Grovara™ Privacy Policy

Last updated: December 1, 2019

Grovara is committed to protecting your privacy and, for that reason, Grovara has adopted this Privacy Policy to explain its data collection, use, and disclosure practices for the Grovara services (including its website, its mobile and web-based applications, and any other tools, products, or services provided by Grovara LLC (“Grovara” “we” “us” “our”) that link to or reference this Privacy Policy) (collectively, the “Services”).  The Services are owned and operated by Grovara.

This Privacy Policy applies to information that Grovara collects through the Services, as well as other information provided to Grovara online or offline by third parties, when Grovara associates that information with customers or users of the Services; however, except with respect to Personal Data from European Economic Area individuals covered under Section 9 below, it does not apply to information collected from Grovara’s employees, contractors, or vendors.  It also does not apply to information that you share with third parties or is collected by third parties through the Services (including web traffic or crash analytics tools). You acknowledge and agree that Grovara is not responsible for the data collection or use practices of any other services.  

This Privacy Policy describes, among other things:  

  • Personal and other information which Grovara may collect about you;
  • How Grovara uses your information;
  • How Grovara may share your information with third parties; and 
  • Your choices regarding the personal information Grovara collects about you.

 

  • Consent

 

By accessing or using the Services, you consent to this Privacy Policy.  If you do not agree with this Privacy Policy, please do not access or use the Services.  Information gathered through the Services may be transferred, used, and stored in the United States or in other countries where Grovara or its service providers are located.  If you use the Services, you agree to the transfer, use, and storage of your Personal Information (as defined below) in those countries. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. You agree that all transactions relating to the Services are deemed to occur in the United States, where Grovara’s servers are located. 

 

  • Collection of Your Personal and Other Information

 

When you register for, or use the Services, Grovara collects Personal Information.  “Personal Information” means information that can identify or reasonably be linked to an individual, such as:

  • Names; 
  • Personal or business addresses; 
  • Email addresses;
  • Your Internet Protocol (IP address); 

 

  • Phone numbers; 
  • Social Security numbers; 
  • Government-issued identification numbers; 
  • Credit card or bank account information (which you may submit for payment purposes); and
  • Information contained in any image, photograph or profile you submit to us.

Certain aspects of the Services may also access certain features of your mobile device, such as its camera, location services (GPS), microphone, and local files, and collect information from those features. You consent to this access. You may choose not to provide this access or your Personal Information or prevent the Services from accessing certain features of your mobile device (using any controls offered by your mobile device’s operating system), but this may prevent you from receiving certain features of the Services.

We also collect non-Personal Information relating to the Services; that is, information that does not personally identify an individual.  The non-Personal Information we collect includes how you interact with the Services, information generally collected or “logged” by Internet websites or Internet services when accessed or used by users, and information about your web browser or device accessing or using the Services.  

Examples of the non-Personal Information we collect are:

  • Information about your computer or mobile device, such as its maker or operating system version, and HTTP header information; 
  • The pages of our website or mobile app that you viewed during a visit;
  • The pages, information, documents, content, or advertisements you view or interact with using the Services; 
  • Language preferences;
  • The city and state in which you are located (but not your precise geographic location); and 
  • Unique identifiers that are not connected to, and cannot reasonably be connected to, your identity.  

We will not use non-Personal Information to try to identify you, and if we associate any non-Personal Information with information that personally identifies you, then we will treat it as Personal Information. As discussed in more detail below, we sometimes use cookies and other automatic information gathering technologies to gather non-Personal Information. 

Information collected by the Services may be collected by Grovara or one of our service providers acting on our behalf, but in either case, this Privacy Policy will govern the collection, use, and sharing of the information.

 

  • Use of Your Information

 

We may use the information we collect to:

  • Assist us in providing, maintaining, and protecting the Services (including, without limitation, to facilitate sale and purchase transactions and to permit you to exchange messages and other communications with Grovara and other users of the Services);
  • Set up, maintain, and protect accounts to use the Services;
  • Improve our online operations;
  • Process transactions;
  • Provide customer service;
  • Communicate with you, such as provide you with account- or transaction—related communications, or other newsletters, RSS feeds, and/or other communications relating to the Services;
  • Send or display offers and other content that is customized to your interests or preferences; 
  • Perform research and analysis aimed at improving our products and services and developing new products or services; and
  • Manage and maintain the systems that provide the Services.

