1. Our approach to privacy
2. Who is responsible for the use of your Personal Information
2.1 Gripable is the trading name of Gripable Limited (a company registered in England and Wales under registration number 10726111 whose registered office is at Thornton House, 39 Thornton Road, London, SW19 4NQ), who is the controller of the Personal Information (often referred to as a data controller) we hold about you. This means that we determine and are responsible for how your Personal Information is used.
3. Personal Information we collect from you when you; use the Platform, contact us or purchase your Plan and how we use it
3.1 We collect Personal Information that you voluntarily submit directly to us when you use the Platform. This can include Personal Information you provide to us when you order and pay for a product through our Platform, correspond with us by phone, e-mail or otherwise in relation to the Platform or your Plan, submit reviews or subscribe to our mailing lists, newsletters or other forms of marketing communications.
3.2 We will indicate to you where the provision of certain Personal Information is required in order for us to process your order, respond to your query or otherwise provide you with functionality of the Platform. If you choose not to provide such Personal Information, we may not be able to process your order, provide support or respond to your other requests.
3.4 Appendix A sets out further detail about the categories of Personal Information we collect about you.
3.5 Sensitive or Special Category Personal Information. Due to the nature of the Platform, we provide you will be asked to provide sensitive (also referred to as Special Category) Personal Information. We will only ask you to provide sensitive personal information if we need to for a specific reason and will always ask for you explicit consent in respect of the collection and sharing of any Sensitive Personal Information.
4. How do we use your Personal Information?
4.1 We use the Personal Information we collect for a variety of business purposes described below. We process your Personal Information for these purposes in reliance on our legitimate business interests (Legitimate Interests), in order to enter into or perform a contract with you (Contractual Reasons), with your consent (Consent), and/or for compliance with our legal obligations (Legal Reasons). We indicate the specific processing grounds we rely on next to each purpose listed below.
We may process your Personal Information for the following purposes:
- To take steps towards entering into a contract with you, to provide the Plan and the Platform and to claim any right to be paid under our Terms of Sale (Contractual Reasons). This includes collecting and using your personal information to:
- Prepare an agreement with you.
- Manage any accounts you hold with us.
- Contact you for reasons related to your Plan and the Platform.
- Enable us to follow up on enquiries made by you in relation to your Plan and the Platform and/or to provide information you have requested.
- Deal with payment for your Plan.
- Notify you of any changes that may affect you; and
- Resolve disputes or collect overdue payments.
- To fulfil and manage any orders, payments, returns and exchanges in connection with your Plan (Contractual Reasons).
- To pass your Personal Information onto our brand partners in connection with the fulfilment and management of your orders, payments, returns, and exchanges (Contractual Reasons).
- To contact you regarding enquiries you have made in relation to your Plan or the Platform.
- To send administrative Information to you for Legitimate Interests, Legal Reasons and/or possibly Contractual Reasons. We may use your Personal Information to send you product, service and new feature information and/or information about changes to our Terms and Conditions of Use or Terms of Sale and policies, as may be in place from time to time.
- To send you marketing and promotional communications for Legitimate Interests and/or with your Consent. We and/or our brand partners may use your Personal Information for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails (see below for further details).
- To facilitate account creation and the log-in process with your Consent. If you choose to link your account with us to a third-party account (such as your Google or Facebook account), we use the Personal Information we are consequently allowed to collect from those third parties to facilitate account creation and the log-in process.
- To administer promotions or trials for your Plan for our Legitimate Interests and/or with your Consent.
- To request feedback for our Legitimate Interests and/or with your Consent. For example, we may use your Personal Information to request feedback and to contact you about your use of your Plan and the Platform.
- To protect our Platform for Legitimate Interests and/or Legal Reasons. We may use your Personal Information as part of our efforts to keep the Platform safe and secure (for example, for the purposes of monitoring and/or preventing fraud).
- To enforce our terms and policies for Legitimate Interests, Legal Reasons and/or possibly Contractual Reasons.
- To respond to legal requests and prevent harm for Legal Reasons. For example, if we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
- We may use your Personal Information for other Legitimate Interests, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve the Plans, Platform, our marketing and your experience.
