Thank You GPT Privacy Policy

At Thank You GPT, your privacy is of the utmost importance to us. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you visit our website, interact with our services, or communicate with us. 

By using our services or providing personal information to us, you agree to the practices described in this Privacy Policy. Please read this policy carefully to understand how your personal data will be handled.

1. Quick Summary 

Here is a summary of the privacy policy that we want you to be familiar with, which is subject to the detailed provisions outlined below:

1. No Storage of Customer Data: We do not store any of your end-customers' personal data. Our system processes messages to identify 'thank you' messages but does not retain any customer-specific information afterward. All the messages and related data are deleted immediately after processing.
2. ‍Statistical Data Only: We keep only non-personal, statistical information. This helps us to improve the performance of the app.
3. GDPR Compliant: For European customers, we are fully committed to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws to ensure your data is handled securely and responsibly. Enterprise customers can also select their processing location to be in the EU and sign a DPA with us.

2. General
   1. Thank You GPT (Adelante LTD) cares for its customers and ends-customers' privacy. Before using the Management Tool, carefully read the Privacy Policy detailed in this document (hereinafter: "Privacy Policy"), which will apply to our Services.
   2. The Privacy Policy is an integral part of the Terms of Use, which are available on the website www.ty-gpt.com (hereinafter: "Terms of Use"), and the Terms of Use apply to the Privacy Policy. Terms of Use definitions apply over this Privacy Policy.
   3. This Privacy Policy specifies our Management Tools procedures while using the information that you provide.
   4. The law that applies this Privacy Policy is Israeli law. The Privacy Policy is subject to the Protection of Privacy Law, 5741-1981 (hereinafter: "Privacy Protection Law").
3. Consent
   1. Once you approved our Terms of Use and Privacy Policy, you have given us permission to collect and use, according to the provisions of this Privacy Policy, information transferred or received from you or during your use of the Platforms and Access Means. 
   2. Your consent to the processing we perform is the legal basis for the processing activity. According to the law, you are required to obtain your customers' consent or provide another legal basis for the processing activity we carry out.
   3. You are not obliged to confirm our access to you and your end customers' information, but if our access to the said information is prevented, we will not be able to provide the Management Tools services.
   4. Note that information transmitted through the Management Tool may be visible to the Platform and other third parties selected and contracted by you who will use the information, per their own private policies, and you release us from any liability for this matter.
   5. We are not a party to any of your agreement or consent to use the Platforms.
4. Types of Information We Collect

We may collect the following types of personal data from you when you interact with our website or services:

1. Users Data: The information that we may collect is any User Information that you have allowed us to access by our use of Access Means. The customer has the exclusive responsibility of preventing us from accessing classified information that the customer requires and/or does not want, for any reason, that we will use. After the Management Tools process the information, we delete and do not retain any personal User Information that allows the characterization or identification of private individuals.
2. Statistical Data: We may collect statistical information that is not personally identifiable relevant to activities performed in the Management Tool.
3. Usage Data: We automatically collect information about your interaction with our services. This includes your IP address, browser type, browser version, the pages of our website you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.
4. Cookies and Tracking Data: Cookies are small files that a website or its service provider transfers to your computer’s hard drive through your web browser (if you allow) that enable the website’s or service provider’s systems to recognize your browser and capture and remember certain information. We use cookies and similar tracking technologies to monitor activity on our website and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

5. How We Use Your Personal Data

We use the personal data we collect for various purposes, including:

1. To provide and maintain our services: We use your data to operate, improve, and support the services we offer. This includes delivering the content and services you request, as well as troubleshooting and resolving technical issues.
2. To communicate with you: We may use your information to send you updates, newsletters, or important notices related to our services. You can opt-out of receiving non-essential communications at any time by following the instructions included in each communication.
3. To process transactions: If you make a purchase or engage in any financial transactions through our services, we will collect and process payment-related information as necessary to complete the transaction.
4. To improve our services: We analyze data to understand how users interact with our website and services to improve our offerings, user experience, and overall functionality.
5. To provide personalized marketing: With your explicit consent, we may send you marketing communications about products, services, or events that we think may be of interest to you. You may withdraw your consent to receive marketing communications at any time. 

The advertising information will be transmitted via e-mails, push notifications, Israeli-Post, telephone calls, or other relevant means of communication. You may instruct us at any time to stop e-mailing you by sending an e-mail to help@ty-gpt.com.

6. To comply with legal obligations: We may process your data to comply with our legal obligations, such as responding to government or law enforcement requests.
7. The after Use of data: It is clarified that as soon as information is obtained from us, per the Privacy Policy provisions, we will not be responsible for its use, and there will be no validity to any claim regarding that matter.

