Privacy Policy

Privacy Policy

.

EFFECTIVE ON FEBRUARY 9, 2024

.

At EveryoneSocial, your privacy is of utmost importance. This Privacy Policy describes how EveryoneSocial collects, uses and discloses information, and what choices you have with respect to the information.

.

When we refer to “EveryoneSocial”, we mean Gravit, Inc. dba EveryoneSocial a Delaware corporation with an address of 215 W Sego Lily Dr. #708100 Sandy, UT 84070.

.

This Privacy Policy applies to you if you:

.

  • interact with any of EveryoneSocial’s websites or social media pages (“website users”);
  • attend or participate in an EveryoneSocial event (“event attendees”);
  • use the EveryoneSocial Employee Advocacy products or other EveryoneSocial products or services, including web applications, mobile applications, Application Programming Interface (API), and any other application and/or service providing the EveryoneSocial Employee Advocacy products or other EveryoneSocial products or services (collectively, the “EveryoneSocial Services”) (“end-users”). End-users include our customers’ employees and any users accessing the EveryoneSocial Services pursuant to our customers’ authorization;
  • are a customer of EveryoneSocial and the EveryoneSocial Services (“customers”)
  • engage with EveryoneSocial customer and end-user posts posted to social networks using EveryoneSocial Services (“social engagers”);
  • are a customer marketing prospect whose data EveryoneSocial processes for the purposes of assessing customer eligibility and as a potential customer of the EveryoneSocial Services (“customer prospects”); or
  • receive marketing or similar communications from EveryoneSocial (marketing prospects”).

.

This Privacy Policy applies to you irrespective of where you are located. There are additional parts of this policy that apply to you if you are a resident of the EU, UK, Switzerland or California. These additional parts do not apply to everyone.

 

Personal Data Collected by EveryoneSocial

 

Personal Data We Collect and Receive

.

The personal data that we collect about you broadly falls into the categories set out in the following table. Some of this information you provide voluntarily when you interact with the EveryoneSocial Services, or when you attend or participate in an event. Other types of information may be collected automatically from your device, such as device data and service data. From time to time, we may also receive personal data about you from third party sources (as further described in the table).

.

We may collect the following personal data about:

  • our website users;
  • our end-users;
  • customer prospects; and
  • marketing prospects.

.

Registration, contact and company information:

.

  • first and last name;
  • email address;
  • company name;
  • job title and role in your company;
  • phone number

.

Device data:

.

  • operating system type and version, manufacturer and model;
  • browser type, version and language;
  • IP address.

.

We may collect the following personal data about event attendees:

.

Registration, contact and company information:

.

  • first and last name;
  • email address;
  • company name;
  • job title and role in your company;
  • phone number;
  • mailing address.

.

We may collect the following personal data about our customers and end-users (to the extent applicable and in accordance with the consent process provided by your device):

.

Contact information:

.

  • first and last name;
  • email address;
  • company name;
  • job title, department and role in your company;
  • location, region and country.

.

Payment information:

.

  • credit card information;
  • billing and mailing addresses;
  • other payment-related information.

.

Device data:

.

  • operating system type and version, manufacturer and model;
  • browser type, version and language;
  • IP address.

.

Third party source data:

.

  • profile information gathered from connected social networking sites;
  • engagement analytics for posts using EveryoneSocial Services and for posts to connected social networking sites.

.

We may collect the following personal data from social engagers:

.

Professional information:

.

  • company name;
  • job title and role in company;
  • location, region and country.

.

.

Cookies and Other Tracking Technologies

.

EveryoneSocial uses cookies and similar technologies in the EveryoneSocial Services that help provide the EveryoneSocial Services. EveryoneSocial Services may also include cookies and similar tracking technologies of third parties, which may collect personal data. For more details about how we use these technologies, please see our Cookie Policy.

.

How and Why We Use Your Personal Data

.

We collect and process your personal data for the following purposes and, if you are from the European Economic Area (EEA), the UK or Switzerland, on the following legal basis:

.