4.2 Will your Personal Information be shared with anyone?
We only share and disclose your Personal Information in the following situations:
- Contractual. We may share Information with partners to enable any orders for products or services, or obligations arising out of any such orders, to be fulfilled.
- Compliance with Legal Obligations. We may disclose your Personal Information where we are legally required to do so in order to comply with applicable laws, governmental requests, judicial proceedings, court orders, or legal processes, such as in response to a court order or a subpoena (including in response to requests from public authorities in order to meet national security or law enforcement requirements).
- Vital Interests. We may disclose your Personal Information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, illegal activities or situations involving potential threats to the safety of any person, or where we believe it is necessary for the purpose of providing evidence in connection with litigation proceedings in which we are involved.
- Business Transfers. We may share or transfer your Personal Information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
- Health Care Providers. Provided you have given us Consent to do so we may share your Personal Information with your health care provider.
With your Consent. We may disclose your Personal Information for any other purpose with your Consent, including with any person who you have named as a person we can contact to discuss your account and any agent or representative of yours.
We may disclose aggregated, anonymous information (i.e., information from which you cannot be personally identified), or insights based on such anonymous Information, to selected third parties, including (without limitation) analytics and search engine providers to assist us in the improvement and optimisation of the Platform. In such circumstances we will not disclose any Information which can identify you personally.
5. Information we collect automatically about your use of our apps and Platform
5.1 We automatically collect certain Information when you visit, use or navigate the Platform. This Information does not reveal your specific identity (unless your device name is the same as your name) but may include device and usage Information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, Information about how and when you use the Platform and other technical Information. This Information is primarily needed to maintain the security and operation of the Platform, and for our internal analytics and reporting purposes.
Like many businesses, we also collect Information through cookies and similar technologies. You can find out more about this in our Cookies Policy (set out below).
5.2 We may link or combine the Personal Information we collect about you and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.
5.3 We may anonymise and aggregate any of the Personal Information we collect (so that it does not directly identify you). We may use anonymised information for purposes that include testing our IT systems, research, data analysis, improving the Platform and our apps and developing new plans and features.
6. How long will we store your Personal Information
When we have no ongoing Business Purpose to justify the processing of your Personal Information, we will either delete or anonymise it, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
7. How do we handle your Social MEDIA Logins?
The Platform may offer you the ability to register and log-in using your third-party social media account details (e.g., Facebook, Twitter etc.). Where you choose to do this, we will receive certain Information from your social media provider. The Personal Information we receive may vary depending on the social media provider concerned, but will often include your name, e-mail address, friends list, profile picture and other Personal Information that you choose to make public. If you log-in using Facebook, we may also request access to other information related to your account, such as friends, check-ins and likes, and you may choose to grant or deny us access to each individual permission.
The Personal Information that you post, transmit, or otherwise make available on such social media platforms may be viewed and/or used by other users of those networks and we have no control over that viewing and use and cannot prevent further use of that Information by third parties.
If you choose to link your Gripable profile to a social media account, Personal Information that you provide to us in the process may be included on your Gripable profile. Additionally, your contacts on the social media platform(s) (Friends) may be able to see your activity on the Platform. A link to your public profile on the social media site may be added to your profile and other members and users of the Platform may be able to see any Friends or links (e.g. friends of Friends) via the social network(s) that you have in common with them.
When you interact with us through social media networks, you acknowledge that we may access your Personal Information that is held by that account, solely in accordance with your social media privacy settings. Any links to social media are not under our control and remain solely your responsibility. You acknowledge that any Information posted via social media through the Platform, or via any third party which you allow to access your content, is posted entirely at your own risk and that by posting to a public platform you make that Information visible to third parties who can use that Information at their discretion.
Please note that we do not control, and are not responsible for, other uses of your Personal Information by your third-party social media provider(s). We recommend that you review their privacy policies to understand how they collect, use and share your Personal Information, and how you can set your privacy preferences on their sites and apps.
8. Your Consent to processing
You will be required to give Consent to certain processing activities before we can process your Personal Information. Where applicable, we will seek Consent from you when you first submit Personal Information to or through the Platform.
