HERDLE, INC. 
PRIVACY POLICY

VERSION 3.0 
EFFECTIVE AS OF:  MARCH 15, 2019
LAST UPDATED:  DECEMBER 9, 2021

HERDLE, INC. DBA GIVEGO and its affiliated entities (“Herdle,” “Givego,” “Company,” “we,” “us,” or “our,”) respects the privacy of your information. This Privacy Policy is designed to assist you in understanding how we collect, use and safeguard the information you provide to us in using our mobile or online application(s) or platforms and related website (the “Site”), the services provided through our Site and the mobile applications we offer (collectively, “Services”).

From time to time, we may change this Privacy Policy. If we do, we will post an amended version on the Site. Please review this Privacy Policy periodically.

COMPANY CONTACT INFORMATION: 
HERDLE, INC.
c/o Dentons Durham Jones Pinegar P.C.
111 South Main Street
Suite 2400
Salt Lake City, UT 84111
Email: hello@givego.io

COMPANY WEBSITE: The website located at http://givego.io (together with any related websites).

COMPANY APPS: The mobile or online application(s) entitled “Givego” (together with any other applications or platforms available via the Site or published by the Company) (collectively, the “App”).

COLLECTING AND USING INFORMATION

1.    WHEN USER INFORMATION IS COLLECTED.  Givego collects your information during your access or use of (i) any websites or web application provided, published, developed or made available by the Company, including the Site; (ii) any mobile or online applications provided, published, licensed, developed or made available by the Company, including the App; and (iii) any feature, content, software, hardware, services or other products available on or through the Site or the App or otherwise provided by the Company. Your access and use of the Services are conditioned on your providing us with any requested User Information, and your refusal to provide requested User Information may prevent the Company from providing certain Services. 


2.    WHAT INFORMATION IS COLLECTED.  
2.1    Personally Identifiable Information.  Givego may collect any personally identifiable information that you provide in connection with any Services, including, without limitation: your name, email address, mailing address, phone number, photograph, birthdate, and other similar information provided with respect to you, your business or its employees, officers, representatives or affiliates, and certain historical, contact, and demographic information about you, such as your age, gender, experience level, and interests.
2.2    Device Information.  Givego may collect information about your device when you access any Services, including hardware model, operating system and version, unique device identifier, mobile network information, and information about the device’s interaction with the Services, as well as GPS information and information about the location of your device when using any Services.
2.3    Payment Information.  Givego may collect information provided in connection with you making, accepting, requesting or recording payments, credits or money transfers through any Services, including: payment card numbers, bank accounts information, when and where the transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, billing and shipping information, and the devices and payment methods used to complete the transactions.
2.4    Tax Information.  Givego may collect information regarding your tax information, including states of residence, withholding allowances and tax filing status.
2.5    Purchase Information.  Givego may collect information and data about your purchase information and preferences, including products and services purchased, amounts paid, frequency of purchases, location of purchases, and similar information.
2.6    Usage Information.  Givego may collect information and data about how you use the Services, including access time, Services accessed, browser type and language, Internet Protocol (“IP”) address, other applications on your device, webpages and applications viewed and used, time spent on webpages and applications, links clicked, and conversion information (e.g., transactions entered into).
2.7    Aggregated Data.  Givego may collect aggregated data about your or your use of Services, or any other aggregated form of the other types of User Information set forth above. Aggregated data that we collect cannot be specifically associated with you individually, unlike most of the other forms of User Information.
2.8    Special Categories of Data Not Collected.  The Site and Services are not intended for children under 13 years of age. We do not knowingly collect, use, or disclose personal information from children under 13. The age of a minor varies by jurisdiction. For the purposes of Personal Data (defined below) collected from the European Union (“EU”), the age of a minor is under 16 years of age. We do not knowingly collect, use, or disclose personal information from minors in the European Union.
We do not actively collect or otherwise process special categories of personally identifiable information (“Personal Data”), as identified in the EU’s General Data Protection Regulation (“GDPR”), including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, or genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. 
We do not actively collect or otherwise process Personal Data relating to criminal convictions and offenses.


