Privacy Policy
Privacy Policy
Your privacy is of utmost importance to us at Mindmode GmbH. This document outlines our Privacy Policy, detailing how we handle and protect your personal information. It covers all aspects of data collection and processing related to your use of our website, applications, and services (collectively referred to as our "Services").
Data Controller Information
The entity responsible for processing your personal data, as outlined in this Privacy Policy, is:
Gaudio c/oMindmode GmbH
Schiller 33
6440 Brunnen
Switzerland
As the data controller, we are committed to ensuring the security and proper handling of your personal information in compliance with applicable data protection laws.
GDPR and DSG Compliance
Mindmode GmbH is committed to protecting your personal data in compliance with both the European Union's General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (DSG). This policy and our data practices adhere to the principles outlined in these regulations, including lawfulness, fairness, and transparency in data processing. We respect your rights as a data subject and have implemented appropriate technical and organizational measures to ensure the security of your personal data.
Data Collection Practices at Mindmode GmbH
Overview of Personal Data Collection
At Mindmode GmbH, we gather various types of personal data to provide and improve our Services. This data falls into two main categories: (I) information you actively provide and (II) data we collect automatically.
User-Provided Information
1. Account Details
When you create an account, we collect the following data you fill out:
-
Your name
-
Respective further information provided in the onboarding process such as; age, interests, language preference
-
Contact information
-
Login credentials
-
Payment card details
-
Transaction history
2. User-Generated Content
We store personal information included in:
-
Your submissions
-
File uploads
-
Feedback on our Services
3. Communication Records
When you reach out to us, we retain:
-
Your name
-
Contact details
-
The content of your messages
4. Social Media Interactions
On our social media profiles (including Instagram, Facebook, TikTok, X, YouTube, Pinterest, and LinkedIn), we collect:
-
Voluntarily provided contact information
-
Aggregated data and analytics about our social media presence (provided by the platform hosts)
5. Additional Voluntary Information
We also gather data you provide during:
-
Event participation
-
Survey responses
-
Identity verification processes
Automatically Collected Information
1. Log Data
Our systems automatically record:
-
IP addresses
-
Browser types and settings
-
Access times and dates
-
Service interaction details
2. Usage Statistics
We track:
-
Content engagement patterns
-
Feature utilization
-
User actions
-
Time zone and country
-
Access frequency and duration
-
Device and software information
3. Device-Specific Data
We collect:
-
Device names
-
Operating system details
-
Unique device identifiers
-
Browser information
4. Cookie Usage
We employ cookies to manage our services and enhance your user experience. Cookies are small text files that store specific, user-related information on your device while you use our website. They allow us to determine usage frequency, analyze user behavior, and make our services more user-friendly.
Cookies can remain stored on your device beyond the end of a browser session and can be recalled upon subsequent visits. If you prefer not to have cookies stored on your device, you can set your internet browser to refuse the acceptance of cookies. However, please note that this may limit the functionality of our website.
We use cookies for various purposes, including:
-
Managing our services
-
Enhancing user experience
-
Analyzing usage patterns
-
Improving our offerings
You can control cookie settings in your browser, but this may limit website functionality.
For users who wish to object to the use of cookies for online marketing purposes, you can do so for many services (especially in the case of tracking) via the US-based website http://www.aboutads.info/choices/ or the EU-based website Your Online Choices | EDAA .
Additionally, you can prevent the storage of cookies by adjusting your browser settings accordingly. Please be aware that if you do so, you may not be able to use all functions of our website to their fullest extent.
For more detailed information about the specific cookies we use and their purposes, please contact us at hello@gaudio.ai.
5. Analytics
We utilize various analytics tools to:
-
Analyze service usage patterns
-
Improve user experience
These tools may use cookies for data collection and analysis.
Data Usage and Disclosure Practices at Mindmode GmbH
How We Utilize Your Personal Information
At Mindmode GmbH, we employ your personal data for various purposes, including:
-
Service Provision and Management: To deliver, administer, maintain, and analyze our Services.