If you have previously given your Consent you may freely withdraw such Consent at any time. You can do this by emailing us or, where applicable, clicking the ‘Unsubscribe’ button that appears in mailing list communications.
If you withdraw your Consent, and if we do not have another legal basis for processing your Personal Information, then we will stop processing your Personal Information. If we do have another legal basis for processing your Personal Information, then we may continue to do so subject to your legal rights.
Please note that if we need to process your Personal Information in order for you to use the Platform and your Plan and you object or do not provide Consent to us processing your Personal Information, you accept that your Plan and the Platform will no longer be available to you.
9. Marketing and Advertising
9.1 From time to time we may contact you with information about our Platform, including sending you marketing messages and asking for your feedback on our Platform.
9.2 Most marketing messages we send will be by email. For some marketing messages, we may use Personal Information we collect about you to help us determine the most relevant marketing information to share with you.
9.3 We will only send you marketing messages if you have given us your Consent to do so. You can update your preferences about the emails you receive from, including withdrawing your Consent, by clicking on the link at the bottom of our marketing emails.
10. Storing and transferring your Personal Information
10.1 Security. We implement appropriate technical and organisational measures to protect your Personal Information against accidental or unlawful destruction, loss, change or damage. All Personal Information we collect will be stored on secure servers. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, credit or debit card information or national identification numbers.
10.2 De-identification. If we use your content, we only do so in a way that does not directly identify you. We will only re-identify you in exceptional circumstances, such as if we are required to do so by applicable law.
10.3 International Transfers of your Personal Information. The Personal Information we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations. If you are located in the European Economic Area (“EEA”) or the United Kingdom, your Personal Information may be processed outside of the EEA or the United Kingdom including in the United States.
10.4 In the instance of such a transfer, we ensure that the Personal Information is transferred to countries recognised as offering an equivalent level of protection and using the appropriate safeguards required by applicable data protection law.
11. Your rights in respect of your Personal Information
11.1 In accordance with applicable privacy law, you have the following rights in respect of your Personal Information that we hold:
a) Right of access. You have the right to obtain:
- i) confirmation of whether, and where, we are processing your Personal Information;
- ii) information about the categories of Personal Information we are processing, the purposes for which we process your Personal Information and information as to how we determine applicable retention periods;
- iii) information about the categories of recipients with whom we may share your Personal Information; and
- iv) a copy of the Personal Information we hold about you.
b) Right of portability. You have the right, in certain circumstances, to receive a copy of the Personal Information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
c) Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete Personal Information we hold about you without undue delay.
d) Right to erasure. You have the right, in some circumstances, to require us to erase your Personal Information without undue delay if the continued processing of that Personal Information is not justified.
e) Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your Personal Information if the continued processing of the Personal Information in this way is not justified, such as where the accuracy of the Personal Information is contested by you.
11.2 You also have the right to object to any processing based on our Legitimate Interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your Personal Information, and we will assess and inform you if that is the case You can object to marketing activities for any reason.
11.4 You may also review and edit some of the Personal Information you have submitted to us through the appropriate functionality on the apps.
11.5 Due to the confidential nature of data processing we may ask you to provide proof of identity when exercising the above rights. This can be done by providing a scanned copy of a valid identity document or a signed photocopy of a valid identity document.
11.6 We will seek to respond to any request relating to your rights within one month of receipt of such request.
11.7 Where, given the complexity of the claim or the number of requests received, the above deadline cannot be met, we will inform you of the extended deadline in which we will respond to your request. Such extension may not be more than two months from the date on which we notify you that an extension is required.
11.8 Where we do not follow up on your request, we will inform you within the one-month deadline of the grounds on which we have based our decision and of you right to refer a complaint to your national data protection authority.
12. Cookies and Similar Technologies used on our website
12.2 Cookies are pieces of code that allow for personalisation of our Platform experience by saving your information such as user ID and other preferences. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes.
12.3 Cookies help us to provide you with a good experience when you browse our Platform and also allows us to monitor and analyse how you use and interact with our Platform so that we can continue to improve our Platform. It also helps us and our advertising partners to determine products and services that may be of interest to you, in order to serve you targeted advertisements.