3.    HOW USER INFORMATION IS COLLECTED.  


3.1    Information Provided by You.  You provide certain User Information when you register for your account for the Services and as you use the Services. All such information shall be voluntarily provided.
3.2    Automatic Collection.  User Information can be recorded and collected by software or processes that run automatically on your computer or device or on Company’s servers as you use the Services. 
3.3    Cookies.  User Information may be collected by sending cookies to your device. Cookies are small data files that are stored on your hard drive or in your device memory when you use the Services. Among other things, cookies support the integrity of the Company registration process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about your activity. Company may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by the browser on subsequent uses of the Services. Company may link the information stored in cookies to your User Information submitted while using the Services. You can typically remove and reject cookies from our Site with your browser settings. Many browsers are set to accept cookies until you change your settings. If you remove or reject our cookies, it could affect how the Services are provided to you. 
3.4    Google Analytics and Other Analytic Softwares.  We use Google Analytics, a web analytics service provided by Google, Inc., and may, from time to time, use other analytic softwares. Google Analytics uses Cookies or other tracking technologies to help us analyze how users interact with the Site and Services, compile reports on their activity, and provide other services related to their activity and usage.  The technologies used by Google may collect information such as your IP address, time of visit, whether you are a returning visitor, and any referring Site. The technologies used by Google Analytics do not gather information that personally identifies you.  The information generated by Google Analytics will be transmitted to and stored by Google and will be subject to Google’s privacy policies. To learn more about Google’s partner services and to learn how to opt-out of tracking of analytics by Google, click here.
3.5    Web Beacons.  User Information may also be collected by using web beacons. Web beacons are electronic images that may be used in connection with the Services. Company may use web beacons to deliver cookies, track the number of visits to the Services, understand Service usage and effectiveness, and determine whether an email has been opened and acted upon. 
3.6    Collection from Third Parties.  User Information is also collected from third parties that already have access to certain of your User Information, including third-party verification services, credit bureaus, mailing list providers, and publicly available sources. User Information may also include your data and content contained within a third-party service links or integrates with the Services. In some circumstances, where lawful, this information may include your government-issued identification number. These third parties may use cookies, web beacons, and other technologies to collect User Information. This Privacy Policy does not apply to, and Company is not responsible for, third-party cookies, web beacons, or other tracking technologies, which are covered by such third parties’ privacy policies. Company continually evaluates analytics services to use in addition its own, and Company may update this policy in the future to reflect Company’s ongoing use of said services. 


