services. Gigya maintains no rights to use this Data Store Information, , other than utilizing this Data Store Information to make the Services available to our Clients and End Users. Gigya acts as an agent or back-end vendor of the Client’s and Gigya is storing the Data Store Information on the Client’s behalf.

Sharing via Email
Gigya’s Social Components may enable you to send emails to your friends. If you provide your email address, we will store that email address so that you do not need to re-enter it upon future use of this functionality.

Posting Comments, Chats, Reactions, Shares, and Ratings & Reviews via Gigya
The Service may enable you to vote, take polls, post comments, chats, ratings & reviews, reactions (such as “Amazing”, “LOL”, etc) and other user-generated content on Client’s websites or mobile applications through our API. The text and value (for ratings) of these submissions are collected and stored on behalf of our Clients for Comments and Ratings & Reviews. We also collect and store the content of Chats on behalf of our Clients for a limited time. These submissions are associated with the identity you used to authenticate with the given Social Plugin, and your name and profile picture will be displayed alongside your Chats, Comments, and Reviews on the Client’s website or mobile application. You may also opt-in to post this content to your connected social networks.

Activity Feed
The Service may enable you to view a near-realtime feed of activity happening on a Client’s website or mobile application. The specific actions displayed in the Activity Feed are determined by the Client and can include such social actions as your sharing and commenting as well as non-social actions such as video views or purchases. We collect and store a record of these actions on behalf of our Clients when requested to do so for the purpose of displaying the Activity Feed. Your name and profile picture may be displayed alongside your actions as listed in the Activity Feed.

Participating in Gamification
The Service may enable you to earn points and rewards for taking specified actions on our Client’s websites. We collect and store this content on behalf of our Clients. This may include the display of information such as your name, profile picture, points, and badges, both to you directly and publicly to others on the Client’s website or applications.

While Gigya takes precautions to ensure the confidentiality of the Personal Information you submit to us via the Gigya Website and/or Services, please note that any information posted to publicly facing sections of the Gigya Website or Services or a Client’s website or a social network will be publicly available. For example, if you are using the social community networking features of our Service, the information you post there (e.g., your opinion about your favorite sports team) will be viewable by others. Any information you choose to provide in a comment or a submission should reflect how much you want others to know about you. We recommend that you guard your anonymity and we encourage everyone to think carefully about what information about themselves they disclose via this or any other public forum. For more information about your choices on privacy settings available on the Gigya Website or Services, please see the “Your Choices” heading below.

Please note that any information collected by the Services, including those mentioned above, is subject to that particular Client’s privacy policy, and that Gigya is merely facilitating the collection, transfer, and storage of the Personal Information in accordance with that privacy policy. You should read and be aware of the terms of service, privacy policy, and privacy practices of the website of any Client utilizing our Services. The specific data fields requested, via RaaS, Social Login or Social Plugins, are also determined by the Client, not Gigya.


5. How We Use Personal Information

A. On the Gigya Website

We use Personal Information to establish and enhance our relationship with you. We may use Personal Information to operate, provide, improve, and maintain the Gigya Website and Services, and to develop new products and services; to prevent abusive and fraudulent use of the Gigya Website and Services; to personalize and display content on the Gigya Website; to send you information about products and services (including our products and services and those of third parties) in which we believe you may be interested; and for other administrative and internal business purposes.

We may use your e-mail address, including any email address provided at info.gigya.com or through the Gigya Website as set forth in the “Communications and Unsolicited Marketing Communications” section. We do not sell Personal Information transmitted to us through the Gigya Website.

B. Through Gigya Services

We maintain no rights to use any End User Personal Information transmitted to us on behalf of our Clients through the Gigya Services or received from the social networks, except to make the Services available to the Client and/or End User. We do not sell any End User Personal Information transmitted to us through the Services or received from the social networks. All Personal Information captured by our Client’s websites or mobile applications is subject to the privacy policies of those websites. You should read and be aware of the terms of service, privacy policy, and privacy practices of the website of any Client utilizing our Services.


6. When We Disclose Personal Information

We do not sell or rent email addresses and other Personal Information collected through the Gigya Website or transmitted or collected via our Services. We do not share Personal Information with third parties except in the limited circumstances described in this Privacy Policy. Please be aware, however, that any information that you voluntarily choose to display on any publicly available portion of the Gigya Website, or on any Service becomes publicly available and may be collected and used by us or others without restriction.

Gigya Service Providers
We may provide Personal Information to third parties for their use in performing internal business functions (e.g., maintenance, security, data analysis, email transmission, CRM, database management services, credit card payment processing or data hosting) on our behalf. We require such third parties to agree to only use your Personal Information in accordance with this Privacy Policy and for no other purpose than to provide us with necessary services.

