Privacy Notice

Last modified: 15 March 2021

Protecting your personal information is of the utmost importance to us. Therefore, we only use your data in strict compliance with applicable data protection principles, including but not limited to the provisions of the EU General Data Protection Regulation (“GDPR”).

Gazette is a privacy-first product. Individual email content and metadata is only ever processed on your device, we never have access to your emails. We only process and store on our servers Gazette-specific metadata (such as message progress, done status, and bookmark status) as well as information about discovered newsletters, including sender information.

Please review this privacy notice carefully, and do not hesitate to contact us at privacy@gazette-app.com if you have any questions.

1. Introduction

This Privacy Notice informs you how we, Periply UG (haftungsbeschränkt) (“we”, “us”, “our”) collect, process and protect your personal data through the use of our app, products, services, technologies or features, and all related webpages, applications and services (collectively referred to as the “Services”). Personal data is any information that allows an individual to be identified directly or indirectly.

This privacy notice forms part of our Terms of Service. Before we collect or process any of your personal data, you declare by means of a simple notification (for example, a checkbox in the app or on the website) that you have read this notice and expressly consent to the handling, use and disclosure of your personal data as set out in this notice.

You have various rights in relation to your personal data, including the right to selectively object to the use of data, particularly for advertising purposes. More details on your rights can be found below.

1.1 Contact information and Data Privacy Officer

Our address and contact for our Data Privacy Officer is: Periply UG (haftungsbeschränkt), Rostocker Str. 17, 10553 Berlin, Germany. You can reach us at this address or via email at privacy@gazette-app.com.

2. Personal data we collect

When you interact with our Services, we may collect the following personal data:

  • Account information: We collect your name and email address, profile picture, as well as the language used when creating an account to use the Services.
  • Gazette-specific email metadata: We collect email metadata of emails in your inbox that is Gazette-specific and/or necessary to synchronize your Gazette settings across devices (e.g., sender, read/unread status, bookmarked status, progress, Newsletter settings). We do not store, process or have access to email contents.
  • Log and access data: Whenever you access our Services, e.g. by using our website or app, the following data may automatically be processed and temporarily stored until automatically or manually deleted: your IP address, information about your hardware and software used to access the Services (e.g., phone model, browser or app version), date and time, an identifier for the resources that were accessed.
  • Usage information: We collect, process, and store information about how you use our Services, including the following data: your IP address, information about your hardware and software used to access the Services (e.g., phone model, browser, operating system or app version), date and time, actions taken in the Services. This information is used exclusively to continuously improve the offerings of our Services, and only if you explicitly separately consent to that.
  • Cookies: For more information about how we use Cookies, please see the respective section below.

2.1 Data retention

We will retain your personal data only for as long as necessary to provide you with our Services and comply with legal or regulatory requirements. Specifically, when you delete your account on our Services, we will delete all personal data linked to this account within 30 days, unless we need to retain it for a longer period of time to comply with legal or regulatory requirements. For example, we may have to retain transaction information for tax audits.

3. Purposes for which we process data

We process your personal data for our legitimate interests in conducting our business and establishing and developing a business relationship with you. We will not use your personal data for activities where our interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, unless you have given us consent to the processing or those activities are otherwise required or permitted by law.

Specifically, we process your data for the purposes outlined below:

  • Providing our services: To provide you with our Services, including but not limited to displaying email newsletters, synchronizing status across devices, discovering additional email newsletters in your email inbox, and providing you with notifications of new email newsletters.
  • Operating our services: To operate our Services, including but not limited to updating, ensuring security and safety, preventing fraud, criminal activity, identifying and remedying operational issues, and providing support.
  • Relationship management: To manage our relationship with you, including sending you administrative, legal, technical, or security notices.
  • Product improvement: To continuously improve and further develop our Services.
  • Personalization: To personalize our Services and make recommendations.
  • Operating our business: To operate our business, including meeting legal obligations, protecting our rights, privacy, safety or property as well as those of you or our affiliates, as well as measuring and managing business performance.

4. Reasons we share and disclose data

We may share your personal data with your consent or as necessary to provide any transaction you have requested or authorized or to provide our Services, without further notice to you, for the following reasons:

  • Vendors and agents: To assist us in providing our Services and meeting operational needs, we may share personal data with vendors and agents working on our behalf, for example, to provide web hosting, databases, push notifications, product analytics, operational monitoring and debugging, payment processing, relationship management, and customer service. These parties may access, process, or store personal data in the course of performing their duties to us and pursuant to our instructions. These parties are not allowed to use the personal data for any other purpose.
  • Corporate transactions: We may disclose personal data as part of a corporate transaction such as a merger or sale of assets.
  • Legal and regulatory requirements: We may retain, share, or disclose Personal Data if we have the good faith belief that such action is necessary to:
    1. comply with applicable laws and regulations or respond to valid legal process,
    2. protect our rights and property, including protection against legal liability,
    3. protect our customers, e.g., by preventing fraud, or to help prevent the loss of life or serious injury of anyone, or
    4. operate and maintain the security of our Services, including to prevent or stop an attack on our computer systems or networks.