  • Providing and facilitating delivery of the EveryoneSocial Services: We process your personal data to perform our Services and to fulfill our obligations under applicable contracts with customers, our user terms of service, and our other posted terms and policies. We also process your personal data in reliance on our legitimate interests to operate and administer the EveryoneSocial Services. For example, to create, administer and manage your account.
  • Communicating with you about EveryoneSocial Services and providing customer support: We may send you service, technical and other administrative messages in reliance on our legitimate interests in administering the EveryoneSocial Services. For example, we may send you messages about the availability or security of the EveryoneSocial Services. We also process your personal data to respond to your comments and questions and to provide customer care and support.
  • Sending marketing communications: We process your personal data to send you marketing communications via email, post or SMS about our products, services and upcoming events that might interest you in reliance on our legitimate interests or where we seek your consent. Please see the “Your Privacy Rights and Choices” section below to learn how you can control your marketing preferences
  • Managing event registrations and attendance: We process your personal data to plan and host events for which you have registered or that you attend, including sending related communications to you.
  • Maintaining security of the EveryoneSocial Services: We process your personal data to control unauthorized use or abuse of the EveryoneSocial Services, or otherwise detect, investigate or prevent activities that may violate EveryoneSocial policies or applicable laws, in reliance on our legitimate interests to maintain and promote the safety and security of the EveryoneSocial Services.
  • Carrying out other legitimate business purposes: We process your personal data to carry out other legitimate business purposes. These purposes include invoicing, audits, fraud monitoring and prevention.
  • Complying with legal obligations: We process your personal data when cooperating or complying with public and government authorities, courts or regulators in accordance with our obligations under applicable laws and to protect against imminent harm to our rights, property or safety, or that of our users or the public, as required or permitted by law.

.

In certain circumstances, we may collect your personal data on a different legal basis. If we do, or if we use your personal data for purposes that are not compatible with, or are materially different than, the purposes described in this policy or the described point of collection, we will explain how and why we use your personal data in a supplementary notice at or before the point of collection. Where we refer to legal basis in this section we mean the legal grounds on which organizations can rely when processing personal data.

.

Please note these legal bases only apply to you if you are resident in the EEA, the UK or Switzerland.

.

If you have any questions about our legal basis for processing your personal data, please contact our Data Protection Officer at dpo@everyonesocial.com.

.

Sharing Your Personal Data

.

We may disclose some or all of the personal data we collect to the following third parties:

.

To Gravit, Inc (dba EveryoneSocial):

.

  • Corporate affiliates, parents, partners and/or subsidiaries.

.

Service Providers:

.

  • Consultants, vendors and other service providers, including the subprocessors listed on our website and updated from time to time engaged by us to support the EveryoneSocial Services, the delivery and performance of those Services, and the operation of our business;

.

Professional Advisors:

.

  • Professional advisors, such as accountants, lawyers, auditors and insurers, in the course of the professional services that they render to us.

.

Compliance with Law Enforcement:

.

  • Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
  • Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
  • Enforce the terms, conditions and policies that govern the Services; and
  • Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.

.

Business Transfers:

.

  • Parties to transactions or potential transactions (and their professional advisors) involving a corporate financing, a partnership, a merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business, assets, or equity interests of Gravit, Inc. dba EveryoneSocial (including, as part of a bankruptcy or similar proceeding).

.

Aggregated or anonymized information. We may also share aggregated or anonymized information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information such as the EveryoneSocial Services you generally use, the configuration of your computer, and performance metrics related to the use of websites which we collect through our technology, products and services. If we are required under applicable law to treat such information as personal data, then we will only disclose it as described above. Otherwise, we may disclose such information for any reason.

.

Third party websites. EveryoneSocial Services may also contain links to third party websites. This Privacy Policy applies solely to information processed by us. You should contact the relevant third party websites for more information about how your personal data is processed by them.

.

Retention of Your Personal Data

.

We retain your personal data only for as long as necessary to fulfill the purposes set out in this Privacy Policy.

.

Transfers of Your Personal Data

.

The EveryoneSocial Services are provided and hosted in the United States. If you are located outside the United States, we may transfer, and process, your personal data outside of the country in which you are resident.

.

If and to the extent EveryoneSocial transfers Personal Data from another country into the United States, EveryoneSocial does so in compliance with the Privacy Laws of the originating country and for purposes outlined in this Privacy Policy. If and to the extent we transfer Personal Data of individuals in the EEA, Switzerland or the UK to the United States, we do so under the EU-U.S. DPF (Data Privacy Framework), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In addition, we also implement the Standard Contractual Clauses (approved by the European Commission and Swiss authorities) and the UK Addendum to the Standard Contractual Clauses (approved by the UK authorities) where appropriate. If you have any inquiry regarding our adherence to the Data Privacy Framework, see section below, or contact us by email at privacy@everyonesocial.com or by post at:

.