6. Data Retention

We do not store any of your end-customers' personal data. Our system processes messages to identify 'thank you' messages but does not retain any customer-specific information afterward. All the messages and related data are deleted immediately after processing.

Without derogating from the aforesaid, we will only retain your personal data for as long as it is necessary to fulfill the purposes for which we collected it, including any legal, accounting, or reporting requirements. The specific retention periods will vary depending on the type of data and the purpose for its collection.

When determining the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and whether we can achieve those purposes through other means.

For example, we may retain your contact information as long as you are subscribed to our services or marketing communications. We may also retain certain data to comply with legal obligations, resolve disputes, and enforce our agreements.

Once the data is no longer necessary, we will securely delete or anonymize it.

7. Data Security
   1. We are committed to ensuring that your personal data is secure. To prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect.
   2. These measures include encryption, firewalls, secure data storage, regular security audits, and access controls. We also regularly review and update our security practices to ensure they are aligned with the latest industry standards.
   3. We implement acceptable and reasonable information security procedures for protecting information in our possession. Therefore, we may even request to update the Access Means you provide us.
   4. You need to provide us the Access Means as required for the Management Tools to contact the Platforms. We will save the Access Means as long as they are needed to maintain the service operational.
   5. Note that we cannot guarantee that all User Information and Management Tools are immune to third parties' unauthorized access. Accordingly, we will not be liable for any damage caused to you or a third party that is not a result of Adelante's direct negligence, if caused as a result of information theft, alteration, or improper use of the information during the Management Tool's activity.
8. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information, except as described in this Privacy Policy. We may share your data under the following circumstances:

1. Service Providers: We may share your data with third-party companies or individuals that we employ to facilitate our services ("Service Providers"), provide services on our behalf, or assist us in analyzing how our services are used. These third parties have access to your personal data only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.
2. Business Transfers: If Thank You GPT is involved in a merger, acquisition, or asset sale, your personal data may be transferred as part of that transaction. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.
3. Legal Obligations: We may disclose data as required by law, court order, a competent authority, or legal proceedings in which we are or may be involved (e.g., a court or government agency).
4. Consent: We may Disclose information to a third party who is your End Customer, employee, or other, per your written or behavior approval.

9. Our Affiliates
   1. Our Management Tools and Services need the support of information storage services, research, analysis, and statistics, in order to improve your experience of them. Therefore, we may share information with suppliers and subcontractors that provide these kinds of services (hereinafter: "Affiliates"). You can see an updated list of our sub-processors here: https://www.ty-gpt.com/sub-processor-list
   2. Our Affiliates must comply with the provisions of this Privacy Policy. They are prohibited from sharing the User Information with any other third party, and they may not use the information themselves without obtaining express consent from us.
   3. Upon termination of the Affiliates services to us, they are required, inter alia, to return to us any relevant information they obtain from us or the User, and if instructed to do so, to delete all said information.
10. Your Choices About Your Information

As a data subject under GDPR, you and your customers have the following rights regarding your personal data:

1. Right to Access: You can request access to the personal data we hold about you. This includes information on how we process your data and a copy of the data itself.
2. Right to Rectification: You have the right to request corrections or updates to any inaccurate or incomplete personal data we hold about you.
3. Right to Erasure: You can request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.
4. Right to Restriction of Processing: In certain circumstances, you have the right to request that we limit the processing of your personal data.
5. Right to Data Portability: You can request that we provide your personal data in a structured, commonly used, and machine-readable format so that you can transfer it to another data controller.
6. Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or if the processing is based on legitimate interests.
7. Right to Withdraw Consent: If we are processing your data based on your consent, you have the right to withdraw that consent at any time.

11. International Data Transfers

Your personal data may be transferred to—and maintained on—computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ from those in your jurisdiction.

If you are located in the European Economic Area (EEA), we will take all necessary steps to ensure that your data is handled securely and in accordance with this Privacy Policy. This includes ensuring that adequate safeguards are in place, such as standard contractual clauses or other lawful mechanisms recognized by GDPR.

12. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we discover that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this policy. If the changes are significant, we may also notify you by email or by displaying a prominent notice on our website before the change becomes effective.

Your continued use of our services after the update will signify your acceptance of the updated terms.

14. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

• Email: help@ty-gpt.com
• Postal Address: Rotschild 3, Tel Aviv, Israel
• Data Protection Officer (DPO): Tamir Bashkin
• Last Updated: 15.10.24

‍

‍