5. Data transfers

In line with the purposes for data processing as well as the reasons to share and disclose data described above, personal data may also be transferred to recipients located outside the European Union or the European Economic Area. This applies in particular when we work with vendors and agents to assist us in providing our Services and meeting operational needs, e.g. for hosting, database, and analytics service providers. We make absolutely sure that these recipients guarantee data protection standards equivalent to those of the GDPR and that they comply with the applicable directives. Therefore, we have obtained suitable contractual guarantees from all vendors and agents, for example based on the standard contractual clauses of the European Commission.

6. Your rights

You are entitled to the following rights in relation to your personal data, provided the respective legal conditions are met:

  • Right to withdraw consent (Art 7 (3) GDPR): If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
  • Right of access (Art 15 GDPR): If you ask us, we will confirm whether we process any of your personal data and provide you with access to that personal data as well as the information outlined in Art 15 GDPR.
  • Right to rectification (Art 16 GDPR): If you notify us that any of your personal data we process is inaccurate or incomplete, we will correct and/or complete it.
  • Right to be forgotten (Art 17 GDPR): You may ask us to erase your Personal Data, and we will do so without undue delay, if the one of the grounds laid out in Art 17 GDPR apply, for example, if you have withdrawn your consent and we have no other legal ground for processing your personal data.
  • Right to restriction of processing (Art 18 GDPR): You may ask us to restrict the processing of your personal data in certain circumstances.
  • Right to data portability (Art 20 GDPR): If you ask us, we will provide you with a copy your personal data in a structured, commonly used and machine-readable format, and you will have the right to reuse that data elsewhere, for example, by transmitting it to a third party.
  • Right to object (Art 21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is necessary for the purposes of the legitimate interests pursued by us or by a third party and for which you haven't given consent.

To exercise any of these rights, please contact privacy@gazette-app.com.

If you have a concern about our privacy practices, including the way we handled your personal data, you may also contact the supervisory authority responsible for us: Berlin Commissioner for Data Protection and Freedom of Information (Berliner Beauftragten für Datenschutz und Informationsfreiheit), Friedrichstraße 219, 10969 Berlin.

7. Cookies

Cookies are small pieces of information sent to your browser when you use our Services and stored on your device. Cookies do not interfere with the operation of the device in any way. We may use cookies on our website for the purposes laid out in this privacy notice, including but not limited to providing you with and improving our Services.

We use cookies for several purposes, including to make it more convenient for you to use our Services, for example, by remembering your identity when you log on to our Services. We also use cookies to analyze and generate aggregated statistics about how our Services are being used and how we might improve them.

Cookies are automatically deleted after a predefined period. You may also use the settings of your browser to entirely disable or selectively prohibit or delete cookies. However, disabling cookies completely may mean that not all features of the Services are available to you.

8. Children

Our Services are only available to users who are 18 years of age or older.

Protecting the privacy of children is of the utmost importance to us. We do not knowingly collect personal information from anyone under the age of 18. If you are under 18, you are not allowed to use our Services or send any personal data about yourself to us. In case we learn that we have collected personal data about anyone under the age of 18 without parental consent, we will delete that information as quickly as possible. If you believe that to be the case, please contact us at privacy@gazette-app.com.

9. Data security

We comply with industry standard practices for our infrastructure and the processing of personal data. Personal data we collect is encrypted in transit; our backend encrypts data at rest. All connections to our website and between the app and any backend services are encrypted using Transport Layer Security (TLS), a secure and proven standard to protect sensitive data in transit.

We also use suitable technical and organizational security measures to protect your personal data that we process against partial or complete loss, manipulation, and against unauthorized access. We continuously monitor our security measures and regularly adapt and improve them if necessary.

In the event that personal data is compromised as a result of a breach of security, we will promptly notify those persons whose personal data has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law.

10. Notifications

In the event that we need to notify you, whether required by law or for any of the purposes outlined in this privacy notice, we will notify you through the user interface of our Services, via email, written notice, or through conspicuously posting the notice on our website, as determined by us in our sole discretion to the extent permitted by applicable laws and regulations.

11. Changes to this privacy notice

Our Services and business, as well as the laws and regulations we operate under, may change over time. As a result, changes to this privacy notice may become required. If and when we change this privacy notice, we will post an updated version on this page, unless another type of notice is required by applicable laws and regulations. By continuing to use our Services or providing us with personal data after we have posted an updated version of the privacy notice and/or notified you if applicable, you consent to the new version of the privacy notice.