latest update – april, 2021

Privacy Policy

Welcome to GoLoot! We are happy to meet you.

At GoLoot (referred to as “GoLoot”, “we”, or “us”), we understand that you want transparency about how we process your personal data. This Privacy Policy contains information about your privacy and your rights.

GoLoot distributes coupons, gift cards, promotions on behalf of our clients to mobile users as rewards for specific accomplishments and key moments during their game or app session. If the user wishes to engage with the offer presented, he or she can save, share or purchase it. By doing so, the user will be rewarded with in-app bonuses of the application or game (such as points, credits, exclusive content, virtual assets, lives, etc).

This Privacy Policy applies to your use of the GoLoot mobile rewards platform (“Platform”), the GoLoot website at  (“Website”), and to our use of social media, and the communications you may have with us from time to time (together, the “Services”).

As a participant of the Digital Advertising Alliance (“DAA”), we adhere to DAA’s interest-based advertising principles by providing you with enhanced notice, transparency and control of our digital marketing practices, as stated at

In addition, this Policy covers the use of your personal information for interest-based advertising (“IBA”) within our Platform. For more information about this topic, please go to Section 5 of this Policy.

If you have any concerns or inquiries regarding the processing of your personal data, do not hesitate to reach out to us! You can e-mail us at, or you can write to us at:  

GoLoot Inc.
2285 chemin Cambridge
Mont-Royal, Quebec
H3R 2Y4, Canada

What do we mean by personal data?
This Privacy Policy applies to personal data. We consider that “personal data” means any information which allows us to identify you directly or indirectly, including “cookies” and other electronic data. Some information may not be personal on its own, but may become personal data if associated with or if the sum of the information allows us to identify you.

A “cookie” is a piece of information that a website puts on your computer’s hard disk so that the website can remember something about you at a later time. In this Privacy Policy, when we refer to “cookies” we include other technologies with similar purposes, such as pixels, tags, beacons. If you are looking for more information on cookies, you can refer to websites such as and

This Privacy Policy is for transparency purposes and some of the data that we identify in this Privacy Policy as personal data may not be protected as personal data under applicable laws.
When does this Privacy Policy not apply?
If you click through to links to third parties’ websites, applications, or services from our Services, this Privacy Policy does not apply to the processing of personal data by such external services. It is always a good idea to read their privacy policies to understand what they do with your personal data!

For example, if you see an offer from GoLoot while playing a game or using an application, the game or application operator may also collect personal data about you. When you redeem an offer, you shall be redirected to the e-commerce website of the company offering the product. We do not control the data collection of these third parties, and if you have any questions about how they process your personal data, you should contact them directly.
What types of personal data do we collect and why?
We collect personal data to offer our Services, and to perform analytics. Below is a table containing the categories of personal data that we collect, along with the purpose for collection.

Electronic Data (Website)
When you visit our Website, we collect:
        • IP address
        • Device type
        • Location/Time zone information
        • Geolocation

This information is collected automatically through cookies on our Website to function effectively, to fix bugs, or ensure the security of our Website. For instance, we may collect data to distinguish between humans and bots on our Website.

Usage and Performance Data (Website)
We collect:
        • Time spent on the Services
        • Pages visited
        • Links clicked
        • Language preferences
        • Pages tha tled or referred you to the Services

We collect this information to understand the usage of our Services, whether there are bugs, and generally, to improve our Services. Usage data do not allow us to determine your identity and are generally provided as aggregated data or by reference to an anonymous identifier.

Identification Data
When you save, share or send yourself or someone else an offer, we collect your email if provided.

We collect your email address to allow you to send yourself or someone else the offer, but we do not use this information for other purposes.

Geolocation Data (Platform)
In order to present you with relevant offers, we collect geolocation data through our Platform:
        • Country Code
        • Province or State Name
        • Province or State Code
        • City
        • Postal Code or Zip Code
        • Location

This information is collected through “Macro tracking” by our service provider. Geolocation data allows us to show you offers that are most relevant to you.