4.    HOW COLLECTED USER INFORMATION IS USED.  


4.1    As Permitted by Law.  Givego may use, publish, store, duplicate, manipulate and share User Information in any way not otherwise prohibited by applicable privacy laws.  
4.2    Provide Services.  User Information is stored and used so that you can verify your identify and save your preferences, profile and information in connection with creating, using and accessing your account with the Services, and to deliver, operate, provide, maintain, enhance, personalize, tailor and facilitate your use of the Services.
4.3    Improve Services.  User Information is also used to develop new products and Services, provide optimization, statistical analysis, and improvements for existing Services, and to improve web design and functionality. 
4.4    Communication Purposes.  User Information is used to deliver technical notices, security alerts, support messages, administrative notices and alerts, and communications relevant to your use of the Service, as well as to inform you about software compatibility issues, send news or information, conduct surveys and collect feedback. User Information is also used to communicate with you about products, services, contests, promotions, discounts, incentives, gift cards, loyalty programs, and rewards, based on your communication preferences and applicable privacy laws.
4.5    Facilitate Payments.  Using and storing your User Information is necessary for us to be able to process or record payment transactions or money transfers.  
4.6    Track and Display Consumer Behavior.  User Information is stored so that the Services can track historical transactions, payments, invoices, receipts and past order information. User Information is also used to display current, ongoing, pending or requested transactions or orders. 
4.7    Marketing.  User Information may be used for marketing communications or marketing purposes to inform you of new products, services, promotions, or other special events or offers that might be of interest to you, which may include information about products and services of other companies or brands that we partner with (“Special Offers”). When you register for our Services, you consent to receiving communications about Special Offers. In connection with Special Offers, we may ask for contact information or other Personal Data or User Information. If you would like to stop receiving information about Special Offers from the Company, you may unsubscribe from such emails or other communications by clicking “Unsubscribe” at the bottom of such communications.
4.8    For Automated Decisions. User Information may be used by the Services to automatically trigger certain actions by the Services, including targeted advertisements or content, directing you to specific products or offerings, suggesting various actions or offerings based on behavior and preferences, etc. 
4.9    Legal Compliance.  User Information is stored so that we can comply with applicable laws and regulations, including the privacy laws and anti-money laundering laws.
4.10    Aggregated Data Collection.  User Information is collected and aggregated to monitor aggregate usage and web traffic routing of all users of the Services, as well as to generate aggregated statistics about purchasing behavior of different demographics and populations.
4.11    Dispute Resolution; Contract Enforcement.  User Information may be used to resolve disputes; collect fees; provide assistance with problems with Services; protect Company rights or property or the security or integrity of the Services; enforce the Terms of Use and other terms and conditions that govern use of the Services; and investigate, detect and prevent fraud, security breaches, and other potentially prohibited or illegal activities.


5.    HOW COLLECTED USER INFORMATION IS SHARED.

 
5.1    As Permitted by Law.  Givego may share User Information in any way not otherwise prohibited by applicable privacy laws.  
5.2    With Consent.  User Information may be shared with other parties with your consent, such as for marketing uses that you authorize or consent to. 
5.3    Facilitate Third-Party Services.  Company, like many businesses, sometimes hire other companies or individuals to perform certain business-related functions and will need to share certain User Information for such parties to perform such functions. These third-party functions may include: anonymous site metrics, analytics services, payment processing, point of sale services, task management services, delivery of loyalty programs, management of gift cards, creation and delivery of promotional materials, product support and maintenance, order fulfillment and shipment/delivery of products and Services to users, mailing services, maintaining databases and other features or services included in or necessary for the Services. When Company employs another party to perform a function of this nature, we only provide them with the information that they need to perform their specific function.  
5.4    Delivery of Targeted Services and Ads.  User Information may also be shared or licensed to third parties without your consent to deliver targeted and non-targeted third-party content and advertisements in connection with the Services as well as un-related services, websites and applications.
5.5    For Legal and Safety Purposes.  User Information may be shared for legal, protection, and safety purposes, such as to comply with laws, respond to lawful requests and legal processes, protect the rights and property of Company against competitors or claimants, and enforce our agreements, policies, and terms of use.
5.6    Sale of User Information.  User Information may be sold, transferred or assigned to third parties without your consent for their own uses, subject to applicable privacy laws.
5.7    Business Transfers.  As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, User Information may be part of the transferred assets.
5.8    Affiliated Entities, Agents, Consultants and Related Third Parties.  We may share your User Information with our affiliated entities, agents, consultants, and other third parties (“Related Entities”), for purposes consistent with this Policy. As part of this sharing of information, this means that once you provide us with information, any of our Related Entities may use your User Information, including but not limited to for marketing purposes and other business-related purposes, pursuant to the terms of this Policy. 