 

  • Disclosure of Your Information

 

We may disclose your Personal Information to third parties as described below.   

We may disclose Personal Information to provide the Services, or when you authorize or instruct us to do so; for example, when you use the Services to submit content, documents, profile information, or product or order information. We may also disclose Personal Information and non-Personal Information to companies, agents, contractors, service providers, or others engaged to perform functions on our behalf (such as the processing of payments, provision of data storage, hosting of our website, marketing of our products and services, conducting audits, and performing web analytics). Without limiting the generality of the foregoing, your Personal Information and other information may be shared with, viewable by, and accessible to other account holders of the Services, on an as-needed basis to fulfill purchase and sale transactions requested by you, and any such information that such account holders gain access to through their use of the Services may be stored and retained in their business records related to such transactions. In addition, we may share your Personal Information with governmental entities, third party logistics service providers, and other third parties, as may be deemed necessary by Grovara in the course of facilitating sale and purchase transactions among users of the Services in accordance with the agreements existing between Grovara and users of the Services.  

We may license third party software to include in or use with the Services, in which case we may disclose Personal Information and/or Non-Personal Information to the licensor.

We may also disclose your Personal Information to third parties in accordance with applicable law when we believe, in good faith and in our sole discretion, that such disclosure is reasonably necessary to (a) enforce or apply the terms and conditions of the Services, including investigation of potential violations thereof, (b) comply with legal or regulatory requirements or an enforceable governmental request, (c) protect the rights, property or safety of us, our users or other third parties, (d) prevent a crime or protect national security, or (e) detect, prevent or otherwise address fraud, security or technical issues.  

Finally, we reserve the right to transfer information (including your Personal Information) to a third party in the event of a sale, merger, or transfer of all or substantially all of the assets of our company relating to the Services, or in the unlikely event of a bankruptcy, liquidation, or receivership of our business, and you hereby consent to any such transfer. We will use commercially reasonable efforts to notify you of such transfer before or after the transaction; for example, via email or by posting notice on our website.

Lastly, we may also disclose non-Personal Information, aggregated with information about our other users, to our clients, business and marketing partners, merchants, advertisers, investors, potential buyers and other third parties if we deem such disclosure, in our sole discretion, to have sound business reasons or justifications.  

  1. Cookies and Automatic Information Gathering Technologies

Every time you use the Services (e.g., access a Service webpage, navigate to a specific location within the Service mobile app), we collect non-Personal Information (discussed above in Section 2) regarding that use.  For example, to improve our Services, we collect how, when, and which parts of the Services or its features you use. Also, we may use your device’s unique identifier (UDID), media access control address (MAC Address), or other unique identifiers to assist us in collecting and analyzing this data.

To assist us in collecting and storing this non-Personal Information, we may employ a variety of technologies, including “Cookies,” local browser storage, and “Web Beacons.”  A “Cookie” is a small amount of data a website operator, or a third party whose content is embedded in that website, may store in your web browser and that the website operator or, as applicable, the third party, can access when you visit the website.  A Cookie may also refer to web-browser-based storage provided by Adobe’s Flash plugin (a “Flash Cookie”). A “Web Beacon” is a small, usually-transparent image placed on a web page that allows the operator of that image, which may be the operator of the website you visit or a third party, to read or write a Cookie.

Your operating system and web browser may allow you to erase information stored in Cookies, Flash Cookies, and local browser storage. But if you do so, you may be forced to login to the Services again and you may lose some preferences or settings.  You may also be able to set your browser to refuse all website storage or to indicate when it is permitted, but some features of our Services may not function properly without it. We may use Cookies to keep you logged in, save your preferences for the Services, and to collect information about how you use our Services.  