12.4 We use the following types of cookies:
a) Strictly necessary cookies. These are cookies that are required for the operation of our Platform. They include, for example, cookies that enable you to use a shopping basket or pay for your Plan through our Platform.
b) Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our Platform when they are using it. This helps us to improve the way our Platform works, for example, by ensuring that users are finding what they are looking for easily. We may use third-party analytics tools such as Google Analytics, to help us measure traffic and usage trends for the Platform and to understand more about the demographics of our users. You can learn more about Google’s practices at http://www.google.com/policies/privacy/partners, and view its currently available opt-out options at https://tools.google.com/dlpage/gaoptout.
c) Functionality cookies. These are used to recognise you when you return to our Platform. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
d) Targeting cookies. These cookies record your visit to our Platform, the pages you have visited and the links you have followed. We will use this information to make our Platform and the advertising displayed on it, and the marketing messages we send to you more relevant to your interests. We may also share this information with third parties who provide a service to us for this purpose.
e) Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you click on an advertisement or link on our Platform. These third parties are responsible for setting out their own cookie and privacy policies.
12.5 Please see Appendix B for more information about the cookies we use on the Platform.
12.6 The cookies we use are designed to help you get the most from our Platform but if you do not wish to receive cookies, most browsers allow you to change your cookie settings. Please note that if you choose to refuse all cookies you may not be able to use the full functionality of our Platform. These settings will typically be found in the “options” or “preferences” menu of your browser. In order to understand these settings, please use the “Help” option in your browser for more details.
12.7 If you would like to find out more about cookies and other similar technologies, please visit www.allaboutcookies.org or the Network Advertising Initiative’s online sources at www.networkadvertising.org.
12.8 Please note that deleting or blocking cookies may not be effective for all types of tracking technologies, such as Local Storage Objects (LSOs) like HTML5.
We use the following cookies:
13. Tracking Technologies used in our emails
13.1 Our emails may contain tracking technologies that provide us with information about your interactions with our emails, including identifying if and when you have opened an email that we have sent you, how many times you have read it and whether you have clicked on any links in that email. This helps us measure the effectiveness of our marketing email campaigns, make the emails we send to you more relevant to your interests and to understand if you have opened and read any important administrative emails, we might send you.
13.2 Most popular email clients will allow you to block these technologies by disabling certain external images in emails. You can do this through the settings on your email client – these generally give you the option of choosing whether emails will display “remote images”, “remote content” or “images” by default.
13.3 Some browsers also give you the option of downloading and installing extensions that block tracking technologies.
14. Interest Based Advertising
14.1 We participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your browsing history and use of the Platform. We may share, or we may permit third party online advertising networks, social media companies and other third-party services to collect information about your use of the Platform over time so that they may play or display ads of the Platform, and similar products and services, on other websites, apps or services you may use (including Google and Facebook).
14.2 Typically, but not always, this information is collected through cookies and similar tracking technologies. These third parties may collect mobile identifiers, such as the ID for Advertising for iOS (IDFA), Google Advertising ID, as well as your device’s IP address, information about other applications on your device, your location, information about your use of the Platform and information about which adverts you have seen or clicked on.
14.3 We and our third-party partners use this information to make the advertisements you see online more relevant to your interests, as well as to provide advertising-related services such as reporting, attribution, analytics and market research.
14.4 We may also use certain forms of display advertising and other advanced features through Google Universal Analytics, such as Remarketing with Google Analytics, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration, and Google Analytics Demographics and Interest Reporting. These features enable us to use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the Doubleclick advertising cookie) or other third party cookies together to inform, optimize, and display ads based on your past visits to the Platform. You may control your advertising preferences or opt-out of certain Google advertising products by visiting the Google Ads Preferences Manager, currently available at https://google.com/ads/preferences or by vising NAI’s online resources at www.networkadvertising.org/choices.
14.5 You may be able to limit the use of these identifiers for interest-based advertising on a particular device through the settings on your device by selecting “limit ad tracking” (iOS) or “opt out of interest-based ads” (Android). You may also be able to opt-out of some, but not all, interest-based ads served by mobile ad networks by visiting http://youradchoices.com/appchoices and downloading the mobile AppChoices app.