Gigya Affiliates
We may share some or all of your Personal Information with our affiliates (including a parent company, subsidiaries, joint venture partners or other companies that we control or that are under common control with us), in which case we will seek to require those affiliates to honor this Privacy Policy.

Clients
Gigya discloses certain End User Personal Information to Clients at the direction of the Client. Gigya is acting as an agent or back-end vendor of our Clients and maintains no rights to the End User Personal Information, except to make the Services available to the Client and the End User. If any End User Personal Information is accessed by a Client through the Gigya Platform, the Client accesses such End User Personal Information through a system of complex passwords and the access is protected with various rules and permissions. End User Stored Data is encrypted both at rest in Gigya’s database, as well as in transit to and from the social networks and to our Clients’ websites.

The types of End User Personal Information disclosed, include, but are not limited to the following:

Please note that the End User Personal Information, including, End User Passed Data, End User Stored Data, Data Store Information, and any other information transmitted or collected by the Services, is subject to the Client’s privacy policy, and that Gigya is merely facilitating the collection, transfer, and storage (if applicable) of the data for the Gigya Client. As the End User, you should read and be aware of the terms of service, privacy policy, and privacy practices of the website of any Client utilizing our Services.

Legal Requirements
We may disclose Personal Information if we have a good-faith belief that doing so is required by a subpoena or other judicial or administrative order or otherwise required by law. Additionally, we may disclose Personal Information where we, in good faith, deem it appropriate or necessary to prevent violation of the Gigya Terms of Service, or our other agreements; take precautions against liability; protect the rights, property, or safety of Gigya, any individual, or the general public; maintain and protect the security and integrity of our services or infrastructure; protect ourselves and our services from fraudulent, abusive, or unlawful uses; investigate and defend ourselves against third-party claims or allegations; or assist government enforcement agencies.


7. Passive Data Collection

Like most web-based services, we may automatically receive and record information on our server logs from your browser when you use the Gigya Website and Services. We may use a variety of methods, including clear GIFs (also known as “web beacons”) and “cookies”, to collect this information. We use both session and persistent cookies. The information that we may collect with these automated methods may include, for example, your IP address, cookie information, a unique device or user ID, browser type, system type, the content and pages that you access on the Gigya Website or Services, the frequency and duration of your visits to the Gigya Website or Services, and the “referring URL” (i.e., the page from which you navigated to the Gigya Website). We may also use cookies on the Gigya Website and Services to store session validators on your hard drive. If we directly combine any information gathered through passive means with Personal Information, we treat the combined information as Personal Information under this Privacy Policy. Otherwise, we use information collected by passive means in aggregated forms.

This section provides more information about some of those technologies and how they work.

  • Cookies. A cookie is a string of information that a website stores on a visitor’s computer, and that the visitor’s browser provides to the website each time the visitor returns. Most major websites use cookies. Because the browser provides this cookie information to the website at each visit, cookies serve as a sort of label that allows a website to “recognize” a browser when it returns to the website. Cookies store information about your activities on a website or other platform. For example, cookies can store your session information for easy sign-in to a website or other platform you have previously visited. They enable us to make your use of the Gigya Website and Services more enjoyable and to improve the functionality of the Service.
    • You can configure your Internet browser, by changing its options, to stop accepting cookies completely or to prompt you before accepting a cookie from the website you visit. If you do not accept cookies, however, you may not be able to use all portions of the Gigya Website or all functionality of the Services.
  • Clear GIFs. Clear GIFs (also known as web beacons) are used in combination with cookies to help website operators understand how visitors interact with their websites. A clear GIF is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a website. The use of a clear GIF allows the website to measure the actions of the visitor opening the page that contains the clear GIF. It makes it easier to follow and record the activities of a recognized browser, such as the path of pages visited at a website. Clear GIFs, which can be embedded in web pages, videos, or emails, can allow a web server to read certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the Clear GIF, the IP address of your computer, and the URL of the web page from which the Clear GIF was viewed.

For more information about cookies and web beacons, please visit http://www.allaboutcookies.org/cookies/.

