Version 1.2 - Updated 8/18/2020
This Privacy Policy describes how Gremlin, Inc. ("Gremlin," "we," "our," or "us") collects and processes certain information about you when you visit any of our websites (which end in "gremlin.com"), or use our products and services (collectively our "Services"). Gremlin is committed to respecting and protecting your privacy. This Privacy Policy becomes effective on the date stated above for all users including, without limitation EU-resident users who are natural persons. Enhanced data protection rights in this Privacy Policy required by the EU General Data Protection Regulation are set forth below in the "EEA Resident Rights" section.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By accessing or using the Services, you agree to this Privacy Policy. This Privacy Policy may change from time to time (see the "Changes to Our Privacy Policy" section below). Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check our Privacy Policy periodically for updates. If we do decide to change our privacy policy, we will post those changes on this page, and update the Privacy Policy modification date above.
All customers enter into an agreement in order to access and use the Gremlin software-as-a-service offering ("Terms of Service"). The Terms of Service, located at https://www.gremlin.com/terms/, govern the submission, access to and use of any Customer Data (information submitted through the Gremlin service, including emails or names for the purpose of logging into the service and receiving service related notifications). Customer Data may include personally identifiable information. The organization (e.g., your employer) that entered into the Terms of Service (the "Customer") controls the particular instance of the Service and any associated Customer Data.
We collect information about you in the course of you using our Services. In order for us to best provide our Services to you (and to help make it feasible for us to do so), it is essential that we are able to collect and use the information as described in this Privacy Policy. This means that the data collection is necessary for fulfilling the relationship we have with you, and where that is not the case, we have a legitimate interest in collecting the information described below.
We receive, store, and may use (as described below) any information you provide to us, which may include Personal Information. As used in this Privacy Policy, "Personal Information" means any information relating to an identified or identifiable natural person, such as your name and email address. By using the Services, you authorize us to gather, retain, use, and otherwise process your information that you provide to us as further described below. Gremlin will only use, store, retain, and otherwise process your Personal Information as described in this Privacy Policy.
More specifically, when you register with our Services as a user, we will collect your name, email address, and password. We also collect Personal Information from you when you subscribe to our mailing lists (either through our website or otherwise) or respond to a survey (whether sent by us or by one of our partners that provides business related services to us (e.g. SurveyMonkey)). If you make an inquiry through our website, or contact us in any other way, we may keep a copy of your communications with us. For example, if you call us, we may record the phone call for quality and/or reference purposes (e.g. we may record phone interviews with potential candidates applying for positions at Gremlin); if we wish to record our phone call, we will notify you and obtain your permission before doing so.
We may also collect certain technical information by automatic means when you use our Services: this information is typically the information sent to us by your HTTP header and may include IP address, browser type and configurations, and operating system, the website you visited before visiting our website, and usage data resulting from your use of our website (such as hit and conversion rates). Through our software-as-a-service offering, we automatically collect and aggregate data regarding your use of the Services, such as how long an experiment is run and whether the experiment fails or succeeds. We automatically collect certain information on our Services using cookies, web beacons, locally shared objects (sometimes called "flash cookies"), mobile identifiers and similar technologies ("Cookies").
Among other things, such tracking technologies give us information that helps us improve our Services and marketing activities, and your experience. These technologies may be used in analyzing trends, administering the Services, tracking users’ movements around the Services and to gather demographic information about our user base as a whole. You can control the use of Cookies at the individual browser level, but if you choose to disable Cookies, it may limit your use of certain features or functions on our Services.
We also collect data about you though our partners that we retain to provide certain advertising and analytics services to us (such as advertising, marketing and analytics providers) ("Ad Partners"). Ad Partners may use Cookies and other technologies to collect information about your use of the Services and other websites and applications, including your IP address, web browser, pages viewed, time spent on pages or in apps, links clicked and conversion information. Again, you can control the use of Cookies at the individual browser level, but if you choose to disable Cookies, it may limit your use of certain features or functions on our Services. This information may be used by Gremlin and Gremlin service providers to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our Services and other websites and better understand your online activity. One such Ad Partner is Google Analytics. We work with Ad partners, such as Google Analytics, to provide analytics services that use the Cookies set on your device to measure the performance of advertising and track traffic to Gremlin’s website generally. Our Ad Partners may also use such technologies to deliver advertisements to determine whether you've already been shown an advertisement or how it performed, or provide us with information about how you interacted with an ad.
We have also implemented certain Google Analytics services, which may categorize Cookie information so that we and third-party service providers can better deliver advertisements that are relevant and useful to you on the Services and various websites across the internet.
We may combine the information Ad Partners collect from you with information we collect through our Services. For example, if you authenticate with your Gremlin account via a single sign-on method, such as SAML, we will have access to information that authentication provider sends, such as your email address.
We may also allow Ad Partners to serve advertisements on our behalf across the Internet and in third party applications.