Compliance Office

Gravit, Inc.

215 W Sego Lily Dr. #708100

Sandy, UT 84070

.

Gravit, Inc. dba EveryoneSocial (“EveryoneSocial”) complies with the EU-U.S. DPF, the UK-U.S. DPF, and the Swiss-U.S. DPF as set forth by the U.S. Department of Commerce, and has filed for, and is awaiting its DPF self-certification certificate. EveryoneSocial has certified to the U.S. Department of Commerce that it adheres to (i) the EU-U.S. DPF Principles with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK-U.S. DPF and (ii) the Swiss-U.S. DPF Principles with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program please visit https://www.dataprivacyframework.gov/.

.

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, EveryoneSocial commits to resolve DPF Principles-related complaints about our collection and use of your Personal Information. EU, UK and Swiss individuals with inquiries or complaints regarding our handling of Personal Information received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF or the Swiss-U.S. DPF should first contact EveryoneSocial through email to privacy@everyonesocial.com.

.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, EveryoneSocial commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (“DPAs“), the UK Information Commissioner’s Office (ICO), the Gibraltar Regulatory Authority (“GRA“) and the Swiss Federal Data Protection and Information Commissioner (“FDPIC“) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. Under certain conditions, it may be possible to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms, see Annex I of the Data Privacy Framework for more information.

.

EveryoneSocial remains responsible if its service provider, when acting on its behalf, processes personal data in a manner inconsistent with the DPF Principles, unless it is not responsible for the event giving rise to the damage.

.

The Federal Trade Commission has jurisdiction over EveryoneSocial’s compliance with the EU-U.S. Data Privacy Framework EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.

.

How We Store and Safeguard Personal Data

EveryoneSocial takes the security of personal data very seriously. EveryoneSocial works hard to protect personal data you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the personal data we collect, process and store, and the current state of technology. To learn more about current practices and policies regarding security and confidentiality of the EveryoneSocial Services, please see our Security Practices. Given the nature of communications and information processing technology, EveryoneSocial cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from unauthorized access or intrusion by others.

Your Privacy Rights and Choices

.

Depending on your location and subject to applicable laws, you may have certain data protection rights. If you are a resident of the EEA or the UK you have the following data protection rights:

.

  • If you wish to access, correct, update or request deletion of your personal data, you can do so at any time.
  • You can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data.
  • You have the right to opt-out of marketing communications we send you at any time. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by clicking on the “unsubscribe” or “opt-out” link in the communications we send you. Please note, however, that it may not be possible to opt-out of certain service-related communications. You can let us know at any time if you do not wish to receive marketing messages by contacting us at privacy@everyonesocial.com.
  • Similarly, if we collect and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA and the UK are available here.

.

If you are a user of EveryoneSocial Services you can update or delete your account in the “My Profile” section of the web application. Or you can exercise any of these rights by submitting a request through email to privacy@everyonesocial.com

.

If you are a California resident, you can find information about how we use your personal data and about your privacy rights in the CCPA portion of this notice.

.

You can also exercise control over the following uses of your information:

.

  • Opt-Outs. We will provide you with an opportunity to opt-out of having personal data used for certain purposes when we ask for this information. If you decide to opt-out, we may not be able to provide the EveryoneSocial Services. You can revoke your consent at any point by contacting us at privacy@everyonesocial.com.

.

Children’s Privacy

.

EveryoneSocial Services are not intended for use by anyone under the age of 16. EveryoneSocial does not knowingly collect personal data from anyone under the age of 16. If you are under 16, you may not attempt to register for our Services or send any information about yourself to us, including your name, address, telephone number, or email address. If we become aware that we have collected personal data from someone under the age of 16 without verification of parental consent, we will delete that information promptly. If you are a parent or legal guardian of a child under 16 and believe that a child has provided us with their personal data, please contact us at privacy@everyonesocial.com or the mailing address provided at the end of this Privacy Policy.

.

Collection and Use of Personal Data of California Residents

.

Scope

.

Except as otherwise provided, this section applies only if you are a California resident. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act (“CCPA“), the California Privacy Rights Act of 2020 (“CPRA“), and any regulations promulgated under either law, in each case, as amended from time to time.

.

This section does not apply to:

.

