1. PURPOSE OF POLICY

teroGO is committed to protecting your privacy. We created this Privacy Policy (“Policy”) to give you confidence as you visit and use the teroGO website and mobile application, and any other related services provided by us (collectively, the “Service”). This Policy covers how we collect, use, store, and share your information which on its own, or in combination with other information, may be used to identify you as an individual (“Personal Data”). This Policy has been updated to comply with the requirements of a new data privacy law known as the EU General Data Protection Regulation (“GDPR”). The provisions of our Terms of Use (https://atlasgo.org/terms/) apply to this Policy as well. All references to “we”, “us”, “our”, or “teroGO” refer to Atlas Unlimited Inc., a Delaware public benefit corporation. All references to “you”, “your”, or “user” refers to the end-user of the Service. Do not hesitate to contact us at hello@atlasgo.org if you have any questions or want to discuss this Policy.

Where we are acting as a controller of your Personal Data, by using the Service and agreeing to this Policy, you consent to the privacy practices described in this Policy. And, additionally, you consent to the use of your Personal Data by the charities, mission-driven businesses, and the company donors who support and benefit from the teroGO’ challenge(s) that you participate in (“Partners”), as described in this Policy. Where we are acting as a processor of a Partner, we will process your Personal Data in accordance with the provisions of the Partner’s Privacy Policy and under the instructions of the Partner.

2. INFORMATION WE COLLECT AND HOW WE USE IT

Information You Voluntarily Provide Us.

When you sign up for an account through the Service, you will be required to provide us with various Personal Data. Specifically, when you sign up for the Service, we collect your name and email address, and you will be required to create a username and password. In addition, as you use the Service, you may choose to provide additional Personal Data, including access to your camera, photos, and videos. Further, the Service allows you to post content on the Service through functions such as chat and comments and we collect this information, which can be considered Personal Data. You may provide the foregoing Personal Data and information by entering it into the Service, or through a third party service. While the information described here is provided to us only with your permission, some aspects of the Service may not be available if you choose not to provide us with such information and Personal Data.

We do not knowingly collect or maintain Personally-Identifying Information from anyone under the age of 13. Any person who provides Personally-Identifying Information through the Website represents to us that he or she is 13 years of age or older. If we learn that Personally-Identifying Information has been collected from a user under 13 years of age on or through the Website, then we will take the appropriate steps to delete this information.

Information We Automatically Collect as You Use the Service.

In addition to the information you voluntarily provide us, when you sign up for the Service and use the Service, we automatically collect your IP address and geo-location while the application is running on your device. You may be able to limit such collection in the settings on your device. As with the voluntarily provided information described above, some aspects of the Service may not be available if you choose not to provide us with such information and Personal Data.

Cookies.

After you have created an account, we use cookies to remember you as a user of the Service and to streamline the functionality of the Service. These are first party cookies, not third party cookies, meaning that the cookies are only used to track your activity on the Service, and not on third party sites or services.

Other Anonymous Data We Collect.

When you use and visit the Service, we may also use third-party services, such as Google Analytics, which use cookies to collect generic, anonymous information that does not identify you. We use this information to better understand how users interact with the Service and to improve your user experience while using the Service. To opt out of Google Analytics’ cookies, please visit https://tools.google.com/dlpage/gaoptout?hl=None.

Do Not Track Signals.

To the extent that we receive any Do-Not-Track signals, we will not comply with them.

3. PURPOSES OF COLLECTION AND LEGAL BASIS FOR USE

In furtherance of these purposes, we use the Personal Data described above primarily for providing you with the core aspects of the Service. The legal bases for us to process your Personal Data to provide the core aspects of the Services, where we are acting as controller of your Personal Data, are as follows: (a) first and foremost, you provided your consent by agreeing to this Policy, which you may withdraw at any time by emailing us at hello@atlasgo.org; (b) the processing is necessary for our contractual relationship with you (in other words, to provide the Service to you that we have agreed to provide, we need to process your Personal Data); (c) the processing is necessary for us to comply with our legal or regulatory obligations; and (d) the processing is in our legitimate interest as a provider of the Services (for example, to protect the security and integrity of our systems and to provide you with customer service and the core functionality of the Service). 

However, we also use the Personal Data to send you information about teroGO and the Service. When creating your teroGO profile, you have the option to consent to us sending you the teroGO newsletter or to otherwise contact you about promotions, updates, and features of the Service. 