We do not intentionally gather personal information from visitors who are under the age of 13. If you are under the age of 13, you are not permitted to submit any personal information to us or to otherwise use our Services. If we learn that a child under 13 submits personal information to Gremlin, we will delete the information as soon as possible. If you believe that we might have any personal information from a child under 13, please contact us using the information in the "Contact Us" section at the bottom of this Policy.
We do not currently respond to 'do not track' signals and similar settings or mechanisms. It is critical that we be able to quickly respond to any security or operations issues that may occur within our Services; responding to ‘do not track’ signals would inhibit our ability to do so.
We may use information about you for various purposes, including:
When we collect any information that does not identify you as a specific natural person ("Non-Personal Information"), we are permitted to use and disclose this information for any purpose, notwithstanding anything to the contrary in this Privacy Policy, except where we are required to do otherwise by applicable law. Examples of Non-Personal Information include: physical location information; demographic information, ZIP codes, etc.; or any personal information that has been anonymized, aggregated or de-identified. If we combine any Non-Personal Information with your personal information (such as combining your ZIP code with your name), we will use and disclose such combined information as personal information in accordance with this policy. Similarly, if applicable law requires that we treat certain Non-Personal Information as personal information, we will use and disclose this information as personal information in accordance with this policy.
We will only share your information with third parties under the following circumstances:
We do not sell or trade your Personal Information to third parties.
The information about you that we collect, process and/or use through our Services (including your login information) and the data we keep in our third-party business services accounts (e.g. Salesforce) is controlled by Gremlin, Inc. Gremlin and the Services it provides are hosted and provided outside of the European Economic Area (EEA), including in the United States, for the purposes described in this policy. The privacy protections and the rights of authorities to access your information in these countries may not be the same as in your home country. The information that is held by our Ad Partners or other third-party service provider, such as Google Analytics or Salesforce, we are the processor for such data, such data is always hosted by and remains under the control of such Ad Partner or other third-party service provider.
We may retain your Personal Information as long as you continue to use the Services, have an account with us, or for as long as is necessary to fulfil the purposes outlined in this Privacy Policy. We may, however, retain Personal Information for an additional period as is required under applicable laws, for legal, tax, or regulatory reasons. EU individuals have certain rights outlined below in "Transfer of Information to the U.S.".
For the data that we control, you have the following data protection rights:
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. If you would like to contact us regarding any of the above, please contact us at the contact information provided in the "Contact Us" section below. Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Gremlin, Inc. participates in and has certified its compliance with both the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred from the European Union (EU), European Economic Area (EEA), and Switzerland to the United States, respectively. Gremlin, Inc. is committed to subjecting all Personal Information received from the EU member countries, EEA and Switzerland, in reliance on the Privacy Shield Frameworks, to the Framework's applicable Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit the U.S. Department of Commerce's Privacy Shield List.
Subjects with inquiries or complaints relating to our Privacy Shield certifications should first contact Gremlin Inc. by emailing privacy@gremlin.com. If we are unable to resolve your complaint or dispute, you may refer your complaint to our designated independent dispute resolution mechanism, the International Centre for Dispute Resolution ("ICDR"), operated by the American Arbitration Association ("AAA"). For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website https://go.adr.org/privacyshield.html. Under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Under the Privacy Shield Framework, Gremlin, Inc. is subject to the authority of the Federal Trade Commission. If you have any questions or concerns relating to our Privacy Shield certification, contact us at privacy@gremlin.com. EU HR Data Independent Recourse: https://edpb.europa.eu/about-edpb/board/members_en
Gremlin complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. (Your organization name) has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.
Gremlin, Inc. remains accountable for personal information that it receives under the Privacy Shield and any subsequent transfers to a third party as described in the Privacy Shield Principles.
If you are visiting our website or using our Services from outside the United States (U.S.), please be aware that you are sending personal information to the U.S. where our servers are located. The U.S. may not have data protection laws that are as comprehensive or protective as those in your country of residence. However, our collection, storage, and use of your personal information will at all times be in accordance with this Privacy Policy.
Occasionally, at our discretion, we may include links to third parties on our websites or in email correspondence. If you access other websites using the links provided, the operators of these websites may collect information from you that will be used by them in accordance with their privacy policies. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your Personal Information. We use a secure server and use tracking technologies to enable and support security features, prevent fraud, and protect your data from unauthorized access. All supplied Personal Information is transmitted via Secure Socket Layer (SSL) technology. All Personal Information supplied by you is only accessible by Gremlin personnel or third-party contractors, that are authorized with special rights and a clear business need, who are required, by written agreements with Gremlin: (a) to keep such Personal Information confidential and (b) to comply with terms just as protective of your Personal Information as the terms of this Privacy Policy.
Gremlin commits to making delimiting efforts to resolve any complaints about handling of your privacy and our collection, use, or disclosure of your Personal Information. If you have any inquiries or complaints regarding this Privacy Policy please contact Gremlin at:
Gremlin empowers you to proactively root out failure before it causes downtime. See how you can harness chaos to build resilient systems by requesting a demo of Gremlin.
Get started