  • information exempted from the scope of the CCPA;
  • activities governed by a different privacy notice, such as notices we give to California personnel or job candidates; or
  • Personal Information we collect, use, and share on behalf of our customers as a “service provider” under the CCPA.

.

Your California Privacy Rights

.

You have the following rights:

.

  • Right to Information/Know. You can request whether we have collected your Personal Information, and in certain cases, the following information about how we have collected and used your Personal Information during the past 12 months:
    • The categories of Personal Information we have collected.
    • The categories of sources from which we collected the Personal Information.
    • The business or commercial purpose for collecting and/or sharing Personal Information.
    • The categories of Personal Information that we shared or disclosed for a business purpose.
    • The categories of third parties to whom Personal Information was shared or disclosed for a business purpose.
  • Right to Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
  • Right to Correction. You can request that we correct inaccurate Personal Information that we have collected about you.
  • Right to Deletion. You can ask us to delete the Personal Information that we have collected from you.
  • Right to Opt-Out of Tracking for Targeted Advertising Purposes. EveryoneSocial does not sell Personal Information and does not deliver targeted advertising to you.
  • Right to Nondiscrimination. You are entitled to exercise the rights described above free from discrimination prohibited by the CCPA.

.

How to Exercise Your Rights

.

  • Right to Information/Know, Access, Correction, and Deletion. You can exercise any of these rights by submitting a request through our Privacy Request Form or by mailing us by email at privacy@everyonesocial.com or by post at:

.

Compliance Office

Gravit, Inc.

215 W Sego Lily Dr. #708100

Sandy, UT 84070

.

  • Right to Opt-Out of Tracking for Targeted Advertising Purposes. EveryoneSocial does not sell Personal Information and does not deliver targeted advertising to you.

.

Verification of Identity. We will need to verify your identity to process your information/ right to know, access, correction, and deletion requests and reserve the right to confirm your California residency. To verify your identity, we may require you to log into an EveryoneSocial account (if applicable), provide government identification, give a declaration as to your identity under penalty of perjury, and/or provide additional information. These rights are not absolute, and in some instances, we may decline your request as permitted by law.

.

Authorized Agents. Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of the valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465. If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity and provide us with written confirmation that you have given the authorized agent permission to submit the request.

.

Personal Information That We Collect, Use and Disclose

.

The table below describes our Personal Information practices by reference to the categories in the “Personal Data Collected by EveryoneSocial” section above and the categories described in the CCPA (Cal. Civ. Code Section 1798.140(v)) and describes our practices currently and during the 12 months preceding the effective date of this Privacy Policy. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below. Note that:

.

  • We do not “sell” personal information as defined by the CCPA and have not sold Personal Information in the preceding 12 months.
  • We do not use or disclose sensitive personal information for purposes that California residents have a right to limit under the CCPA.

.

.

Personal Information we collect in this category

Purpose for collection

Categories of third parties to whom we “disclose” PI for a business purpose

Categories of third parties with whom we “share” PI

Identifiers

  • Contact and company information

.

  • Providing delivery of Services
  • Communications with you
  • Improving the Services
  • Sending marketing communications
  • Managing event registrations
  • Maintaining security of the Services
  • Carrying out other legitimate business purposes
  • Complying with legal obligations
  • Service Providers
  • Professional advisors
  • Authorities
  • Business partners, transferees and affiliates

None

Professional or employment- related data

  • Providing delivery of Services
  • Carrying out other legitimate business purposes
  • Complying with legal obligations
  • Service Providers
  • Professional advisors
  • Authorities
  • Business partners, transferees and affiliates

None

Financial information

  • Providing delivery of Services
  • Carrying out other legitimate business purposes
  • Complying with legal obligations
  • Service Providers
  • Professional advisors
  • Authorities
  • Business partners, transferees and affiliates

None

Internet or network information

  • Device data
  • Service data
  • Providing delivery of Services
  • Carrying out other legitimate business purposes
  • Complying with legal obligations
  • Service Providers
  • Professional advisors
  • Authorities
  • Business partners, transferees and affiliates

None

Inferences

  • Data derived from the above categories
  • Providing delivery of Services
  • Communications with you
  • Improving the Services
  • Sending marketing communications
  • Managing event registrations
  • Carrying out other legitimate business purposes
  • Complying with legal obligations
  • Service Providers
  • Professional advisors
  • Authorities
  • Business partners, transferees and affiliates

None

.