-
Continuous Improvement: To enhance our offerings and conduct research for better user experiences.
-
User Communication: To keep you informed about our Services and events.
-
Innovation: To develop new programs and services tailored to user needs.
-
Security Measures: To prevent fraud, criminal activity, or misuse of our Services, and to safeguard our IT infrastructure.
-
Business Operations: To facilitate business transfers when necessary.
-
Legal Compliance: To adhere to legal obligations and protect the rights, privacy, safety, and property of our company, partners, users, and other relevant parties.
Handling of Aggregated and De-identified Data
We may process your personal information to create aggregated or de-identified datasets. This transformed data, which can no longer be used to identify individuals, serves several purposes:
-
Analyzing and improving our Services
-
Developing new features
-
Conducting research
-
Sharing general user statistics with third parties
-
Publishing or making available aggregated information
We collect this type of data through our Services, cookies, and other means outlined in this Privacy Policy. We commit to maintaining the anonymity of de-identified information and will not attempt to re-identify it unless legally required.
Circumstances of Personal Data Disclosure
In specific situations, we may share your personal data with third parties without prior notification, unless legally mandated:
-
Service Providers: We may share data with vendors who assist in our business operations, including hosting, AI, customer service, cloud computing, email communication, and analytics providers. These entities will only process data as per our instructions and for specified tasks.
-
Business Transactions: In events such as mergers, reorganizations, or service transfers, your data may be disclosed to relevant parties and transferred to successors or affiliates.
-
Legal Obligations: We may disclose your information to authorities or third parties to comply with legal requirements, protect our rights, enforce our policies, prevent illegal activities, ensure safety, or guard against legal liabilities.
-
Affiliated Companies: We may share data with our affiliate companies (those we control, are controlled by, or are under common control with). They will use this information in line with our Privacy Policy.
-
User-Initiated Sharing: Some features of our Services allow you to share information with other users or third parties. Exercise caution when sharing and ensure you trust the recipients.
We urge users to be mindful when sharing information and to consider the trustworthiness of other users or third parties before disclosing personal data.
Data Minimization
At Gaudio, we are committed to the principle of data minimization. We collect and process only the personal data that is necessary for the specific purpose of providing and improving our AI-powered audio guide service. We regularly review our data collection practices to ensure we're not collecting excessive information, especially in culturally sensitive contexts. When possible, we anonymize or pseudonymize data to further protect your privacy.
Gaudio App specific Data Processing
Our AI-powered audio guide service processes the following types of data:
-
Voice Data: When you use our audio guide features, we may collect and process your voice input. This data is used to:
-
Provide real-time responses and information
-
Improve the accuracy and effectiveness of our voice recognition technology
-
Enhance the personalization of your experience
-
-
Transcripts: We may generate and store transcripts of your interactions with the audio guide. These transcripts are used to:
-
Provide you with a record of your tour experience
-
Analyze and improve our service quality
-
Develop new features and content
-
-
Location Data: With your permission, we may collect and process your location data to:
-
Provide location-specific information and guidance
-
Offer relevant content based on your position within a cultural site
-
-
User Preferences: We collect and process data about your interests, preferred languages, and interaction patterns to:
-
Personalize your audio guide experience
-
Recommend relevant content and features
-
Data Processing and Storage
-
Voice data is processed in real-time and is not stored long-term unless necessary for service improvement or legal compliance.
-
Transcripts are stored securely and retained in line with our data retention policy.
-
All data is encrypted both in transit and at rest.
AI Technology
We use advanced AI technology to power our audio guide service. This involves:
-
Natural Language Processing (NLP) to understand and respond to your queries
-
Machine Learning algorithms to improve personalization and content relevance
We ensure that our AI processes comply with data protection regulations and ethical AI principles.
