GIMI Privacy Policy

Introduction

Gimi is a platform built to foster creativity and visibility by enabling users to submit, showcase, and engage with digital content in dynamic and collaborative ways. As part of this mission, we collect and process certain personal information to deliver and improve our services.

We are committed to being transparent about how we use your data and to protecting your privacy every step of the way.

This Privacy Policy applies whenever you use Gimi’s services (the “Services”), including our website and platform. It explains how we collect, store, use, disclose, and protect your personal information. Please read it carefully before using the Services.

If you have any questions, comments, or concerns regarding this Privacy Policy or our data practices, don’t hesitate to contact us through the details provided in the “Contact Us” section below.

Definitions

• Anonymisation – The processing of Personal Data in such a way as to ensure that the Data Subject is no longer identified or identifiable. To determine whether a Data Subject is identifiable, account should be taken of all the means reasonably likely to be used either by the Controller or by any other person to identify that person.
  
  
• Pseudonymisation – The processing of Personal Data in such a manner that the personal data can no longer be attributed to a specific Data Subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
  
  
• Controller – The legal entity which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
  
  
• European Data Protection Law – The EU General Data Protection Regulation 2016/679 (“GDPR”), and its national implementing legislation and data protection/privacy laws applicable in the countries of the European Economic Area (“EEA”).
  
  
• Personal Data – Any information relating to an identified or identifiable (“Personally Identifiable Information” or PII) natural person (“Data Subject” or “you”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
  
  
• Processor – The legal entity which processes Personal Data on behalf of and under the instructions of the Controller.
  
  
• Retention Period – The period of time for which Personal Data has to be or can be stored, considering legal requirements (including privacy aspects) as well as the Company’s economic and business needs.
  
  
• Sensitive Personal Data (or Sensitive Data) – Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data processed solely to identify a human being, health-related data, or data concerning a person's sex life or sexual orientation.
  
  

Legal Framework

Your personal data is processed in a manner that ensures compliance with the applicable legislation, including the GDPR and other relevant privacy laws as referred to herein.

Who is responsible for this website?

TQOE Lda. (“Gimi”), Edifício Diogo Cão, Doca de Alcântara Norte, 1350-352 Lisboa, Portugal, is responsible for the website/platform Gimi.app (the “Website”). This Privacy Policy applies to your use of the Website and its sub-domains and related contents (collectively, our “Services”).

Who is responsible for the processing of your personal data?

TQOE Lda. (“Gimi”) is the Controller of the Personal Data we collect and process about you on the Website.

What personal data do we collect?

Under the applicable data protection laws, we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights.

We will only process your Personal Data if at least one of the following legal bases applies:

• when necessary to perform our Terms and Conditions or to provide you with the Services;
  
  
• where you have consented to the processing (you may revoke consent at any time);
  
  
• when necessary for us to comply with a legal obligation, a court order, or to exercise or defend legal claims;
  
  
• where you have made the information manifestly public;
  
  
• where necessary in the public interest; and
  
  
• where necessary for the purposes of our legitimate interests or those of a third party.
  
  

When we collect Personal Data to send you promotional messages (including information about new or additional products, services, and opportunities available to you), we will first obtain your consent.

We only collect the personal data that we consider essential for you to access and enjoy our Website/Platform and related services and products.

The data we collect about you on our Platform includes:

• Identifiable data: first name, last name, username or similar identifier, date of birth, and gender.
  
  
• Contact details: billing address, delivery address, email address, and phone number.
  
  
• Financial data: bank account and credit card information (if you purchase a product), as well as information needed to manage your wallet and IP Credits on our Platform.
  
  
• Connection and location data: Internet Protocol (IP) address, browser type and version, general location, operating system, and platform.
  
  
• Data related to your interactions with us: feedback you provide; your interests and preferences; and your responses to surveys.
  
  
• Usage data: information about how you use our Website, products, and services.
  
  

Opting out of promotional communications from Gimi

You can unsubscribe from promotional emails by clicking the “unsubscribe” link in the email or by adjusting your account settings. You can opt out of mobile push notifications in your device’s settings. You can opt out of SMS text communications by replying “STOP” to any such message.