Device Data (Platform)
Our Platform collects data about your device:  
        • IP address
        • Mobile advertising id
        • Device model

This information is collected through “Macro tracking” by our service provider in order for us to send you offers.

Communication Data
We collect:
        • Email address
        • Content of your message

If you communicate with us by email, on social media, by using the form on our Website, or by any other means, we collect the personal data that you share with us, such as your email address and the content of your communication. If you communicate with us using social media, we will have access to your publicly available information.

Marketing Data
We collect:
        • Email
        • Consent to receive emails

We collect marketing data so that we can send you newsletters and marketing communications. You can unsubscribe at any time directly within our emails or by contacting us.

Financial Information
To process payments, we collect:
        • Credit card number
        • Expiry date
        • CVV number

We require payment information to allow our payment processor Stripe to process payments. Stripe also uses your Identification Data that you provide with your Financial Information to conduct verifications to prevent fraud, money-laundering and other bad stuff! Stripe is certified PCI DSS Level 1.

Social Media Data
We collect publicly available information.

If you follow us or interact with us on social media, we may process your personal data for marketing or advertising purposes, subject to applicable laws, including those on consent.
What cookies do you use and why?
We collect essential and analytics cookies. These are installed by us and third parties. We collect cookies that classify in each of these categories:

Essential Cookies
Essential cookies are necessary to operate the core functions of our Services. These include login cookies, session ID cookies, language cookies as well as security cookies. We are not required to obtain your consent for these cookies.

Analytics Cookies
Analytics cookies are used to generate aggregated statistical data about traffic and behaviour of Users when using our Services. For instance, we can determine how much time Users spend on a page, and how successful our advertising is. For instance, the cookie named “_ga” is used by Google Analytics to gather data about your behaviour on our Services.
Do you use Google Analytics?
Yes, GoLoot uses Google Analytics on our Website and within our Platform to view key metrics such as how many visitors view the website, peak hours of traffic, and other information relating to the Website’s performance. We also use Google Analytics within our Platform to track advertisements, for targeting purposes and to collect user information such as IP address and device data. Google Analytics is Google’s analytical tool that helps us to understand how users engage with our Services. It uses a set of cookies to collect information and report site usage statistics without allowing us to identify individual visitors.

For more information on Google Analytics, including how to opt out from certain data collection, please visit
Do you conduct interest-based advertising?
As GoLoot is a mobile advertising solution, we conduct in-app tracking in order to present you with relevant offers. Retargeting means that the ads that you are being served are personalized based on your behaviour when you interact with our advertisements. This is enabled through Identifiers for advertisers, also known as IDFA on iOS, Android Advertising ID on Android or generally both referred to as Advertising ID, and requires the processing of electronic data that is considered personal data under certain laws. We only conduct interest-based advertising through our Platform, not on our Website or throughout social media. Once you exit our Platform, for example, when you redeem an offer, we do not track you outside of the Platform.

You can opt-out of this type of tracking by opting out of ad personalization on your phone’s app-privacy dashboard, however, if you opt out of tracking, then you will not be able to benefit of receiving personalized offers. In other words, you would still see advertisements, and you could still have the opportunity to share, save and buy those offers, but the offers will not be tailored to you.  

• Android: Settings > Privacy > Advanced > Ads and toggle on Opt out of Ads Personalization.
• On iOS: navigate to Settings > Privacy > Advertising and toggle on Limit Ad Tracking.
With whom do you share my personal data?

IT Service Providers
We use IT service providers to offer you the Services, such as to host the Services.
For example, we use:
        • Webflow to host our website. You can read their privacy policy here.
        • Google Cloud to store data. You can read their privacy policy here.
        • Google Firebase for product development. You can read their privacy policy here.

Bidding, Targeting, and Analytics Providers
We use marketing partners to (1) analyze our advertising campaigns’ performance; (2) manage our leads and users, and (3) provide you with marketing content.
For example, we use:
        • Kayzen’s bidding and targeting technology. You can read their privacy policy here.
        • Google Analytics and Google Tag Manager for targeting and analytics. You can read about Google’s privacy measures here.
        • We may also exchange data with attribution partners.

