Privacy Policy

This Privacy Policy applies to personal data. We consider that “personal data” means any information which allows us to identify you directly or indirectly, including “cookies” and other electronic data. Some information may not be personal on its own, but may become personal data if associated with or if the sum of the information allows us to identify you.

A “cookie” is an information that a website puts on your computer’s hard disk so that the website can remember something about you at a later time. In this Privacy Policy, when we refer to “cookies” we include other technologies with similar purposes, such as pixels, tags, beacons. If you are looking for more information on cookies, you can refer to websites such as http://www.cookiecentral.com/ and https://www.allaboutcookies.org/.

This Privacy Policy is for transparency purposes and some of the data that we identify in this Privacy Policy as personal data may not be protected as personal data under applicable laws. 

If you click through to links to third parties’ websites, applications, or services from our Services, this Privacy Policy does not apply to the processing of personal data by such external services. It is always a good idea to read their privacy policies to understand what they do with your personal data! 

For example, if you see an offer from GoLoot while navigating a website or using an application, the website or application operator may also collect personal data about you. When you redeem an offer, you shall be redirected to the e-commerce website of the Client offering the product or promotional offer. We do not control the data collection and other privacy practices of these third parties, and if you have any questions about how they process your personal data, you should read their own privacy policy and contact them directly.   

We collect personal data to offer our Services, and to perform analytics. Below is a table containing the categories of personal data that we collect, along with the purpose for collection.
‍

We use cookies for our Services to function as intended, to analyze our performance and to ensure that our Services are secure. Cookies are also useful to identify bugs and errors. We use both first-party and third-party cookies installed by partners on our Website. 

We collect essential and analytics cookies. These are installed by us and third parties. We collect cookies that classify in each of these categories:
‍
Essential Cookies
Essential cookies are necessary to operate the core functions of our Services. These include login cookies, session ID cookies, language cookies as well as security cookies. We are not required to obtain your consent for these cookies.
‍
Analytics Cookies
Analytics cookies are used to generate aggregated statistical data about traffic and behaviour of Users when using our Services. For instance, we can determine how much time Users spend on a page, and how successful our advertising is. For instance, the cookie named “_ga” is used by Google Analytics to gather data about your behaviour on our Services.

Yes, Goloot uses Google Analytics on our Website and within our Platform to view key metrics such as how many visitors view the website, peak hours of traffic, and other information relating to the Website’s performance. Google Analytics is Google’s analytical tool that helps us to understand how users engage with our Services.

For more information on Google Analytics, including how to opt out from certain data collection, please visit  https://tools.google.com/dlpage/gaoptout?hl=en.

As Goloot is a digital advertising solution, we conduct online and in-app tracking in order to present you with relevant offers on behalf of our clients. Targeting means that the ads that you are being served are personalized based on your behaviour when you interact with our advertisements displayed through our Platform on our publisher clients’ website, application and/or newsletters. This is enabled through the creation of user ID by Goloot on behalf of a website or application operator (publishers) in accordance to their own privacy policy and to your opt-in thereto. Goloot processes electronic data such as the email address, IP address, user geolocation data  and user interaction metrics related to the offers you have previously claimed and our publisher clients’ website (content view, scrolls, etc.). In other words, we are able to associate your online interests and usage data to your identity through your email address, and we may send this information to our advertiser clients when you claim their offer subject to your opt-in consent which our publishers clients are responsible for requesting when you interact with offers made through our Platform. 

However, applicable laws may require that those tracking functions be deactivated by default to the extent they enable us to conduct profiling, to identify you and/or to know your location.

‍Yes, we do share your personal data with third parties for a number of reasons including to (1) to provide our Services (2) to process payments, (3) to analyze our advertising campaigns’ performance (4) to market our Services, (5) as required by the law. We can also share your personal data  in the context of a merger and acquisition, as part of bankruptcy procedures or for other corporate requirements.

Just to be clear, we are not data brokers, and we do not sell your personal data to third parties.

In the table below, we provide more information on the third parties we share your personal data with.

We use Google Cloud to store your personal data in the United States. Our service providers may process your personal data internationally, including in the United States, depending on where they are located. Some countries, including the United States, may not offer the same level of protection offered in your country with respect to personal data, and may notably enable some governmental authorities to gain access to such data.