More information about managing Cookies is available here. Cookie management tools provided by your browser may not affect Flash Cookies. More information about managing Flash Cookies is available here. To learn how to manage privacy and storage settings for your local browser storage, please refer to the end user documentation for your browser. 

To help us collect this information, we use third-party software and services.  These third parties’ collection and use of non-Personal Information are subject to their own privacy policies, which you can read here:

Google Analytics

 

  • Transparency and Choice; Do Not Track Signals

 

You may request access to your Personal Information by sending an email to Support@Grovara.com. We will try to locate and provide you with your Personal Information and make commercially reasonable efforts to give you the opportunity to correct this data, if it is inaccurate, or to delete it, at your request.  However, in either case, we may be unable to comply with your request and/or may need to retain your Personal Information for legal or audit reasons or for other legitimate business purposes (e.g., to maintain records of purchase transactions facilitated via the Services). You may also remove some content that you post to or submit to the Services using any deletion or removal options made available to you within the Services.  However, Grovara (and you) are not able to control information that you have already shared with other users or made available to third parties through the Services.   

If you need further assistance with removing any content you posted through the Services, you can email us at Support@Grovara.com. Removal of your posted or submitted content may not ensure complete or comprehensive removal from our computer systems. 

We ask individual users to identify themselves and the information requested to be accessed, corrected, or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, would be extremely impractical (for instance, requests concerning information residing on backups), or relate to information that is not associated with your Personal Information.  In any case, where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort. 

Please be aware that if you request us to delete your Personal Information, you may not be able to continue to use the Services.  Also, even if you request that we delete your Personal Information, we may need to retain certain information for a limited period of time for legal or other reasons as discussed above.

You can opt out of receiving marketing e-mails from us by clicking on the “unsubscribe” link in the e-mails.  Please note that it may take up to ten (10) business days for your opt-out request to be processed. Also, even if you opt out of marketing e-mails, we may continue to send you certain account-related e-mails, such as notices about your account and confirmations of transactions you have requested. 

 

  • Children

 

The Services are not intended for users under 13 years of age.  We do not knowingly collect Personal Information from users under 13 years of age, and we do not authorize users under 13 years of age to use the Services.  

 

  • Information Security

 

We utilize reasonable information security measures to safeguard your Personal Information against unauthorized access, modification, or destruction.  For example, we store passwords in encrypted form only, we utilize Secure Socket Layer (SSL), Transport Layer Security (TLS), or similar encryption technology when sensitive data is transmitted over the Internet, and use firewalls to help prevent external access into our network. However, no data transmission over the Internet and no method of data storage can be guaranteed to be 100% secure.  Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its security.

If we share Personal Information with service providers, employees, contractors, agents, and third-party marketing partners, we require that they also use reasonable information security measures to safeguard your Personal Information, and only use your Personal Information for the purposes for which we share it with them. 

 

  • Information for European Union Users

  • Overview

 

If you or your business or employer are located in any country in the economic area consisting of the European Union, the United Kingdom, or Switzerland (collectively, the “EEA”), then in addition to the remainder of this Privacy Policy, this Section 9 will apply to the collection, storage, use, and disclosure of your information. If this Section 9 applies to you, then in the event of a conflict between this Section 9 and the remainder of this Privacy Policy, this Section 9 shall prevail solely to the extent needed to resolve the conflict. 

The term “Personal Data” in this Section 9 shall have the meaning given to such term by the GDPR. Grovara’s collection of “Personal Data” from EEA individuals may be subject to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”). 

If you are using our software or services on behalf of your employer, your employer is the controller of your Personal Data, and Grovara is an independent controller (as the term “controller” is defined under the GDPR). 

 

  • Consent

 

By using the Services, you acknowledge that your Personal Data is being processed pursuant to the following lawful bases: your consent, our legitimate interests and to fulfill our contract obligations to you (including, without limitation, to fulfill requests made by you, and to process sale and purchase transactions involving your account), and in order to comply with applicable law (including, without limitation, domestic and foreign import/export laws and regulations). 