Your unsubscribe request or email preference change will be processed promptly (and in any event within ten business days). During that processing period, you may still receive additional promotional emails from us.

If you want to stop receiving push notifications (messages an app sends to your mobile device even when the app is not open), you can turn off push notifications in your device’s settings.

Please note that if you opt out of receiving promotional communications from us, we may still need to communicate with you for non-marketing reasons. For example, we might send you information about services you are currently using, request information from you regarding a transaction you initiated, or notify you of important updates to this Privacy Policy or our Terms of Use when required by law.

How do we collect your personal data?

We collect your Personal Data directly from you when:

• you visit and/or register on our Website;
  
  
• you interact with us electronically;
  
  
• you submit content (such as posts, works, or comments) on our platform;
  
  
• you respond to our surveys or promotions; or
  
  
• you communicate with us (for example, via email or support messages).
  
  

We may also collect publicly available information about you, as well as any additional information you choose to share with us in your communications.

Note: If you submit another person’s personal information on the Website, you are responsible for ensuring that you have that person’s consent to disclose and process their information in accordance with this Policy.

For which purposes do we process your data?

We process your Personal Data for the following purposes:

• To provide our services, products, and related content to you.
  
  
• To manage and ensure the proper functioning of our platform.
  
  
• To process payments and transactions.
  
  
• To investigate and address any complaints or issues.
  
  
• To improve and enhance our services.
  
  
• To send you promotional messages and inform you about new or additional products, services, and opportunities available to you (with your consent, where required).
  
  

We will only collect and use information that is necessary for the above purposes and in accordance with the applicable legal bases, or information that you choose to provide to us.

For example, if you make a purchase on our Platform, our third-party payment processor will collect the billing and financial information required to process your payment on our behalf.

How do we handle children’s data?

We care deeply about making sure children are safe online. Regardless of local legislation, children under the age of 16 are not allowed to use our Website.

If you have reason to believe that a child has provided personal information to us, please contact us at support@Gimi.app. We will use commercially reasonable efforts to delete such personal information.

Cookies

We use cookies on our Website. Cookies are small text files that a website uses to recognize you when you return and to store details about your use of the site.

A cookie is a small piece of data that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and are called first-party cookies. We also use third-party cookies – cookies from a domain different than the domain of our Website – for advertising and marketing purposes. More specifically, we use cookies and other tracking technologies for the following purposes:

We may also use third-party cookies and web beacons on our site to deliver advertisements to you on third-party sites. Cookie information can help us know when you return to our site after visiting third-party sites. Additionally, we use analytics services to help analyze how users use our site.

Please be aware that blocking some or all cookies may affect the functionality of our Website.

Strictly Necessary Cookies

These cookies are necessary for the Website to function and cannot be switched off in our systems. They are usually set only in response to actions you take that amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms. You can set your browser to block or alert you about these cookies, but if you do so some parts of the site will not work. These cookies do not store any personally identifiable information.

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us understand which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site and will not be able to monitor its performance.

Functional Cookies

These cookies enable the Website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. These cookies do not store directly personal information, but they work by uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Whom do we share your data with?

Within the Gimi platform, certain personal data may be visible to other users and collaborators. Specifically, your username, wallet address, and any content contributions you make may be accessible to others on the platform.

We also use external service providers or intermediaries (such as Google, Meta, and other third parties) to provide you with convenient login options and additional functionalities. We may partner with third parties for purposes such as fraud prevention, payment processing, or compliance with legal obligations, which may involve these parties processing certain personal data on our behalf. These entities will only process Personal Data for the purposes expressly outlined in this Privacy Policy and are bound by strict contracts to protect your information.

Please note that these providers will not use your personal data for their own independent purposes, but solely to provide services that help us deliver the platform and services to you, consistent with this Privacy Policy. We only engage with service providers that implement adequate technical and organizational measures and can ensure compliance with applicable data protection laws.

International transfers

If we transfer your Personal Data to another country, we will do so in accordance with the law and will ensure your information remains protected.