We retain personal data for as long as necessary to provide you with the Services, to perform our marketing campaigns effectively or as required by applicable laws, whichever is longer. We use both persistent and session Cookies. Session cookies are deleted once you close your browser, whereas persistent cookies remain active on your device for some time. For instance, Google Analytics cookies remain installed on your device for 2 years. This allows Google Analytics to track you for analytic purposes, as well as for marketing purposes, and to provide us with aggregated data on your behaviour.

We use physical, electronic, and administrative measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. We store all information you provide to us behind firewalls on our secure servers that are located in the United States.

We use secure providers in order to develop and host our services. Our cloud provider is certified ISO 27001 and ISO 27701 compliant, and implements multiple layers of security to protect stored data. We also use Firebase for our product development, which is compliant with ISO 27001 and has completed SOC 1, SOC 2 and SOC 3 evaluation. Our payment processor is certified PCI DSS Level 1. However, securing your personal data takes teamwork. You also need to do your part, such as by keeping your credentials confidential and using secure networks.

You can manage your cookie preferences through your browser. However, if you turn all cookies off, you may not have access to the same functionalities as other users.Click on your browser for more information:
‍Google Chrome
‍You can also browse on Incognito Mode while using Chrome.
‍Firefox
‍Safari
‍Microsoft Edge
‍Opera

The law provides you with some rights over your personal data. Your rights vary depending on the laws that apply to your situation, and the specific circumstances of the request. In most locations, you have the right to access and correct your personal data where it is inaccurate or has been processed in violation of this Privacy Policy. Goloot acknowledges the right of individuals to access and request rectification to their personal data. Upon request to privacy@goloot.io, we will provide you with confirmation as to whether we are processing your personal data, and have the data communicated to you within a reasonable time. Your rights differ depending on where you are located in the world.
‍
If you want to exercise one of these rights and the situation allows for such exercise, you can contact us at privacy@goloot.io. We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or for us to send a copy of your personal data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request.

For security reasons and to avoid fraudulent requests, we may be required to ask that you provide a proof of identity with your request. We will not use such personal data  for any other purposes.

We will respond to your request within thirty (30) days, unless agreed otherwise. If we need more time because of special circumstances, such as in the case of a complex request, we will notify you in writing of such delay as soon as possible. If your request is denied, we will notify you in writing, and provide you with detailed motives and information on how to contest our decision.

In addition, you may have the right to withdraw your consent to our processing of your personal data, to the extent that such processing is based on your consent. Please contact us to do so. However, note that some functionalities of our Services may be limited or disabled as a result of your consent withdrawal. 

The Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal data  when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:

Telephone
9:00 am to 4:00 pm EST
Toll-free: 1-800-282-1376
‍
Mailing address
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec
K1A 1H3
‍
If you have any issue with how we process your personal data, or how we responded to your request, please let us know. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.
‍
If you want to exercise one of these rights and the situation allows for such exercise, you can contact us at privacy@goloot.io. We will try to help you with your request free of charge. However, we may request that you pay a reasonable fee if you request a transcript, or a reproduction or for us to send a copy of your personal data, if the law allows us to do so. If we need to charge a fee to process your application, we will contact you before addressing your request.

For security reasons and to avoid fraudulent requests, we may be required to ask that you provide a proof of identity with your request. We will not use such personal data  for any other purposes.

We will respond to your request within thirty (30) days, unless agreed otherwise. If your request is denied, we will notify you in writing, and provide you with detailed motives and information on how to contest our decision.

The Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal data when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:

Telephone
9:00 am to 4:00 pm EST
Toll-free: 1-800-282-1376

Mailing address
Office of the Privacy Commissioner
30 Victoria Street
Gatineau, Québec
K1A 1H3


If you have any issue with how we process your personal data, or how we responded to your request, please let us know. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.
‍
If you are still not satisfied, you can lodge a complaint to the Office of the Privacy Commissioner of Canada using this online form, or to your local privacy regulators, or if you are in Quebec, you can lodge a complaint with the Commission d’accès à l’information. 

We restrict the use of our Services to individuals age 14 and above. We do not knowingly collect or retain Information from our Services from children under the age of 14. If we learn we have collected or received personal information from a child under 14 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 14, please contact us at privacy@goloot.io.

We may change this Privacy Policy from time to time. When material changes are made to this Privacy Policy, Customers will be notified through the contact email given to us at least two weeks prior to modification taking effect. Questions about the new Privacy Policy should be addressed to privacy@goloot.io.