6.    HOW COLLECTED USER INFORMATION IS STORED AND PROTECTED.  


6.1    Storage.  Givego may store Personal Data that we have collected (through the means described above) on our premises and in our information system at our facilities, in third party data centers, in the systems of third party service providers, and in cloud storage solutions. Givego stores all information in state of the art physical storage facilities and cloud storage. In doing so, Givego uses appropriate physical, organizational and technological measures to protect the Personal Data and User Information you provide to us against loss or theft, and unauthorized access, disclosure, copying, use, or modification. This includes limiting access on a “need-to-know” basis. 
To offer our Services, Site, and App to you, Company relies on plugins and services from third parties such as internet service providers, email service providers and plugins, calendar plugins, Customer Relationship Management (CRM) systems, credit card processors, and third party data storage. To the extent these providers have access to your Personal Data or User Information, we will require that they are legally or contractually committed to comply with applicable privacy laws. In the case of credit card processors, we require that they be PCI DSS-compliant. However, we cannot guarantee with certainty that the computer systems and storage systems whereon these services are offered will not be accessed by unauthorized parties. This is a risk inherent in providing any information or, or conducting any business, online. In transacting business with us through the Site, you assume the risk inherent in transacting business online.
If Givego receives any Personal Data or User Information that is transferred from the EEA (“European Economic Area”), we will implement standard data protection clauses with our third party service providers to ensure adequate protection of such data as required by the GDPR.
6.2    Protective Measures.  Givego takes commercially reasonable measures, including administrative, technical, and physical safeguards, to (i) protect User Information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction, (ii) ensure the security, confidentiality, and integrity of the User Information, (iii) protect against any anticipated threats or hazards to the security or integrity of the User Information, (iv) protect against unauthorized access to, or unauthorized use or disclosure of, the User Information, and (v) take such security measures required by any applicable privacy laws. 
6.3    Third Party Partners and Employees.  Givego may, by itself or using third-party service providers, hold, process and store User Information, including in the United States, Japan, the European Union and other countries. Company restricts access to User Information to those employees, contractors, and agents who need to know that information for purposes of performing their obligations to Company or to you, and who are subject to contractual confidentiality obligations, and who may be disciplined or terminated if they fail to meet these obligations. Company third-party service providers store and transmit User Information in compliance with appropriate confidentiality and security measures.
6.4    Security Breach.  Givego cannot guarantee that unauthorized third parties will never be able to defeat Company security measures or use User Information for improper purposes. In the event that any User Information in Company’s possession or under Company’s control is compromised as a result of a security breach, Company shall give prompt notice to you, with full particulars, and shall immediately commence a thorough investigation of any such incident.
6.5    Company Not Liable for Breach.  Givego will not be liable for any damages, claims, liability, or causes of action that arise as a result of any such security breach. 


7.    EXCLUSIONS.  This Policy shall not apply to (i) information posted by you to any public areas of the Services, such as bulletin boards, chat room, community pages or comment areas, (ii) any ideas for new products or modifications to existing products, and (iii) other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and voluntarily given, and Company shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.


8.    NOTICE TO CALIFORNIA RESIDENTS.  The California Consumer Privacy Act (CCPA) requires that we provide California residents with a privacy policy that contains a comprehensive description of our online and offline practices regarding the collection, use, disclosure, and sale of personal information, the categories of personal information that we have collected about individual consumers in the preceding twelve (12) months, and of the rights of California residents regarding their personal information. This section of the Privacy Policy is intended solely for, and is applicable only as to, California residents. If you are not a California resident, this does not apply to you and you should not rely on it.
The CCPA defines “personal information” to mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. Personal information does not include publicly available, deidentified or aggregated information.  For purposes of this “Notice to California Residents” section we will refer to this information as “Personal Information.”
The CCPA contains an exception that is relevant to us. Some of the CCPA’s privacy rights explained below do not apply to personal information collected in a business-to-business context. That is information reflecting a written or verbal communication or a transaction between us and a consumer, where the consumer is acting as an employee, owner, director, officer, or contractor of another entity and when the communication or transaction occur solely within the context of us conducting due diligence regarding, or providing or receiving a product or service to or from such entity.


   8.1    Categories of Personal Information We Collect.  We collect the following categories of personal information:
•    Identifiers, including your name, signature, physical characteristics or description, address, telephone number, education, employment history, bank account number, credit card number, debit card number, or any other financial information
•    Internet activity
•    Geolocation data
•    Audio, electronic, visual, or similar information
•    Employment information
•    Education information
•    Inferences about personal preferences and attributes drawn from profiling (e.g., using cookies)
8.2    California Residents’ Rights.  You have the following rights with respect to your personal data: (i) the right to know what personal information we collect about you; (ii) the right to know whether we sell or disclose your personal information, and if so, to whom; (iii) the right to say no to the sale of personal information; (iv) the right to access your personal information; and (v) the right to receive equal service and pricing from us, even if you exercise your privacy rights. You may exercise any of these rights if you are a California resident and you provide us with a verifiable request to exercise any of the above rights, by emailing us at hello@givego.io. 


9.    NOTICE TO UTAH RESIDENTS.  We do not disclose your personal data to any third party for such third party’s direct marketing purposes.

 

10.    NOTICE TO EUROPEAN ECONOMIC AREA RESIDENTS.  This section applies only to residents of the European Economic Area. Under the GDPR, individuals have certain data subject rights regarding their Personal Data. These rights may include:
10.1    Right to Be Informed.  You may request information from us about the ways in which your Personal Data is being processed or used by us, and the reasons for such processing.

10.2    Right of Access.  You have the right to know if we are processing your Personal Data and, if so, you have the right to view and obtain a copy of your Personal Data that we’ve collected about you.

10.3    Right to Rectification.  If you inform us that there are any errors in your Personal Data that we have collected and are processing, we will correct those errors upon your request. 

10.4    Right to Deletion of Personal Data.  You have the right to tell us to delete your Personal Data, subject to certain exceptions and limitations under law.

10.5    Right to Restrict Processing.  Subject to certain limitations under law, you also have the right to restrict or block us from processing your Personal Data. 

10.6    Right to Data Portability.  You have the right to ask us to transfer your data to another company or to you, under certain conditions.

10.7    Right to Object to Processing.  You have the right to object to the processing of your Personal Data, under certain conditions. 

10.8    Right Not to Be Subject to a Decision Based Solely on Automated Processing.  You have the right to demand that certain decisions regarding your Personal Data (such as profiling) be made by humans rather than by algorithms or automated processes.

If you wish to exercise any of these rights, please send us a request. Our contact information can be found at the top of this Privacy Policy.

 

11.    NOTICE TO CANADA RESIDENTS.   This section applies only to residents of Canada, governed by the Personal Information Protection and Electronic Documents Act (“PIPEDA”). Your Personal Data may be transferred outside of Canada for processing and storage. Company and its service providers may store Personal Data on servers located in other jurisdictions, including the United States. Please note that privacy laws in such jurisdictions differ from Canadian privacy laws (e.g., PIPEDA) and that in some jurisdictions your Personal Data may be accessed by law enforcement authorities or the courts in such jurisdictions. 
If you wish to obtain information or have any questions about our Privacy Policy and practices relating to handling of your Personal Data outside of Canada, find out if we have your Personal Data and how we have used it, access your Personal Data that is in our possession, request that your Personal Data be corrected or removed from our database, obtain a list of any other organizations to which your Personal Data has been disclosed, you may contact us at the contact information set forth at the top of this Privacy Policy. We will respond to your request relating to your Personal Data within 30 days. We may be unable to remove information to the extent that it is permitted or required to be retained by applicable law or document retention and data backup policies, or if removal is not practicable due to technological reasons. Please note that removal of your Personal Data may prevent or hinder us from providing further services and information to you.
Company may require you to provide sufficient information to permit us to provide an account of the existence, use, and disclosure of Personal Data. The information provided shall only be used for this purpose.