In particular, when transferring Personal Data to countries that are not deemed to have adequate data protection laws, we rely on approved safeguards under the GDPR (such as standard contractual clauses or equivalent measures) to ensure your Personal Data is protected.

California residents – California Privacy Rights Act

If you are a California resident, you have specific rights under the California Privacy Rights Act (CPRA). You may request a list of the categories of Personal Data we have disclosed to third parties for direct marketing purposes, along with the identities of those third parties. To make such a request, please contact us using the information in the Contact Us section with the subject line “California Privacy Rights Act.” We do not sell personal data to third parties. If you exercise your rights under California law, we will not treat you differently (for example, we will not charge you different prices or provide a different quality of services) as a result of your request.

Once we receive a verifiable request, we may ask for information to confirm your identity (to ensure that we are providing information to the correct person). If you use an authorized agent to submit a request, we may request proof that the agent has written permission to act on your behalf.

What happens if the Company is sold to another organization?

If the Company is sold to or merged with another organization, that new organization will become responsible for determining the purposes and means of processing personal data (in other words, it will become the new Data Controller for your Personal Data).

If such a change in ownership occurs, we will notify you by providing an updated version of this Privacy Policy or via other appropriate means, so you remain informed about who is handling your personal data.

For how long will we retain your Personal Data?

We aim to build long-lasting relationships with our users. Your account (and associated Personal Data) will remain active for up to 6 months following your last interaction with our Website. If your account is inactive for that period, we will notify you to ask whether you wish to keep your account active before taking steps to close it.

If you request deletion of your data or account, your Personal Data will be retained for up to 3 months in our backup systems after deletion, and then removed from our active databases.

In some cases, we may need to retain certain Personal Data for longer periods to comply with our legal and regulatory obligations, resolve disputes, or enforce our Terms of Service.

We may also retain data that has been anonymized (so it no longer identifies you) indefinitely for purposes such as research or statistical analysis.

What are your rights?

As a data subject, you have the following rights regarding the Personal Data we hold about you:

• Right to be informed: You have the right to clear and transparent information about how we use your personal data (which is why we provide this Privacy Policy).
  
  
• Right of access: You can request a copy of the personal data we hold about you.
  
  
• Right of rectification: You have the right to have your personal data corrected if it is inaccurate or incomplete.
  
  
• Right to erasure (“right to be forgotten”): You can request that we delete your personal data. Note that this right is not absolute – we may have legal or legitimate grounds to retain certain data despite your request.
  
  
• Right to object (and withdraw consent): You can object to certain processing of your data, such as direct marketing. Where we rely on your consent to process data, you can withdraw that consent at any time. (Withdrawing consent will not affect the legality of any processing we carried out before you withdrew it.)
  
  
• Right to data portability: You have the right to receive personal data that you have provided to us in a structured, commonly used, machine-readable format, and to have that data transmitted to another organization, where applicable. (This right applies to data processed by automated means, based on your consent or on a contract.)
  
  
• Right to restrict processing: You can ask us to suspend processing of your personal data in certain circumstances – for example, if you contest the accuracy of the data or have objected to processing and we are evaluating the request.
  
  
• Right to lodge a complaint: If you believe your data protection rights have been violated or your personal data has been used in a way that is not consistent with applicable law, you have the right to file a complaint with your country’s Data Protection Authority or other relevant supervisory authority.
  
  

How do we ensure the security of your data?

We implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and security of your Personal Data. These measures are designed to protect your data against unauthorized access or disclosure, as well as against accidental or unlawful destruction, loss, or alteration of your information.

Any third-party service providers that process Personal Data on our behalf are required to adhere to equivalent security standards and will only process data based on our instructions.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices or legal requirements. We encourage you to review this Policy periodically. If we make significant changes, we will notify you directly (for example, by email or through a prominent notice on our Website) to explain any updates.

Contact Us

If you have any questions about this Privacy Policy or if you wish to exercise any of your rights regarding your personal data, please contact us using the information below:

TQOE Lda. (“Gimi”)
Edifício Diogo Cão (CCA Firm), Doca de Alcântara Norte
1350-352 Lisboa, Portugal
Email: support@Gimi.app