 

  • Your Rights Regarding Your Personal Data

 

Since your Personal Information is subject to the GDPR, you have certain rights, which may include, as applicable, the right to instruct us to delete your Personal Data, or to restrict or object to the processing of your Personal Data, and certain rights to obtain a portable copy of your Personal Data. You can e-mail us at Support@Grovara.com. for more information on how to exercise those rights.

 

  • Privacy Shield Notice

 

Grovara participates in the European Union – United States Privacy Shield and the Switzerland – United States Privacy Shield (collectively, the “Privacy Shield”). Grovara complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Information transferred from the EEA to the US. Grovara has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between our Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will govern. To learn more about the Privacy Shield program, and to view Grovara’s certification, please visit https://www.privacyshield.gov.

The types of Personal Data Grovara is collecting under the Privacy Shield, the purposes for which each such type of data is collected and used, and the types of third parties to which we may disclose such data (and the purposes of such disclosure), are further explained in this Privacy Policy.

You may have rights, as set forth in this Privacy Policy, to access, edit, and have deleted your Personal Information. The choices and means offered to you for limiting our use and disclosure of your Personal Information are set forth in this Privacy Policy.

Notwithstanding any language to the contrary in this Privacy Policy, in any situation where we transfer Personal Information of EEA individuals that we received pursuant to the Privacy Shield to third parties, we are potentially liable, and we have a duty to ensure that those third parties protect the Personal Information with at least the same level of security as is required by the Privacy Shield.

In compliance with the Privacy Shield Principles, we commit to work to resolve complaints about your privacy and our collection or use of your Personal Information. EEA individuals with inquiries or complaints regarding this Privacy Policy should contact us at:

 

Grovara LLC

The Yard, ATTN: Grovara 4th Floor 

21 S. 11th Street 

Philadelphia, PA 19107 USA

Email: Support@Grovara.com.

 

We have further committed to refer unresolved privacy complaints under the Privacy Shield Principles to the American Arbitration Association, a non-profit alternative dispute resolution provider located in the US. If you do not receive a response to your complaint from us within forty-five (45) days, or if your complaint is not satisfactorily addressed, please visit http://go.adr.org/privacyshield.html for more information, and to file a complaint. Please note that if your complaint is not resolved through the above-mentioned channels, you may have the right, under certain limited circumstances, to invoke binding arbitration before the Privacy Shield Panel to be created by the US Department of Commerce and the European Commission.

Grovara is subject to the investigatory and enforcement powers of the US Federal Trade Commission with respect to our compliance with the Privacy Shield.

 

  • Your California Privacy Rights

 

As you may know, California recently passed a new privacy law, the California Consumer Privacy Act of 2018 (“CCPA”).  The CCPA endows users with certain rights with respect to their Personal Information, such as the right to request information about the types of personal information that has been collected, the right to request that their information be deleted, and the right to opt-out of the sale of their information. As a B2B service, Grovara is exempt from the requirements of the CCPA to the extent they could otherwise apply to the privacy practices described in this Privacy Policy. If you have any questions with respect to your rights under the CCPA, please contact us at Support@Grovara.com.  

 

  • Third Party Websites.  

 

Please note that the Services may link or integrate with third-party sites, services or apps (for example, third party e-signature service providers).   We are not responsible for the privacy or security policies or practices or the content of such third parties. Accordingly, we encourage you to review the privacy and security policies and terms of service of those third parties so that you understand how those websites collect, use, share and protect your information.

 

  • Changes to this Policy

 

Grovara may modify or update this Privacy Policy periodically with or without prior notice by posting the updated policy on this page. You can always check the “Last Updated” date at the top of this document to see when the Privacy Policy was last changed.  If Grovara makes any material changes to this Privacy Policy, Grovara will notify you by reasonable means, which may be by e-mail or posting a notice of the changes on the Services prior to the changes becoming effective. Please check this Privacy Policy from time to time.  IF YOU DO NOT AGREE TO CHANGES TO THIS PRIVACY POLICY, YOU MUST STOP USING THE SERVICES AFTER THE EFFECTIVE DATE OF SUCH CHANGES (WHICH IS THE “LAST UPDATED” DATE OF THIS PRIVACY POLICY).