Data Retention Policy
At Mindmode GmbH, we retain personal data only for as long as necessary to:
-
Provide our services
-
Fulfill legitimate business needs
-
Resolve disputes
-
Maintain security
-
Comply with legal obligations
The duration of data retention is influenced by several factors:
-
The purpose of data processing
-
The volume, nature, and sensitivity of the data
-
Potential risks associated with unauthorized use or disclosure
-
Applicable legal and regulatory requirements
Your Data Rights
Depending on your location, you may have specific rights regarding your personal data:
-
Data Access: View your personal data and learn how it's processed
-
Data Deletion: Request removal of your data from our records
-
Data Correction: Update or rectify your personal information
-
Data Portability: Transfer your data to another entity
-
Processing Restrictions: Limit how we use your data
-
Consent Withdrawal: Revoke previously given consent for data processing
-
Objection Rights:
-
Oppose personal data processing for direct marketing
-
Contest data processing based on our legitimate interests
-
-
Complaint Filing: Report concerns to your local data protection authority
To exercise these rights:
-
Use your Gaudio account settings where possible
-
For actions not available through your account, contact us at hello@gaudio.ai
Note: These rights may have limitations, such as when fulfilling a request would infringe on another person's privacy or conflict with our legal obligations.
For unresolved issues:
-
EU residents: Contact your local supervisory authority
-
UK residents: Reach out to the Information Commissioner's Office
-
Swiss residents: Consult the Swiss Federal Data Protection and Information Commissioner
Children's Privacy
Our services are not directed to children under the age of 16 without the consent of a parent or guardian. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us at hello@gaudio.ai. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.
External Website Links
Our Service may include links to third-party websites, including social media platforms. Please note:
-
We don't control or operate these Third Party Sites
-
Your activities on these sites are governed by their specific privacy policies and terms
-
We don't endorse or vouch for these sites simply by providing links
-
Contact third-party sites directly for information about their privacy practices
Security Measures
We implement reasonable technical, administrative, and organizational safeguards to protect your data:
-
Online and offline protection against unauthorized access, misuse, alteration, and destruction
However, be aware that:
-
No Internet or email transmission is 100% secure or error-free
-
Emails to or from us may not be secure
-
Exercise caution when deciding what information to send via our Service or email
-
We're not responsible for bypassing any privacy settings or security measures on our Service or third-party websites
We advise users to be mindful of the inherent risks in transmitting sensitive information online and to take appropriate precautions.
Data Breach Notification
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the appropriate supervisory authority without undue delay. This notification will include:
-
The nature of the personal data breach
-
The likely consequences of the breach
-
The measures taken or proposed to address the breach and mitigate its possible adverse effects
We maintain internal procedures to detect, report, and investigate personal data breaches in line with our legal obligations.
Mindmode GmbH: Legal Foundations for Data Processing
At Mindmode GmbH, we process your personal data based on several legal grounds, depending on the specific purpose and type of data involved. Here's a comprehensive overview of our legal bases for data processing:
1. Service Provision and Maintenance
Purpose: To deliver and maintain our services
Data Types:
-
Account details
-
User-generated content
-
Communication records
-
Supplementary user-provided information
-
System logs
-
Usage statistics
-
Device-specific data
-
Cookies and related technologies
Legal Basis: Contractual necessity - processing is required to fulfill our service agreement with you, such as addressing user inquiries.
2. Service Enhancement and Research
Purpose: To improve existing services, develop new features, and conduct research
Data Types:
-
All types listed under Service Provision
-
Information from external sources
Legal Basis: Legitimate interests - processing is necessary for our business interests and those of third parties, including societal benefits. For example, refining our AI models to enhance service quality.
3. User Communication and Marketing
Purpose: To relay information about our services and events, including marketing materials
Data Types:
-
Account information
-
Communication records
-
Social media interactions
-
Additional user-provided data
-
System logs
-
Usage patterns
-
Device information
-
Cookies and similar technologies
Legal Basis:
-
Contractual necessity - for essential service communications, like technical updates.
-
User consent - for specific processing activities we clearly communicate, such as sending marketing materials.
4. Security and Fraud Prevention
Purpose: To prevent fraudulent activities, misuse of our services, and protect our systems
Data Types:
-
All previously mentioned data types
Legal Basis:
-
Legal obligation - when we're required to process data to comply with laws.
