Gleam

Privacy Policy

Last updated: January 2024

1. Introduction

Gleam GmbH ("we", "us", or "our") operates the gleam.io website and platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

We are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

The data controller responsible for your personal data is:
Gleam GmbH
Musterstraße 123
10115 Berlin, Germany
Email: privacy@gleam.io

3. Information We Collect

3.1 Information You Provide

  • Account information (name, email address)
  • Business information (company name, VAT ID, address)
  • Payment information (processed securely by Stripe)
  • Product information you upload
  • Communications with us

3.2 Automatically Collected Information

  • IP address and location data
  • Browser type and version
  • Device information
  • Usage data and analytics
  • Cookies and similar technologies

4. Legal Basis for Processing

We process your personal data based on:

  • Contract performance: To provide our services to you
  • Legal obligations: Tax and accounting requirements
  • Legitimate interests: Platform security and improvement
  • Consent: For marketing communications (where applicable)

5. How We Use Your Information

  • Provide and maintain our services
  • Process transactions and send related information
  • Send administrative notifications
  • Respond to customer service requests
  • Improve our platform and develop new features
  • Comply with legal obligations (tax reporting, etc.)
  • Prevent fraud and ensure security

6. Data Sharing

We may share your information with:

  • Payment processors: Stripe for payment processing
  • Cloud providers: For hosting and data storage
  • Analytics providers: To understand platform usage
  • Legal authorities: When required by law

We do not sell your personal data to third parties.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards through Standard Contractual Clauses or adequacy decisions.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Legal and tax requirements may require longer retention periods (typically 10 years for financial records in Germany).

9. Your Rights (GDPR)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion ("right to be forgotten")
  • Restriction: Limit processing of your data
  • Portability: Receive your data in a portable format
  • Objection: Object to certain processing activities
  • Withdraw consent: At any time for consent-based processing

To exercise these rights, contact us at privacy@gleam.io.

10. Cookies

We use essential cookies for platform functionality and optional cookies for analytics. You can manage cookie preferences through our cookie banner or browser settings.

11. Security

We implement appropriate technical and organizational measures to protect your data, including encryption, access controls, and regular security audits.

12. Children's Privacy

Our services are not intended for individuals under 16. We do not knowingly collect data from children.

13. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or platform notification.

14. Contact & Complaints

For privacy inquiries: privacy@gleam.io
You may also lodge a complaint with your local data protection authority. In Germany, this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit.