Introduction (Effective October 18, 2021)
Our principle guidelines are simple. We will be clear about the data we collect and why. We do not and will not sell your data to third parties. The prime purpose of collecting your data is to assist you in transporting your personal property items. Whether we are processing item transport requests to tracking items at Gitback partner properties, updating you on the status of your requested service, or facilitating quick transport of your Gitback shipment, our aim is for you to receive service to your items as effortlessly as possible.
IMPORTANT INFORMATION (EU AND CALIFORNIA USERS)
To manage your privacy options please click here. EU Users Who We Are For the purpose of the GDPR, and depending on the specific Personal Information of interest, the data controller of your specific Personal Information of interest is either the Gitback Partner with whom your data was entered and stored, or Gitback, Inc. of 3352 Goni Rd. #161, Carson City, NV 89706. You may contact our data protection officer at support.
Sale of Personal Data You may opt out of all sales of your Personal Information. We never exchange Personal Information for money or any other consideration (e.g., trade it for free services). However, the CCPA’s definition of “sale” is very broad, and may include situations where, for example, browsing data is sent to a third party. We, along with millions of other sites, use these services. We limit the information sent to what is needed to properly fulfill our contractual obligations.
The Types of Personal Information
We Collect Information you provide to us:
We collect information from you directly that you , such as your name, phone number, mailing address, and email address; for instance, when you want to submit a request for service to your item or when you contact our Customer Care department for assistance with your service request. Information we collect automatically: We automatically collect information about you, such as data about your use of Gitback Service. We may, for example, collect information about the type of device you use to access our websites, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the webpages you view on our websites, and whether and how you interact with content available on our websites. Information obtained from other sources: We may receive information about you from other sources, including third parties, such as Gitback partners and partners with whom we offer co-branded services or engage in joint marketing activities. We may also receive information about you from Gitback partner websites, for instance, when you interact with us on those sites.
We protect data obtained from third parties according to the practices described in this Policy and we also apply any additional restrictions imposed by the source of data. Information of children: Gitback does not target and is not intended to attract children under sixteen. Although visitors of all ages may navigate through our websites or use our app, we do not knowingly collect or request personal information from those under the age of sixteen without parental consent. If, following a notification by a parent or guardian or discovery by other means, a child under sixteen has improperly accessed or used our Services by using false information, we will delete the child's personal information from our records.
Customer Interactions with Gitback:
To make the information in this Policy easy to understand, we have highlighted different occasions when Gitback could potentially collect personal information from Customers. The Customer interactions with Gitback are broken down into the following segments: Learning about Gitback As you gather more information about Gitback, you may virtually physically visit or interact with a site that we own or operate. Examples include browsing our website, calling our in-house sales representatives, or attending Gitback-sponsored events. To learn more about Gitback Services, you may voluntarily provide personal information, such as your name and email address during these interactions. We may also collect information about you online when you visit our websites.
We collect: name, email address, and IP address.
Why: We use this information to share news about events, products, and services offered by Gitback. Additionally, the IP address helps us to understand geographic information about our websites’ visitors better so that we can improve our websites for everyone. It is our legitimate interest to process your personal data for these purposes.
Shipping and processing your item(s): When you submit a request for service, we require certain information to process your request. You may voluntarily provide personal information such as your first name, last name, and street address. We collect: first name, last name, street address, city, state, postal code, country, phone number, and email address.
Why: We use this information to attempt to provide our services, to maintain a record of your requested service during the process, to communicate with you during the process, to verify your identity as part of maintaining the integrity of the system, and to ship your items to your location. Processing your personal data for these purposes is necessary for the performance of the agreement we have with you. Adding to a service request: Gitback or a Gitback partner may ask you to provide additional information relating to your request for service at a Gitback partner property as part of the service provider network process.
We collect: guest room, check-in date, check-out date, visit date, and service requested details. Why: We use this information to help us in providing the requesting services for purposes of accurately and timely performing the request service.
Making a Shipping Payment Once the requested service is completed for the property item(s), and you have decided to have the property transported via a shipping service, we offer a way for Customers to pay for and initiate shipping directly through the Gitback Service. When doing so, you will be asked to provide information so that we can complete your shipment. We collect: your name, phone number (optional), email address, delivery/shipping address, and payment information (like your bank account or credit card information).
Why: We use this information to complete your transaction, follow up with you about your shipment, help with any delivery issues, and other issues related to the shipping of your item. Processing your personal data for this purpose is necessary for the performance of the agreement we have with you. Please note, we do not store any payment or credit card information. We only use payment information in order to facilitate the processing of shipping payments via a PCI-compliant third party payment service.
Getting Help from Gitback and Gitback Partners: From time to time, you may decide to contact our customer care department for assistance with the search and recovery process. To be able to offer you the best service possible, we may collect certain data from you.
We collect: This may include contact information, such as your name, email address, phone number, and the content of your chats and other communications with Gitback customer care or Gitback partners.
Why: We collect this information to give you the best and most efficient customer support possible. For instance, for Customer inquiries and technical questions, we use contact information to respond to the Customer in their preferred channel (e.g., phone or email).
For shipping issues, we use contact information to ensure successful recovered item receipt and/or delivery. Processing your personal data for this purpose is necessary for the performance of the agreement we have with you.
How We Use Personal Information
Gitback uses the data we collect to provide you with the Services we offer, which includes using data to improve your experiences. We also use the data to communicate with you, for example, informing you about your item search and recovery status, new Services available, security, and other types of updates. Gitback uses the data for the following purposes:
Providing our Product Experience We use data to provide, operate, support and improve the Services we offer to ensure our Customers can receive service to their items effortlessly as possible. This processing is necessary for the performance of our agreement we have with you.
Customer Support We use data to respond to Customer inquiries, diagnose problems using the Services, address shipping issues, and provide other Customer Care and support services. This processing is necessary for the performance of our agreement we have with you, as well as to serve our legitimate interest.
Service Improvement We continually use data for research purposes and to develop and improve the Services, including maintaining and improving the performance of our Services, developing and adding new features or capabilities, such as using verification to improve security, and using usage data to determine what new features to prioritize. This processing is necessary to serve our legitimate interest.
Security, Safety and Dispute Resolution We use data to protect the security and safety of the Services and our Customers, to detect and prevent fraud, to resolve disputes and enforce our agreements. This processing is necessary to serve our legitimate interest.
How We May Share Personal Information
Gitback does not and will not sell personal information about our Customers. We only disclose your data as described in this Policy. We may share information with the following types of third parties.
Third Party Vendors Gitback uses two types of third-party vendors to carry out shipping services. These include shipping providers and credit card processors. We only share your personal data as necessary, such as to complete a transaction or to provide a Service you have requested or authorized and only with vendors or agents working on our behalf for the purposes described in this Policy. In this case, your personal information will be shared with these agents or contractors but only for the purpose of performing services on behalf and under instructions of Gitback and in accordance with this Policy. It is our legitimate interest to share information with these parties for these purposes.
For questions about third-party vendors, please send an email to support.
Gitback Partners We share information with Gitback Partners as part of providing the specified service process. Gitback neither controls the custody, location or service of the item(s). These are controlled by the Gitback Partner, making it necessary for Gitback to share personal information with them as part of the servicing and shipping processes. Sharing information with Gitback Partners for this purpose is necessary for the performance of our agreement we have with you.
Compelled Disclosure When legally required, strictly necessary for the performance of the services or to protect our rights, or the rights of our affiliates or users, we disclose your personal information to law enforcement authorities, investigative organizations, our affiliates or in legal proceedings.
Sale or Merger We may share your personal information in the event of a merger, acquisition, or sale of all or a portion of our assets. Of course, we shall notify you via email and/or a prominent notice on our website and inform you of your rights.
The Legal Bases for Using Personal Information
There are different legal bases that we rely on to use your personal information, namely:
Performance of a contract The use of your personal information may be necessary to perform the agreement you have with us. For example, to process your submission of a service request to your item, to provide service to items at Gitback partner locations, or to initiate shipment of an item to a location designated by you, to help with delivery issues, and to respond to your requests.
Legitimate interests We may use your personal information for our legitimate interests. For example, we rely on our legitimate interest to analyze and improve Gitback Services, to send you notifications about Gitback Services, or to use your personal information for administrative, fraud detection or legal purposes. Where we process your personal information based on our legitimate interest and no opt-out mechanism is available to you on our website, you may exercise your right to object by sending an email to support.
Security, Storage and Retention of Personal Information
We Collect Security Gitback is committed to protecting the security of your personal information. However, while we take reasonable precautions to guard the personal information we collect, no security system is impenetrable. We use a variety of appropriate technical and organizational measures and industry standards to protect your personal information and help prevent information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. We ensure that our data center has adequate security measures. Additionally, your data is protected with encryption, such as Transport Layer Security (TLS), during transmission over the Internet. Moreover, your password is stored using one-way hash, which means that it cannot be recovered (or disclosed) by anyone, including Gitback (it can only be reset). You can only access your transaction report information and our Service through the use of an individual user login and password. To protect the confidentiality of your personal information, you must keep your password confidential and not disclose it to any other person. Please alert us immediately if you believe your password has been misused. Additionally, always log out and close your browser when you finish reviewing or updating your item report. Please note, we will never ask you to disclose your password. If you have any questions about the security of your personal information, you can contact us at support.
Personal data collected by Gitback may be stored and processed in your region, in the United States (for instance in our data centers), or in any other country where Gitback or Gitback partners are located or maintain facilities. Gitback has put in place adequate mechanisms to protect personal information when it is transferred internationally, for example by using the Standard Contractual Clauses as approved by the European Commission. Retention
Your Rights and Choices
We want you to be in control of how your personal information is used by us. Subject to local law, you can do this in the following ways:
- you can ask us for a copy of the personal information we hold about you;
- you can inform us of any changes to your personal information, or if you want us to correct any of the personal information we hold about you;
- in certain situations, you can ask us to erase, block or restrict the personal information we hold about you, or object to particular ways in which we are using your personal information; and
- in certain situations, you can also ask us to send the personal information you have given us to a third party. Where we are using your personal information on the basis of your consent, you are entitled to withdraw that consent at any time.
Moreover, where we process your personal information based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal information. We rely on you to ensure that your personal information is complete, accurate and current. Please inform us promptly of any changes to, or inaccuracies of, your personal information by contacting support. We will respond to your request as soon as possible but certainly within 30 days. We are committed to working with you to obtain a fair resolution of any complaint or concern you may have about our use of your personal information. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to lodge a complaint with the data protection authority in your country (if one exists in your country) or supervisory authority. Rights for EU and California Users Only The GDPR and CCPA grant EU and California residents certain rights regarding their Personal Information, including the right to access and modify Personal Information held by providers (like us), and to have providers “forget” Personal Information that is no longer relevant. You may always contact us for assistance in exercising these rights. Please include information about which rights you are seeking to exercise if you contact us. We may need to verify your identity before fulfilling your request. It should not need to be said, but we will never provide worse services to, or in any way punish anyone who chooses to exercise these rights.
You have the following rights with respect to your Personal Information that we process. Except where indicated, these rights apply equally to EU and California users:
Withdraw Consent: You may withdraw your consent to our processing of your Personal Information, in whole or in part (i.e., for marketing purposes). Certain Services may be ineffective upon opt out.
Access / Request Information: You may access the Personal Information we hold about you at any time by contacting us directly.
Modification: You may modify the Personal Information we hold about you at any time via by contacting us directly.
Erase and Forget. In certain situations, for example when the Personal Information we hold about you is no longer relevant or accurate, you can request that we erase your Personal Information. If you delete your account, all Personal Information will be erased within thirty days of the date of deletion.
Portability: you may request a copy of your Personal Information and may always move it to other entities as you desire.
No Sale of Personal Data (California Users only): Go to the Do Not Sell My Personal Information page to stop all “sale” of your Personal Data.
See above for more information about how this works.
ACCESS TO SPECIFIC INFORMATION AND DATA PORTABILITY RIGHTS
You have the right to request that Gitback disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
The categories of personal information we collected about you.
The categories of sources for the personal information we collected about you. Our business or commercial purpose for collecting or selling that personal information.
The categories of third parties with whom we share that personal information.
The specific pieces of personal information we collected about you (also called a data portability request).
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
sales, identifying the personal information categories that each category of recipient purchased; and disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
DELETION REQUEST RIGHTS
You have the right to request that Gitback delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities. Debug products to identify and repair errors that impair existing intended functionality. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.). Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us. Comply with a legal obligation. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
EXERCISING ACCESS, DATA PORTABILITY, AND DELETION RIGHTS
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by contacting us at: You can always send us a message to support or contact our Customer Care team or
3352 Goni Rd #161
Carson City, NV 89706
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
RESPONSE TIMING AND FORMAT
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
PERSONAL INFORMATION SALES OPT-OUT AND OPT-IN RIGHTS
If you are 16 years of age or older, you have the right to direct us to not sell your personal information at any time (the “right to opt-out”). We do not sell the personal information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer who is between 13 and 16 years of age. Consumers who opt-in to personal information sales may opt-out of future sales at any time. If you wish to exercise any of these rights, please contact us at support, or write us at the address below. In your request, please make clear:
(i) what Personal Information is concerned; and
(ii) which of the above rights you would like to enforce.
For your protection, we may only fulfil requests with respect to the Personal Information associated with the email address you send your request from, and we will need to verify your identity before doing so (which is typically done by having you make the request from within the Services). We will comply with your request promptly, but in any event within thirty (30) days of your request (forty-five (45) days for requests under the CCPA). We may need to retain certain information for recordkeeping purposes or to complete transactions that you began prior to requesting such change or deletion. We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt-in consent, which you may revoke at any time.
OTHER CALIFORNIA PRIVACY RIGHTS
California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write or email to us at:
Customer Support or
3352 Goni Rd #161
Carson City, NV 89706
Your Choices Transaction Service Request If you wish to access, edit or remove Service Request information, change your password, close your item Service Request, or request deletion of your personal data, you can do it by sending a message to support. We will respond to any request to access or delete your personal data as soon as possible but certainly within 30 days. Your Communication, Marketing and Advertising Preferences You can opt out of receiving direct marketing communications from Gitback by following the instructions included in every email sent to you via the “Unsubscribe” tab. We respect your choice, and we will stop sending you promotional emails once you unsubscribe. Please note we will continue to communicate with you regarding changes to terms and conditions, policy updates, Gitback Service updates, routine customer service messages such as information about current or past reports, shipping activity, service interruptions, data breaches, or other significant information about the service.
How to Contact Us
What is the GDPR?
The GDPR is a regulation intended to strengthen and unify data protection for everyone within the European Union (EU). And because we believe that all our customers can benefit from its mandates, we're implementing it globally. The GDPR requires greater openness and transparency from companies on how they collect, store and use personal data, while also imposing tighter limits on the use of personal data. You can learn more here.
What is the CCPA?
On June 28, 2018, Governor Brown signed Assembly Bill 375, now known as the California Consumer Privacy Act of 2018, which grants consumers new rights with respect to the collection of their personal information. The California Attorney General’s Office will be promulgating regulations and soliciting broad public participation to further the purposes of the CCPA. The regulations aim to establish procedures to facilitate consumers’ rights under the CCPA and provide guidance to businesses for how to comply. You can learn more here.
What information does Gitback collect about me?
Gitback collects your first name, last name, street address, city, state, postal code, country, phone number, email address, guest room, check-in date, check-out date, visit date, property details, delivery/shipping address, payment information, and the content of your chats and other communications with Gitback customer care or Gitback partners.
Why does Gitback need my information?
Gitback uses the data we collect to provide you the best experience within the services we offer, which includes using data to improve your experiences. We also use the data to communicate with you, for example, informing you about your Gitback shipment, new services available, security, and other types of updates.
How is my information used?
Gitback uses the data we collect for the following purposes:
- Service Improvement
- Future Service Development
- Customer Support
- Security, Safety, and Dispute Resolution
- Business Operations
- Communications and Marketing
How does collecting my information help Gitback improve its services?
We use the information to make sure that we are efficiently expediting the service to your shipped items. We also collect service error information, so we can make improvements to eliminate potential bugs and problems. And finally, understanding how and when our customers collectively use our service helps us design new ways to improve the Gitback service.
Does Gitback sell information to third parties?
No. We never have.
Can I opt out of sharing my information to Gitback?
Yes, you can opt out of submitting certain types of personal information to Gitback, but because Gitback only collects data related to transport of your property, the decision not to submit this information may impact Gitback’s ability to provide efficient and effective services.
How do I delete my personal data from Gitback and what are the consequences?
You can always send us a message to support or contact our Customer Care team and request that your data be deleted. Please note, however, that by deleting your personal data, we will be unable to provide further services, tracking, or support for the associated property items.
Does Gitback keep or share my credit card information?
We do not keep your credit card information. It’s only used to process your payment at the time of purchase. It is shared with a PCI-compliant credit card processor, but only for processing a single transaction a token representing your credit card may be stored to expedite future transactions.
What information gets shared with Gitback Partners?
We work closely with Gitback partner controlling the locations where property item shipment is initiated, and where they are acting as the custodian of these items. We will share personal information and other information associated with a request for service in an effort to work with them to expedite the transport of your property item.
How long does Gitback keep my information?
Gitback retains personal data for as long as necessary to provide the services, and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly.
How is information stored and secured on Gitback’s servers? Gitback is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. Any data we transmit over the internet is protected using encryption.
Is Gitback using cookies or pixels to gather information?
Does Gitback use interest-based advertising?
No. We do not deliver internet-based advertising.
What safeguards are in place for children who have access to Gitback services?
Gitback does not target and is not intended to attract children. Gitback does not knowingly solicit personal information from children or send them requests for personal information. Although visitors of all ages may navigate through our website, we do not intentionally collect personal information from persons under the age of sixteen. If following a notification by a parent or guardian, or discovery by other means, that a child under sixteen has improperly accessed or used the site, we will delete the child's personal information from our records.
If you have any questions about the use of your personal information, please send a message to support.