Financial Partners
We share personal data with financial partners to complete payments.
For example, we use Stripe to process payments.

Law Enforcement and Other Authorities
We may receive requests by authorities to access your personal data. We will validate that the request is licit before responding. When possible, we will advise you. We will only share what is strictly required.

Business Partners
We may disclose your personal information in connection with, or during negotiations of, any merger, sale of assets, financing, or acquisition of all or a portion of our business by another entity or investors. We will only share what we are required to share for these specific purposes.
Where do you store my personal data?
We use Google Cloud to store your personal data in the United States. Our service providers may process your personal data internationally, including in the United States, depending on where they are located.
For how long do you retain my personal data?
We retain personal data for as long as necessary to provide you with the Services, to perform our marketing campaigns effectively or as required by applicable laws, whichever is longer. We use both persistent and session Cookies. Session cookies are deleted once you close your browser, whereas persistent cookies remain active on your device for some time. For instance, Google Analytics cookies remain installed on your device for 2 years. This allows Google Analytics to track you for analytic purposes, as well as for marketing purposes, and to provide us with aggregated data on your behaviour.
How do you keep my personal data secure?
We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us behind firewalls on our secure servers that are located on Google Cloud in the United States.

We use secure providers in order to develop and host our services. Our cloud provider is certified ISO 27001 and ISO 27701 compliant and implements multiple layers of security to protect stored data. We also use Firebase for our product development, which is compliant with ISO 27001 and has completed SOC 1, SOC 2 and SOC 3 evaluation. Our payment processor, Stripe, is certified PCI DSS Level 1. However, securing your personal data takes teamwork. You also need to do your part, such as by keeping your credentials confidential and using secure networks.
Can I manage my cookie preferences?
You can manage your cookie preferences through your browser. However, if you turn all cookies off, you may not have access to the same functionalities as other users.

Click on your browser for more information:
        • Google Chrome
        • Firefox
        • Safari
        • Internet Explorer
        • Opera
What are my rights regarding my personal data?
The law provides you with some rights over your personal data. Your rights vary depending on the laws that apply to your situation, and the specific circumstances of the request. GoLoot acknowledges the right of individuals to access their personal data. Upon request to, we will provide you with confirmation as to whether we are processing your personal data, and have the data communicated to you within a reasonable time. Your rights differ depending on where you are located in the world.

In most locations, you have the right to correct, amend or delete your personal data where it is inaccurate or has been processed in violation of this Privacy Policy.

If you want to exercise one of these rights and the situation allows for such exercise, you can contact us at We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or for us to send a copy of your personal data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request.

For security reasons and to avoid fraudulent requests, we may be required to ask that you provide a proof of identity with your request. We will not use such personal data  for any other purposes.

We will respond to your request within thirty (30) days, unless agreed otherwise. If your request is denied, we will notify you in writing, and provide you with detailed motives and information on how to contest our decision.

The Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal data when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:

9:00 am to 4:00 pm EST
Toll-free: 1-800-282-1376

Mailing address
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec
K1A 1H3

You can also use this link:

If you have any issue with how we process your personal data, or how we responded to your request, please let us know. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.

If you are still not satisfied, you can lodge a complaint to the Office of the Privacy Commissioner of Canada using this online form, or to your local privacy regulators, or if you in Quebec, you can lodge a complaint with the Commission d’accès à l’information.
Children's privacy
We restrict the use of our Services to individuals age 13 and above. We do not knowingly collect or retain Information from our Services from children under the age of 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at
Changes to this Privacy Policy
We may change this Privacy Policy from time to time. When material changes are made to this Privacy Policy, Customers will be notified through the contact email given to us at least two weeks prior to modification taking effect. Questions about the new Privacy Policy should be addressed to

Be the first to know

Torquatos nostros quos dolores et benivole collegisti.