Privacy Policy

Overview

Folly Enterprises (“Folly", “we”, “us” or “our”) is committed to protecting the privacy of personal information of identifiable individuals who visit www.winefolly.com, www.gwdb.io, www.folly.ai, or any subdomain websites of said websites (the “Sites”) and use the services available thereon (the “Services”). Amendments to this Privacy Policy will be posted to the Sites and/or Services and will be effective when posted. Your continued use of the Services following the posting of any amendment to the Privacy Policy shall constitute your acceptance of such amendment.

Consent and Information Collection and Use

When you join us as a user of our Services, we ask for personal information that will be used to activate your account, provide the Services to you, communicate with you about the status of your account, and for other purposes set out in this Privacy Policy. Your name, company name, address, telephone number, email address, credit card information or certain other information about you may be required by us to provide the Services or disclosed by you during your use of the Services. You will also be asked to create a private password, which will become part of your account information.

By providing personal information to us and by retaining us to provide you with the Services, you voluntarily consent to the collection, use and disclosure of such personal information as specified in this Privacy Policy. Without limiting the foregoing, we may on occasion ask you to consent when we collect, use, or disclose your personal information in specific circumstances. Sometimes your consent will be implied through your conduct with us if the purpose of the collection, use or disclosure is obvious and you voluntarily provide the information. By your use of the Sites, you are hereby agreeing to indemnify, defend, and hold harmless Folly Enterprises, and its subsidiaries, affiliates, co-branders, all third-party advertisers, technology providers, service providers or other partners, and each of their respective officers, directors, agents, shareholders, employees and representatives, from and against any third party claim, demand, loss, damage, cost, or liability (including, reasonable attorneys’ fees) arising out of or relating to this Privacy Policy or the Sites as a result of the provision of the personal information by you on such Sites, excepting as a result of the gross negligence or fraud of Folly Enterprises.

We may use your personal or account information for the following purposes:

  • To provide the Services to you and to improve the quality of the Sites and Services,
  • To provide information to you so that you may use the Sites and Services more effectively,
  • To create, manage and control your account information, and to verify access rights to services and software,
  • To bill your account,
  • To communicate with you for the purpose of informing you of changes or additions to the Services, or of the availability of any service we provide,
  • To assess service levels, monitor traffic patterns and gauge popularity of different service options,
  • To carry out our marketing activities;
  • To enforce this Privacy Policy;
  • To respond to claims of any violation of our rights or those of any third parties;
  • To respond to your requests for customer service;
  • To protect the rights, property or personal safety of you, us, our users and the public; and as required or authorized by law.
  • We may occasionally communicate with you regarding our products, services, news and events. You have the option to not receive this information. We provide an opt-out function within all email communications of this nature, or will cease to communicate with you for this purpose if you contact us and tell us not to communicate this information to you. The only kind of these communications that you may not “opt-out” of are those required to communicate announcements related to the Services, including information specific to your account, planned Services suspensions and outages. We will attempt to minimize this type of communication to you.

Age of Consent

We do not knowingly provide the Services to, and will not knowingly collect the personal information from anyone under the age of consent.

Rights to Your Information

You have the right to access and edit your information at any time through the web interface provided as part of the Services.

Disclosure

We will only share your information with third parties in accordance with your instructions or as necessary to provide you with a specific service or otherwise in accordance with applicable privacy legislation. As a general rule, we do not and will not sell, rent, share or disclose your personal information without first receiving your permission or as permitted in this Privacy Policy.

Aggregated Data

We may also use your personal information to generate Aggregated Data for internal use and for sharing with others on a selective basis. “Aggregated Data” means records which have been stripped of information potentially identifying customers or end-users, and which have been manipulated or combined to provide generalized, anonymous information. Your identity and personal information will be kept anonymous in Aggregated Data.

Links

The Sites may contain links to other sites and we are not responsible for the privacy practices or the content of such sites. We encourage you to read the privacy policy of linked sites. Their privacy policies and practices differ from our policies and practices.

