latest update – February 2023

Privacy Policy

At Goloot (referred to as “Goloot”, “we”, or “us”), we understand that you want transparency about how we process your personal data. This Privacy Policy contains information about your privacy and your rights.

Goloot distributes coupons, gift cards, promotions on behalf of our clients to mobile users as rewards for specific accomplishments and key moments during their game or app session. If the user wishes to engage with the offer presented, he or she can save, share or purchase it. By doing so, the user will be rewarded with in-app bonuses of the application or game (such as points, credits, exclusive content, virtual assets, lives, etc).

This Privacy Policy applies to your use of the Goloot mobile rewards platform (“Platform”), the Goloot website at www.goloot.io  (“Website”), and to our use of social media, and the communications you may have with us from time to time (together, the “Services”).

As a participant of the Digital Advertising Alliance (“DAA”), we adhere to DAA’s interest-based advertising principles by providing you with enhanced notice, transparency and control of our digital marketing practices, as stated at https://youradchoices.com/principles.

In addition, this Policy covers the use of your personal information for interest-based advertising (“IBA”) within our Platform. For more information about this topic, please go to Section 5 of this Policy.

If you have any concerns or inquiries regarding the processing of your personal data, do not hesitate to reach out to us! You can e-mail us at privacy@goloot.io, or you can write to us at:  

Goloot Inc.
2285 chemin Cambridge
Mont-Royal, Quebec
H3R 2Y4, Canada

What do we mean by personal data?
This Privacy Policy applies to personal data. We consider that “personal data” means any information which allows us to identify you directly or indirectly, including “cookies” and other electronic data. Some information may not be personal on its own, but may become personal data if associated with or if the sum of the information allows us to identify you.

A “cookie” is an information that a website puts on your computer’s hard disk so that the website can remember something about you at a later time. In this Privacy Policy, when we refer to “cookies” we include other technologies with similar purposes, such as pixels, tags, beacons. If you are looking for more information on cookies, you can refer to websites such as http://www.cookiecentral.com/ and https://www.allaboutcookies.org/.

This Privacy Policy is for transparency purposes and some of the data that we identify in this Privacy Policy as personal data may not be protected as personal data under applicable laws. 
When does this Privacy Policy not apply?
If you click through to links to third parties’ websites, applications, or services from our Services, this Privacy Policy does not apply to the processing of personal data by such external services. It is always a good idea to read their privacy policies to understand what they do with your personal data! 

For example, if you see an offer from GoLoot while navigating a website or using an application, the website or application operator may also collect personal data about you. When you redeem an offer, you shall be redirected to the e-commerce website of the Client offering the product or promotional offer. We do not control the data collection and other privacy practices of these third parties, and if you have any questions about how they process your personal data, you should read their own privacy policy and contact them directly.   
What types of personal data do we collect and why?
We collect personal data to offer our Services, and to perform analytics. Below is a table containing the categories of personal data that we collect, along with the purpose for collection.

* Applicable laws may require that some technological functions of our Services be deactivated by default to the extent they enable us to conduct profiling, identify you and/or know your location. In such case, Goloot or its Client will request your opt-in consent to activate them. 
What cookies do you use and why?
We use cookies for our Services to function as intended, to analyze our performance and to ensure that our Services are secure. Cookies are also useful to identify bugs and errors. We use both first-party and third-party cookies installed by partners on our Website. 

We collect essential and analytics cookies. These are installed by us and third parties. We collect cookies that classify in each of these categories:

Essential Cookies
Essential cookies are necessary to operate the core functions of our Services. These include login cookies, session ID cookies, language cookies as well as security cookies. We are not required to obtain your consent for these cookies.

Analytics Cookies
Analytics cookies are used to generate aggregated statistical data about traffic and behaviour of Users when using our Services. For instance, we can determine how much time Users spend on a page, and how successful our advertising is. For instance, the cookie named “_ga” is used by Google Analytics to gather data about your behaviour on our Services.
Do you use Google Analytics?
Yes, Goloot uses Google Analytics on our Website and within our Platform to view key metrics such as how many visitors view the website, peak hours of traffic, and other information relating to the Website’s performance. Google Analytics is Google’s analytical tool that helps us to understand how users engage with our Services.