14.6 To learn more about interest-based advertising and how you may be able to opt-out of some of this advertising, you may wish to visit:
a) the Network Advertising Initiative’s online resources, at www.networkadvertising.org/choices;
b) the DAA’s resources at www.aboutads.info/choices; and/or
c) Your Online Choices at www.youronlinechoices.eu.
14.7 Please note that opting-out of receiving interest-based advertising through the NAI’s and DAA’s or Your Online Choices online resources will only opt you out from receiving interest-based ads on that specific browser or device, but you may still receive interest-based ads on your other devices. You would need to perform the opt-out on each browser or device you use.
14.8 Some of these opt-outs may not be effective unless your browser is set to accept cookies. If you delete cookies, change your browser settings, switch browsers or devices, or use another operating system, you will need to opt-out again.
14.9 Please note that opting out of interest-based advertising does not mean you will no longer see advertising on your device – it just means that adverts may no longer be tailored to your interests.
15. Links to third party Platforms
15.1 The Platform and our apps may, from time to time, contain links to and from third party websites, including those of our partner networks, advertisers, partner merchants, news publications, and retailers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.
16. Our policy towards children/adults without legal capacity
We do not sell products for purchase by children or those who do not have legal capacity. We sell products for purchase by adults over the age of 18 years old with legal capacity to contract. Any use of the Platform by anyone under the age of 18 or an adult who does not have legal capacity needs to be under the supervision of a parent or guardian.
17. Changes to this policy
18. Notice to you
19. Contacting us
19.2 You have the right to make a complaint at any time to the Information Commissioner’s Office (the ICO), the UK supervisory authority for data protection issues (https://ico.org.uk/concerns). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
Appendix A – Personal Information
Appendix B – Cookies
Appendix A – Personal Information
In connection with the products and services on our Platform, we may collect the following Personal Information about you:
- Identity Data, which includes your first name, last name and gender.
- Contact Data, which means the data we use to contact you including your billing address, delivery address, email address and contact number.
- Financial Data, which means the payment method and card association used to process your payments for your Plan. We do not store or process your card details ourselves, they are processed and stored via one of our contracted third-party service providers. We encrypt your payment card details in your browser and securely transfer this data to our relevant third-party payment provider to process a payment.
- Transaction Data, which means details about transactions you have made in connection with the Plan, including the payments to and from you along with other details of products you have purchased from us.
- Profile Data, which includes your username, email address and log-in data, details of any purchases or orders made by you, and your interests, preferences, feedback and survey or questionnaire responses
- Health Data, which includes information on your health which includes:
- Which hand are you going to train – refers to the hand which requires training – we need to know this so that the device works appropriately with the correct hand. For example, wrist extension/flexion Activities only work if we know which hand is being trained.
- Clinical Categorisation – we use this information to build up a record of current practices and ideal practices so that we can improve the activities we provide to improve the effectiveness of training for different clinical categories.
- Activity Data – like grip strength or range of motion is collected on the users training and assessment outcomes and this can be used by trainers to understand user progress.
- Usage Data, which includes Information about how you use your Plan and Platform. This includes your browsing patterns and information such as how long you might spend on one of our webpages on the Platform and what you look at and for, the page that referred you to the Platform and the click stream during your visit to our website, page response times, and page interaction Information (for example, clicks you make on a page).
- Marketing and Communications Data, which includes your preferences with regards to receiving marketing from us and your other communication preferences.
- Other Information relevant to services, customer surveys, questionnaires and/or offers.
Appendix B – Cookies
- Recognising you when you use our Platform. This allows us to provide you with recommendations, display personalised content, recognise you and provide other customised features and services.
- Keeping track of your specific preferences.
- Conducting research and diagnostics to improve our content, products, and services.
- Preventing fraudulent activity.
- Improving security.
- Delivering content, including ads, relevant to your interests on third-party Platforms.
- Reporting. This allows us to measure and analyse the performance of our services.
You can manage browser cookies through your browser settings. The ‘Help’ feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies, and when cookies will expire. If you disable all cookies on your browser, neither we nor third parties will transfer cookies to your browser. If you do this, however, you may have to manually adjust some preferences every time you visit a Platform, and some features and services may not work.