Another purpose for which we collect and use your Personal Data is to provide a service to our Partners. Where we are acting as a processor for such Partners, we will process your Personal Data (including sharing your Personal Data with them), as set out in Partner’s Privacy Policy or otherwise as directed by Partner. In some cases, we may collect consent to such processing on behalf of the data controller where our Partner requests that we do so and your consent to this Policy serves as such consent.

We may provide Partners with metrics and analytics associated with a challenge that Partners are supporting, such as participation in a challenge, success of a challenge, and other related information and to provide Partners with your Personal Data to contact you about their products, services, and calls to action.

Your Personal Data will only be shared with the Partners who are involved with the challenge that you are participating in. If you are involved in more than one challenge, your Personal Data will be shared with those Partners who are involved in the subsequent challenges you participate in.

4. HOW WE SHARE YOUR PERSONAL DATA

Information Shared By You Through The Service.

You may, now or in the future, be able to choose to voluntarily share Personal Data collected through the Service, to public forums on the Service, through email, or through third party social media platforms.

In particular, you may also choose to voluntarily share photos or other similar materials through the Service. We or the Partners who are involved with the challenge(s) that you are participating in may use, copy, modify, share, publish, or redistribute, such materials for promotional or for other similar purposes.

Our Personnel.

To be able to effectively provide you with the Service, and to improve the functionality of the Service, we may disclose your Personal Data to our personnel, including our employees, contractors, and agents, to the extent that such persons or entities have a need-to-know such information in furtherance of the Service.

Our Vendors.

We work with third party service providers to provide website, application development, hosting, maintenance, data processing, customer service, payment processing, and other services for us in furtherance of the Service. For a list of our vendors, please visit atlasgo.org/vendors_integrations. These third parties (who are data subprocessors for the purposes of GDPR) may have access to or process your Personal Data as part of providing those services for us. However, we limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions and we have contracts in place with such vendors in line with the Article 28 requirements of GDPR, pursuant to which they are required, amongst other things, to maintain the confidentiality of the Personal Data to the extent required by GDPR. When you make a payment via our Services, we do not collect the financial information you provide. Rather, the information is collected by Stripe, Inc., a third party payment platform which collects a user’s name, email, credit card information, and other information a user provides to Stripe. We do not share any Personal Data with Stripe and we do not receive any Personal Data from Stripe. We only receive a confirmation from Stripe that there was a successful transaction completed on Stripe but no Personal Data is transferred between Stripe and teroGO. Stripe may also collect data from you in the capacity of data controller. Please see Stripe’s privacy policies for more information: https://stripe.com/privacy.

Charities, Mission-Driven Businesses, and Company Donors (Our Partners).

A core aspect of the Service is that our Partners may have access to Personal Data for the purposes described above. Namely, our Partners may have access to your Personal Data for the purposes of (1) receiving metrics and analytics associated with a challenge that a Partner is supporting, (2) for providing Partners with your Personal Data to contact you about their products, services, and calls to action, (3) for our Partners to use your Personal Data for their own marketing and promotional purposes, and (4) for purposes of notifying you of the tax deductibility of payments made through the Service (when applicable). As such, we may share your Personal Data with our Partners who support campaigns on the Service or who benefit from campaigns on the Service.

Sale of Company or Assets.

In the event that we sell all or substantially all of our company or its assets, including the Personal Data collected through our Service, we may transfer your information to the acquiring company. However, we will notify you before we do so.

Other Third Parties.

In addition to our practices described above, we may share your Personal Data if we have a good-faith belief that such action is necessary to (1) comply with the law (see the section below on “Government Requests”), (2) protect and defend the rights or property of teroGO, or (3) prevent an emergency involving danger of death or serious physical injury to any person. We will only share your Personal Data for the foregoing reasons to the extent permitted by GDPR.

5. STORING YOUR PERSONAL DATA

Duration of Storage of Your Personal Data.

We will store your Personal Data for as long as it is needed to provide the Service, however, we may not know if you have stopped using the Service so we encourage you to contact us if you are no longer using the Service. However, if required by applicable law, we may retain your Personal Data for such period as may be required by such law. To continue to provide an effective service, we may store non-Personal Data perpetually and may anonymize your Personal Data and store that anonymized information perpetually.

Additionally, as described in this Policy, we use third parties to provide the Service. We will ensure that such third parties to delete or modify your Personal Data to the extent required by GDPR and the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses pursuant to Decision 2010/87/EU) (the “SCCs”).

Security.