For more information on Google Analytics, including how to opt out from certain data collection, please visit  https://tools.google.com/dlpage/gaoptout?hl=en.
Do you conduct interest-based advertising on behalf of your clients?
As Goloot is a digital advertising solution, we conduct online and in-app tracking in order to present you with relevant offers on behalf of our clients. Targeting means that the ads that you are being served are personalized based on your behaviour when you interact with our advertisements displayed through our Platform on our publisher clients’ website, application and/or newsletters. This is enabled through the creation of user ID by Goloot on behalf of a website or application operator (publishers) in accordance to their own privacy policy and to your opt-in thereto. Goloot processes electronic data such as the email address, IP address, user geolocation data  and user interaction metrics related to the offers you have previously claimed and our publisher clients’ website (content view, scrolls, etc.). In other words, we are able to associate your online interests and usage data to your identity through your email address, and we may send this information to our advertiser clients when you claim their offer subject to your opt-in consent which our publishers clients are responsible for requesting when you interact with offers made through our Platform. 

However, applicable laws may require that those tracking functions be deactivated by default to the extent they enable us to conduct profiling, to identify you and/or to know your location.
Who do you share my personal data with?

‍Yes, we do share your personal data with third parties for a number of reasons including to (1) to provide our Services (2) to process payments, (3) to analyze our advertising campaigns’ performance (4) to market our Services, (5) as required by the law. We can also share your personal data  in the context of a merger and acquisition, as part of bankruptcy procedures or for other corporate requirements.

Just to be clear, we are not data brokers, and we do not sell your personal data to third parties.

In the table below, we provide more information on the third parties we share your personal data with.
Where do you store my personal data?
We use Google Cloud to store your personal data in the United States. Our service providers may process your personal data internationally, including in the United States, depending on where they are located. Some countries, including the United States, may not offer the same level of protection offered in your country with respect to personal data, and may notably enable some governmental authorities to gain access to such data.
For how long do you retain my personal data?
We retain personal data for as long as necessary to provide you with the Services, to perform our marketing campaigns effectively or as required by applicable laws, whichever is longer. We use both persistent and session Cookies. Session cookies are deleted once you close your browser, whereas persistent cookies remain active on your device for some time. For instance, Google Analytics cookies remain installed on your device for 2 years. This allows Google Analytics to track you for analytic purposes, as well as for marketing purposes, and to provide us with aggregated data on your behaviour.
How do you keep my personal data secure?
We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us behind firewalls on our secure servers that are located in the United States.

We use secure providers in order to develop and host our services. Our cloud provider is certified ISO 27001 and ISO 27701 compliant, and implements multiple layers of security to protect stored data. We also use Firebase for our product development, which is compliant with ISO 27001 and has completed SOC 1, SOC 2 and SOC 3 evaluation. Our payment processor is certified PCI DSS Level 1. However, securing your personal data takes teamwork. You also need to do your part, such as by keeping your credentials confidential and using secure networks.
Can I manage my cookie preferences?
You can manage your cookie preferences through your browser. However, if you turn all cookies off, you may not have access to the same functionalities as other users.Click on your browser for more information:
Google Chrome
You can also browse on Incognito Mode while using Chrome.
Firefox
Safari
Microsoft Edge
Opera
What are my rights regarding my personal data?
The law provides you with some rights over your personal data. Your rights vary depending on the laws that apply to your situation, and the specific circumstances of the request. In most locations, you have the right to access and correct your personal data where it is inaccurate or has been processed in violation of this Privacy Policy. Goloot acknowledges the right of individuals to access and request rectification to their personal data. Upon request to privacy@goloot.io, we will provide you with confirmation as to whether we are processing your personal data, and have the data communicated to you within a reasonable time. Your rights differ depending on where you are located in the world.If you want to exercise one of these rights and the situation allows for such exercise, you can contact us at privacy@goloot.io. We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or for us to send a copy of your personal data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request.For security reasons and to avoid fraudulent requests, we may be required to ask that you provide a proof of identity with your request. We will not use such personal data  for any other purposes.We will respond to your request within thirty (30) days, unless agreed otherwise. If we need more time because of special circumstances, such as in the case of a complex request, we will notify you in writing of such delay as soon as possible. If your request is denied, we will notify you in writing, and provide you with detailed motives and information on how to contest our decision.In addition, you may have the right to withdraw your consent to our processing of your personal data, to the extent that such processing is based on your consent. Please contact us to do so. However, note that some functionalities of our Services may be limited or disabled as a result of your consent withdrawal. The Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal data  when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:

9:00 am to 4:00 pm EST
Toll-free: 1-800-282-1376
Mailing address
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec
K1A 1H3
Children's privacy
We restrict the use of our Services to individuals age 14 and above. We do not knowingly collect or retain Information from our Services from children under the age of 14. If we learn we have collected or received personal information from a child under 14 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 14, please contact us at privacy@goloot.io.
Changes to this Privacy Policy
We may change this Privacy Policy from time to time. When material changes are made to this Privacy Policy, Customers will be notified through the contact email given to us at least two weeks prior to modification taking effect. Questions about the new Privacy Policy should be addressed to privacy@goloot.io.