  • Other local storage. We, along with our partners and vendors, use other kinds of local storage, such as Local Shared Objects, also referred to as “Flash cookies”, and HTML5 Local Storage (including IE local storage), also referred to as “browser cookies”.
    • These technologies are similar to the cookies discussed above in that they are stored on your computer and can be used to store certain information about your activities and preferences. However, these objects are stored in different parts of your computer from ordinary browser cookies.
    • We use Local Shares Objects in connection with the Services, including, but not limited to, in our legacy Web Application product, Wildfire, and also in communicating between pages or frames loaded from our domain and pages or frames loaded from our Client’s domain in browsers that do not support HTML5 for cross domain communication (for example, IE).
    • We are using HTML5 Local Storage to improve the Service performance and End User experience by caching certain data objects locally so they don’t have to always be fetched from the server. We also store certain End User states required for delivering the Service, and use HTML5 Local Storage to store identifiers and access tokens in browsers that do not allow setting 3rd party cookies (for example, Safari).
      • For information about disabling or deleting information contained in Local Shared Objects, please click here.
      • For information about disabling or deleting information contained in HTML5 Local Storage, please refer to your browser’s user manual or please visit http://www.allaboutcookies.org/cookies/.
      • Please note that disabling these technologies may interfere with the performance and features of the Services.

8. How We Use Passively-Collected Data

A. On the Gigya Website

On the Gigya Website, we may use passively-collected data to: (a) remember your information so that you will not have to re-enter it during your visit or the next time you visit the Gigya Website; (b) monitor your participation in various sections of the Gigya Website; (c) customize our service to you, including by providing you with recommendations; (c) monitor aggregate website usage metrics such as total number of visitors and pages viewed; and (d) administer, operate, and improve the Gigya Website and our other services and systems, and to provide services and content that are tailored to you.

B. Through the Gigya Services

Our Clients, in implementing Gigya’s Services, utilize the Gigya API within their own websites. When you use the Service, our servers passively collect data through the implementation of the Gigya API including, but not limited to, your IP address, page views, browser type, interactions with Gigya’s Services, the web page you are currently visiting and the web page you were visiting before you came to the Service, and social actions such as sharing and commenting. This information is used to facilitate delivery of the Service and, in some cases, for internal reports. Additionally, some of the information collected is used in the Client Reports. The Client Reports may contain both passively-collected information and End User Personal Information.

Certain passively-collected information collected by Gigya is also made available directly to the Client (“Gigya Events”). The Client then has the ability to manually pass the Gigya Events to third party analytics tools, like Google Analytics and Omniture Site Catalyst, for additional reporting, or at the Client’s election, to use technology provided by Gigya to automatically send the Gigya Events to these third party analytics tools. If a Client elects to use Gigya’s technology, then Gigya, as a service provider, sends such Gigya Events from websites owned by our Clients to their own third party analytics accounts. We do this only at the request and direction of the Client.

Please note that, as End Users utilizing Gigya’s Service on a Client’s website, that Client may also passively collect data subject to that website’s particular Privacy Policy, including, without limitation, non-Gigya actions such as purchases and videos watched. You should read and be aware of the terms of service, privacy policy, and privacy practices of the website of any Client utilizing our Services.


9. Information Received From Third Party Sources

We may also obtain information, including Personal Information, from third party sources. This may include aggregated anonymous information or certain Personal Information that may be provided to us, including, but not limited to, through third party surveys conducted on our behalf, companies that publish and disseminate press releases on our behalf, social networks providing information about our fans and followers on their platform, and analytics from companies that perform email marketing on our behalf. If we receive Personal Information from third parties we will handle it in accordance with this Privacy Policy. If we directly combine information from other third parties with Personal Information that we collect on the Gigya Websites or Services, we will treat the combined information as “Personal Information” and handle it in accordance with this Privacy Policy. Additionally, we may use any aggregated anonymous information received by third parties as set forth below under the heading “Aggregate Information and Non-Identifying Information”.


10. Aggregate Information and Non-Identifying Information.

We may share aggregated information with Clients, prospective Clients, partners or the press in order to demonstrate usage of the Service, spot industry and advertising trends, and to generate publicity for the Service. Any aggregated information shared in these contexts will not contain Personal Information.


11. Change of Ownership

In the event of a change in ownership, or a merger with, acquisition by, or transfer or sale of all or a portion of our assets to, another entity, we reserve the right to transfer all of your Personal Information, including email addresses, to that entity. We will use reasonable efforts to notify registered users of any such transfer to an unaffiliated third party (by a posting on our homepage, or by email to your email address that you provided to us, as chosen by us in our discretion).


12. Security

The security of your information is important to us, including, but not limited to, the Personal Information collected via the Gigya Website and Service. We use reasonable security measures to protect against the loss, misuse, and alteration of Personal Information under our control, both during the transmission and once we receive it. This includes, but is not limited to, the use of firewalls and encryption. Although we make good faith efforts to maintain the security of such Personal Information, no method of transmission over the Internet or method of electronic storage, is 100% secure and we cannot guarantee that it will remain free from unauthorized access, use, disclosure, or alteration. Further, while we work hard to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent “hackers” or other unauthorized persons from illegally accessing or obtaining this information.