12.    CHOICES; INTERNATIONAL PRIVACY LAWS; RETENTION.


12.1    Right to be Informed; Access.  We strive to be completely transparent in how we are using your Personal Data. You have the right to know exactly what Personal Data is held about you and how it is processed.
12.2    Right of Rectification.  You are entitled to correct your Personal Data if it is inaccurate or incomplete.
12.3    Right of Erasure or to Decline to Share.  You have the right to have your Personal Data deleted or removed for any or no reason, and you have the right to decline to share certain Personal Data with us. However, if you choose to exercise either of these rights, your ability to use and access our websites, apps, products and services may be impacted because various features require your Personal Data to function correctly. 
12.4    Right to Data Portability. You have the right to retain and reuse any Personal Data for your own purpose. 
12.5    Right to Object; Restrict Processing.  In certain circumstances, you are entitled to object to the use of your Personal Data. This includes when your Personal Data is used for the purpose of direct marketing, scientific and historical research or the performance of a task in the public interest, when such use has a consequence with a legal bearing on yourself, or when such use is for the purpose of automatic decision making that has a material impact outside your use of our websites, apps, products or services. You may not object if our use of your Personal Data is otherwise permitted by applicable law. 
12.6    International Privacy Laws. If you are using any of the websites, apps, products or services from outside the United States, please be aware that you are sending information, including personally identifiable information and data, to the United States where our servers are located. That information may then be transferred within the United States or back out of the United States to other countries outside of your country of residence, depending on the type of information and how it is stored or used by us. These countries (including the United States) may not necessarily have data protection laws as comprehensive or protective as those in your country of residence; however, our collection, storage and use of your Personal Data will at all times continue to be governed by this Privacy Policy. 
For personally identifiable information received from the European Union, we also certify that we adhere to the EU-US Privacy Shield principles of Notice, Choice, Onward Transfers, Security, Data Integrity & Purpose Limitation, Access and Recourse, and Enforcement.
12.7    Data Retention. We only retain your Personal Data for as long as your account with us is active, and then for an additional limited period of time for as long as we need it to fulfill the purposes for which we initially collected such information, unless otherwise required by law or to protect our rights. For example, we may be required to retain copies of certain information to comply with legal obligations, to resolve disputes or enforce our agreements.


13.    CHANGES TO POLICY.  


13.1    Notification of Changes.  This Policy is subject to occasional revision, and if we make any substantial changes, we may notify you through the Services, by sending you an e-mail to the last e-mail address you provided to us (if any), and/or by prominently posting notice of the changes on the Site or through your account. You are responsible for providing us with your most current e-mail address. In the event that the last e-mail address that you have provided us is not valid, or for any reason is not capable of delivering to you the notice described above, our dispatch of the e-mail containing such notice will nonetheless constitute effective notice of the changes described in the notice.
13.2    Effectiveness of Changes.  Any changes to this Policy will be effective upon the earlier of fifteen (15) calendar days following our dispatch of an e-mail notice to you (if applicable) or fifteen (15) calendar days following our posting of notice of the changes on our Site. These changes will be effective immediately for new users of the Services. 
13.3    Use and Acceptance of Policy.  Continued use of the Services following notice of changes to this Policy shall indicate your acknowledgement and acceptance of such changes and agreement to be bound by the updated Policy.
13.4    Last Revision Date.  This Policy was last updated on the date indicated above. Please review this policy periodically, and especially before you voluntarily provide any User Information.

 
14.    RELATIONSHIP TO THE TERMS OF USE.  This Privacy Policy, and yours and our performance in connection with the Privacy Policy, is further governed by and subject to the Terms of Use for the App, including but not limited to the disclaimer, limitation of liability, governing law, jurisdiction, and venue provisions as set forth in the Terms of Use.


15.    CONTACT INFORMATION.  To contact us for questions or concerns about our privacy policies or practices, our contact information can be found at the top of this Privacy Policy.