Cookies and Log Files

We use cookies and log files to track user information. Cookies are small amounts of data that are transferred to your web browser by a web server and are stored on your computer’s hard drive or other device you may use to access the Services. We use cookies to store information about your current session, to remember your sign-in information, and to monitor traffic. We will use this information to deliver the Services to you.

Change of Ownership or Business Transition

In the event of a change of ownership or other business transition, such as a merger, acquisition or sale of our assets, your information may be transferred in accordance with applicable privacy laws.

Security

We will strive to prevent unauthorized access to your personal information, however, no data transmission over the Internet, by wireless device or over the air is guaranteed to be 100% secure. We will continue to enhance security procedures as new technologies and procedures become available.

We strongly recommend that you do not disclose your password to anyone. If you forget your password, we will ask you for your ID and send you an email containing a link that will allow you to reset your password.

Please remember that you control what personal information you provide while using the Services. Ultimately, you are responsible for maintaining the secrecy of your identification, passwords and/or any personal information in your possession for the use of the Services. Always be careful and responsible regarding your personal information. We are not responsible for, and cannot control, the use by others of any information which you provide to them and you should use caution in selecting the personal information you provide to others through the Services. Similarly, we cannot assume any responsibility for the content of any personal information or other information which you receive from other users through the Services, and you release us from any and all liability in connection with the contents of any personal information or other information which you may receive using the Services. We cannot guarantee, or assume any responsibility for verifying, the accuracy of the personal information or other information provided by any third party. You release us from any and all liability in connection with the use of such personal information or other information of others.

GDPR (General Data Protection Regulation)

The General Data Protection Regulation (GDPR), which goes into effect May 25, 2018, creates consistent data protection rules across Europe. It applies to all companies that process personal data about individuals in the EU, regardless of where the company is based. Processing is defined broadly and refers to anything related to personal data, including how a company handles and manages data, such as collecting, storing, using and destroying data.

We’ve updated any related terms of service to align with the GDPR.

Transparency

Our Data Policy defines how we process people’s personal data.

Control

We’ll continue to provide people with control over how their data is used.

Accountability

We have a team of people who help ensure we are documenting our compliance.

Under the GDPR, there are a number of approved reasons (or “legal bases”) a company might legitimately process a person’s data. Below, we’ve outlined the most relevant legal bases, as we understand them, under the GDPR.

Contractual necessity

  • Data processed must be necessary for the service provided by GWDB accepted by the individual

Consent

  • Requires a freely given, specific, informed and unambiguous consent by clear affirmative action
  • People have a right to withdraw consent, which must be brought to their attention
  • Must be from a person over the age of consent specified in that region/country, otherwise given by or authorised by a parent / guardian
  • Explicit consent is required for some processing

Legitimate interests

  • If a business or a third party has legitimate interests which are not overridden by individuals’ rights or interests.
  • Processing must be paused if a user objects to it

GWDB as the Data Controller vs. GWDB as the Data Processor

“Data controller” and “data processor” are important concepts in understanding a company’s responsibilities under the GDPR. Depending on the scenario, a company may be a data controller, data processor or both — and will have specific responsibilities as a result:

Data Controller

A company is a data controller when it has the responsibility of deciding why and how (the ‘purposes’ and ‘means’) the personal data is processed.

  • Under the GDPR, data controllers will have to adopt compliance measures to cover how data is collected, what it’s used for and how long it’s retained. They will also need to make sure people can access the data about them.
  • Data controllers must ensure data processors meet their contractual commitments to process data safely and legally.

Data Processor

A company is a data processor when it processes personal data on behalf of a data controller. Under the GDPR, data processors have obligations to process data safely and legally.

Data Breach Notification

Under the guidance of the Data Control Officer and in compliance with the GDPR, GWDB will notify a user in writing of any Personal Data Breach of which GWDB is aware in accordance with the use of GWDB’s technology.

The notice will include all available information regarding personal data.

Contact Us

If you have any questions or suggestions regarding our Privacy Policy, please contact us https://www.folly.ai/contact/.