We use reasonable efforts to secure your Personal Data and to prevent the loss, misuse, and alteration of the information that we obtain from you. For example, we require our personnel and third party vendors to sign confidentiality agreements that extend to your Personal Data, and we review the privacy practices of new products and services that we integrate into our Service. In addition, we use reasonable technical safeguards such as encryption and secure hosting provided by industry leading third party vendors, to secure your Personal Data. However, loss, misuse, and alteration may occur despite our efforts to protect your Personal Data. We are not responsible to our users or to any third party due to any such loss, misuse, or alteration, except to the extent required by GDPR, the SCCs, or other applicable law.

6. YOUR CHOICES

You can change some of your Personal Data through the account settings provided on the Service. In addition, if you wish to access, receive a copy of, change or delete the Personal Data we hold about you, you may contact us as described at the end of this Policy. In addition, we encourage you to contact our Partners to access, receive a copy of, change or delete the Personal Data and we agree to work with our Partners in good faith to assist with your request.

You may withdraw the consent granted in this Policy for us or our Partners to use the Personal Data described in this Policy by contacting us as described at the end of this Policy. Please note that if you do so, it will not affect the lawfulness of the use of your Personal Data based on your prior consent.

If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time, by contacting us as described at the end of this Policy. Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, even after you opt-out from receiving commercial messages from us, you may continue to receive administrative messages from us regarding the Service.

Upon receipt of any of the above request(s), we will reflect any changes you request in our databases to the full extent required by GDPR, the SCCs, or other applicable law and we will confirm the changes to you.

If you are not happy with how we have attempted to resolve your complaint, you may contact the relevant data protection authority.

7. GOVERNMENT REQUESTS

From time to time, we may receive requests from government agencies to obtain information about our users. In handling such government requests, we greatly value the privacy of your Personal Data, however, we may turn over your information in accordance with such requests if we believe such action is warranted. In responding to any government request, we will (1) use commercially reasonable efforts to limit the scope of any government data request, (2) only provide any such data to the government if we reasonably determine, in consultation with our attorney, that we are required to do so by law, and (3) notify users in advance of disclosing their data to the extent we reasonably determine that we are permitted by law to provide such notice.

8. THIRD PARTY SERVICES AND PRACTICES ARE BEYOND OUR CONTROL

Our Service utilizes numerous third party services as part of the functionality of the Service. We may share your Personal Data with third parties as explained in this Policy. We have no control over such third parties, except to the extent required by GDPR and the SCCs. We encourage you to review the privacy practices of such third parties. We make no guarantees about, and assume no responsibility for, the information, services, or data/privacy practices of third parties, except to the extent required by GDPR and the SCCs.

9. INTERNATIONAL DATA TRANSFERS

Information collected in the European Economic Area (“EEA”) may be transferred, stored and processed by us or third parties (as provided in this Policy) in the United States and other countries whose data protection laws may be different than the laws of your country. Whenever we transfer your Personal Data out of the EEA, we ensure a similar degree of protection is afforded to it by entering into SCCs with the relevant third party.

Please contact us at hello@atlasgo.org if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.

As described in this Policy, we may share Personal Data with third parties and may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

10. CHANGES TO THIS POLICY

teroGO reserves the right to change this Policy from time to time, with or without notice to you, except to the extent required by GDPR. If you continue to use the Service, you consent to the new Policy. We will always have the latest Policy posted on the Service.

11. PLEASE REACH OUT TO US WITH ANY QUESTIONS OR FEEDBACK

If you have any questions or comments about this Policy or our Service or if you wish to access, receive a copy of, change or delete your Personal Data, please feel free to contact us by email at hello@atlasgo.org, or by mailing us at the following address:

77 Van Ness Ave., Ste 101 – 1117

San Francisco, CA 94102

12. DATA PROTECTION OFFICER AND LOCAL REPRESENTATION

Finally, we have appointed a Data Protection Officer (“DPO”) as well as local representation in both the EU and the UK. Our DPO and local representation can be contacted as follows:

DPO

Email: DPO@atlasgo.org

Mail:

Atlas Unlimited Inc.
ATTN: Data Protection Officer
77 Van Ness Ave., Ste 101 – 1117
San Francisco, CA 94102

UK Representative

GDPR Local Ltd

Adam Brogden

contact@gdprlocal.com

Tel + 441 772 217 800

UK Address

GDPR Local Ltd 1st Floor Front Suite 27-29 North Street, Brighton England BN1 1EB

EU – Ireland Representative

Instant EU GDPR Representative Ltd

Adam Brogden

contact@gdprlocal.com

Tel + 353 15 549 700

EU Dublin Address

INSTANT EU GDPR REPRESENTATIVE LIMITED Office 2 12A Lower Main Street, Lucan Co. Dublin K78 X5P8 Ireland