If we learn of a security breach, we may attempt to notify you electronically so that you can take appropriate protective steps. By using the Gigya Website or providing Personal Information to us, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Gigya Website. If a security systems breach occurs, we may post a notice on our homepage (www.giyga.com) or elsewhere on the Gigya Website and may send email to you at the email address you have provided to us. Depending on where you live, you may have a legal right to receive notice of a security breach in writing. This notice paragraph applies to users of the Gigya Website and our Clients who utilize our Services on their third party websites only. Should there be a breach that affects End Users of Clients, the Client will be responsible for disseminating notice of such a breach to those End Users.


13. Children

A. On the Gigya Website

The Children’s Online Privacy Protection Act (“COPPA”) protects the online privacy of children under 13 years of age. Gigya’s Website is not directed toward individuals under the age of thirteen (13), and we request that such individuals do not provide personally identifying information through our websites. Additionally, we do not knowingly collect or maintain Personal Information from anyone under the age of 13, unless or except as permitted by law. If we learn that Personal Information has been collected from a user under 13 years of age on or through the Gigya Website, then we will take the appropriate steps to cause this information to be deleted. If you are the parent or legal guardian of a child under 13 who has registered on the Gigya Website or you believe has otherwise provided Personal Information to Gigya, please contact Gigya at privacy [at] gigya [dot] com to have that child’s account terminated and information deleted.

B. Through the Gigya Services

Gigya’s Clients are responsible for ensuring that they are in compliance with COPPA, Gigya is merely acting at the direction of our Clients and as an agent of our Clients. For Clients using Gigya’s RaaS product, we provide our Clients with the ability to implement features to restrict the collection of information from users under the age of 13. If we learn that Personal Information has been collected from a user under 13 years of age through the Gigya Services without parental consent as required by COPPA and is stored on Gigya servers, then we will take the appropriate steps to cause this information to be deleted.


14. Your Choices

A. On the Gigya Website

You may, at any time, update, correct, or delete certain Personal Information that you have provided to us by contacting us at privacy [at] gigya [dot] com or at the address set forth below in the “Contacting Us” section. Additionally, anyone with a registered account on the Gigya Website may, at any time, review, update or correct the Personal Information in their registration profile by logging into their account, clicking on dropdown next to their name in the upper right-hand corner, and clicking to the Account section.

Please be aware that even if you update or remove Personal Information that you have provided to us, your Personal Information may be retained in our backup files and archives for a reasonable period of time for legal purposes.

B. Through the Gigya Services

If you are an End User registered on a Client’s website using Gigya’s technology to power its Social Components and you want to edit or delete any information captured about you on that Client’s website, you should contact the website owner directly. We have provided tools for our Clients using Gigya’s Identity Storage to allow the Client to implement a profile screen on their website that gives End Users the option to edit, delete, and download their information. It is up to each individual Client to utilize these tools. Through our Social Compliance™ service, used in connection with Gigya’s Identity Storage, Gigya will delete any non-public Facebook profile information if a user revokes permissions from the Client’s application to which those permissions were previously granted.

If you are an End User registered on a Client’s website using the Gamification component specifically, you have additional privacy settings you may access directly, in the event you do not want your profile and ranking to be displayed to other users on the website via the Leaderboard plugin. These settings are available in the “User Status” Social Plugin.

If you would like to opt out of having your image or name displayed publicly to other users of a Client’s website, you should contact that website’s owner directly.


15. Communications and Unsolicited Marketing Communications

If you registered on our Gigya Website, or otherwise opted in to receive communications from us, including through info.gigya.com, we may send you administrative messages and updates regarding your account, updates regarding the Gigya Website or Services, and information regarding offer, products and services of us and third parties, including, without, limitation, through social media updates, by email and postal mail. You may indicate your preferences regarding commercial email messages by taking the steps described in such messages. Also, you may indicate your preferences regarding commercial email messages and postal mail messages by contacting us using the information in the “Contacting Us” section below.


16. International Users

A. On the Gigya Website

The Gigya Website is hosted in the United States. If you use the Gigya Website from the European Union, or any other region with laws governing data collection and use that may differ from United States law, please note that you are transferring your personal data outside of those jurisdictions to the United States. The United States does not have the same data protection laws as the European Union and other regions. By providing Personal Information under this Privacy Policy, you consent to the use of Personal Information in accordance with this Privacy Policy and the transfer of your Personal Information to the United States.