-
Legitimate interests - when not bound by specific legal requirements, processing is necessary to protect our services, users, and third parties from security threats, fraud, and abuse.
Important Notes:
-
The legal basis for processing may vary depending on the specific circumstances and the nature of the data involved.
-
Where we rely on legitimate interests, we carefully balance our needs against your privacy rights.
-
When consent is the basis for processing, you have the right to withdraw this consent at any time.
-
We may process data under multiple legal bases depending on the context and purpose of the processing.
For any questions about the legal basis for processing your data, please contact our data protection team at hello@gaudio.ai.
Mindmode GmbH: Legal Compliance, International Data Transfers, and Privacy Policy Updates
Legal Compliance and Protection of Rights
Purpose of Processing
To fulfill legal obligations and safeguard the rights, privacy, safety, and property of our users, our company, our affiliates, and third parties.
Types of Personal Data Processed
-
Account details
-
User-generated content
-
Communication records
-
Social media interactions
-
Additional user-provided information
-
Data from external sources
-
System logs
-
Usage statistics
-
Device-specific information
-
Cookies and related technologies
Legal Basis
-
Legal Obligation: When we must process data to comply with laws, such as maintaining transaction records for accounting purposes.
-
Legitimate Interests: In cases where no specific legal obligation exists, processing may be necessary to protect the interests of our company, users, affiliates, or third parties. For example, analyzing log data to identify and prevent fraudulent activities or service abuse.
International Data Transfers
At Mindmode GmbH, we utilize services from various third-party providers, including OpenAI, which may involve transferring your personal data to countries outside the European Economic Area (EEA), Switzerland, and the UK. Please be aware:
-
Data Protection Standards: Some countries may not offer the same level of data protection as your home country.
-
Compliance Measures: We adhere to applicable data protection laws when transferring personal data internationally.
-
Transfer Mechanisms: For transfers to non-EEA countries, we rely on:
-
European Commission's adequacy decisions for certain countries
-
European Commission's Standard Contractual Clauses with country-specific addenda for other jurisdictions
-
-
Third-Party Services: By using our services, you acknowledge that:
-
Your personal data may be processed and stored on servers located in the United States and other countries
-
Your data may be shared with service providers and affiliates of our third-party partners in various countries
-
Our AI-powered audio guide service may utilize technology from providers such as OpenAI, which may involve transferring your data to countries outside Switzerland and the European Economic Area (EEA). To ensure the protection of your data in these transfers:
-
We implement strong contractual safeguards, including Standard Contractual Clauses approved by the European Commission, supplemented by additional measures where necessary.
-
We conduct regular assessments of the data protection laws in recipient countries and implement additional safeguards where required.
-
For transfers specifically related to AI processing:
-
We ensure that only necessary data is transferred
-
We use anonymization or pseudonymization techniques where possible
-
We implement strict access controls and encryption measures
-
-
We regularly audit our AI providers to ensure they maintain appropriate technical and organizational measures to protect your data.
You can request more information about the specific safeguards applied to the transfer of your personal data by contacting us at hello@gaudio.ai.
Vendor Management
We carefully select and regularly review our third-party service providers (vendors) who process personal data on our behalf. We enter into data processing agreements with these vendors, requiring them to implement appropriate technical and organizational measures to protect your personal data. These agreements ensure that vendors only process personal data according to our instructions and in compliance with this Privacy Policy. We maintain a list of approved vendors and conduct periodic assessments of their data protection practices.
For more detailed information about our data transfer practices, please contact us at hello@gaudio.ai.
Privacy Policy Updates
We may periodically update this Privacy Policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make changes:
-
We will post the updated version on this page.
-
If required by applicable law, we may use alternative methods to notify you of significant changes.
We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal information.
Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices that are not addressed here, please contact our privacy team at hello@gaudio.ai.
We are committed to addressing your inquiries and resolving any issues related to your privacy and data protection rights.
Version Control
This Privacy Policy was last updated on the 2nd of August, 2024. Version 1.0.