B. Through the Gigya Services

The Gigya Platform is hosted in the United States. In addition, Gigya offers a European Union-based Data Center for EU-based customers subject to such restrictions as indicated above (“EU Data Center”). The EU Data Center will house the Identity Storage and Data Store for Client’s that elect this option. The Gigya Platform will make calls to the EU Data Center. If you are an End User of a Client utilizing the Gigya technology, be sure to check that website’s Privacy Policy in order to confirm whether the EU Data Center is being utilized.


17. EU and Swiss Safe Harbor

Gigya is a participant in the Safe Harbor program developed by the U.S. Department of Commerce and (1) the European Union and (2) Switzerland, respectively. We have certified that we adhere to the Safe Harbor Privacy Principles agreed upon by the U.S. and (1) the E.U. and (2) Switzerland, respectively. For more information about the Safe Harbor and to view our certification, visit the U.S. Department of Commerce’s Safe Harbor Web site. For more information about Gigya’s participation in the Safe Harbor program, please visit our Safe Harbor details page. If you have any questions about our Safe Harbor participation, please contact: privacy [at] gigya-inc [dot] com.


18. Third-Party Services

The Gigya Website and Services may contain links to websites and services provided by third parties. Any Personal Information you provide on third-party websites or services is provided directly to that third party and is subject to that third party’s policies governing privacy and security. If you choose to visit an advertiser by “clicking on” a banner ad or other type of advertisement, or click on another third party link, you will be directed to that third party’s website. The fact that we link to a website or present a banner ad or other type of advertisement is not an endorsement, authorization or representation that we are affiliated with that third party, nor is it an endorsement of their privacy or information security policies or practices. These other websites may place their own cookies or other files on your computer, collect data or solicit Personal Information from you. We are not responsible for the content or privacy and security practices and policies of third-party websites or services. We encourage you to learn about third parties’ privacy and security policies before providing them with Personal Information.

In addition, we use Google Analytics to analyze our users’ use of the Gigya Website. Google Analytics is currently on www.gigya.com and not on the Gigya Platform. Google Analytics provides us with aggregated data in order to help us make informed business decisions. We have indicated to Google that information collected through our use of Google Analytics on the Gigya Website should not be shared with third parties, even in an anonymous, aggregated fashion. Ultimately, Google, as a third party, controls information collected through Google Analytics and you should check and be comfortable with its privacy practices prior to using the Gigya Website. You may review information about Google’s privacy practices with respect to Google Analytics at http://www.google.com/analytics/learn/privacy.html.


19. California Privacy Rights

Under California law, California residents are entitled to ask us for a notice describing what categories of Personal Information we share with third parties for their direct marketing purposes. The notice will identify the categories of Personal Information shared with third parties, as well as the name and address of the third parties that receive such Personal Information. If you want a copy of this notice, please submit a written request to the following address:

    Gigya
    Attn: gigya.com Privacy
    2513 E. Charleston Rd
    Suite #200
    Mountain View, CA 94043

Gigya does not share Personal Information with third parties for their direct marketing purposes.
California residents are also advised that Gigya (and certain third parties authorized by Gigya) tracks users’ behavior on the Gigya Website and through the Gigya Services for the purposes described in “How We Use Passively-Collected Data” above. As of the effective date of this Privacy Policy, the Gigya Website does not respond to “do not track” signals from the web browsers of Gigya Website users, although users of the Gigya Website have the ability to update, correct or delete certain Personal Information provided to us as described above under “Your Choices.” End Users of a Client website should refer to such website’s privacy policy for information regarding the collection of information about an End User’s online activities and how such website responds to “do not track” signals. For more information on “do not track,” please visit www.allaboutdnt.org.


20. Changes and Updates to This Privacy Policy

We may occasionally update this Privacy Policy. If we do, we will update the “effective date” at the top of the Privacy Policy. If we make an update to this Privacy Policy that is materially less restrictive in our use or disclosure of Personal Information that we collected prior to the update, we will provide you with prior notice of the pending update and seek your consent by posting notice on the Gigya Website or by contacting you using the email address you provided. We encourage you to periodically review this Privacy Policy to stay informed about our collection, use, and disclosure of Personal Information on the Gigya Website and Services. Your continued use of the Gigya Website constitutes your agreement to this Privacy Policy and any updates.


21. Contacting Us

If you have questions about this Privacy Policy, you may contact us at [privacy [at] gigya [dot] com]. You may also write to us at:
Gigya
Attn: gigya.com Privacy
2513 E. Charleston Rd
Suite #200
Mountain View, CA 94043