For the champion - the church

Trust center

Trust center

For Individuals & Champions

Gloo Website Terms of Service

Interactive Services and Assessment Terms of Service

Gloo Services Terms of Service

Supplemental Terms of Service

Supplemental Terms for Gloo Impact

Supplemental Terms for Gloo AI

Data Processing Agreement

Gloo Services Acceptable Use Policy (AUP)

For Partners & Vendors

Data Protection Standards

Producer Terms

General

Privacy Statement

Resources

Security Statement

Data Privacy FAQ

Data Processing Agreement

The Data Processing Agreement (“DPA”) between Gloo, LLC (“Service Provider”) and you (“Organization”) form part of any agreement which incorporates them as to any offerings by Gloo (the “Offerings”).  This DPA does not extend to the Processing of Personal Information, including the Processing of Personal Information, that is outside of the scope of the Offerings.

  1. Definitions. For purposes of this DPA, the following terms shall have the meanings set forth below:

    1. “Organization Personal Information” means only the Personal Information described in Section 2.1 which is Processed by Service Provider, or by a Subprocessor, on behalf of Organization as part of the Offerings. 

    2. “Data Protection Laws” means any local or national laws, rules, and regulations related to privacy, security, data protection, and/or the Processing of Personal Information, as amended, replaced, or superseded from time to time.

    3. “Data Subject” means the identified or identifiable person to whom Personal Information relates.

    4. “Consumer” means an individual who is acting only in an individual or household context; and does not include an individual acting in a commercial or employment context, as a job applicant, or as a beneficiary of someone acting in an employment context.

    5. “Deidentified Information” means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular Data Subject or Consumer

    6. “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or household.

    7. “Personal Information Breach” means the accidental, unauthorized, or unlawful disclosure of, or access to, Organization Personal Information by Service Provider or any Subprocessor.

    8. “Process” means any operation or set of operations that is performed upon Personal Information, whether or not by automatic means, such as access, collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, return or destruction.

    9. “Subprocessor” means any third party engaged by the Service Provider to Process Organization Personal Information.

  2. Processing of Organization Personal Information

    1. This DPA covers the following:

      1. The subject-matter of the Processing of Organization Personal Information is the performance of the Offerings pursuant to the Agreement.

      2. Organization Personal Information will be Processed as necessary to perform the Offerings pursuant to the Agreement and will be subject to the processing activities described in any Order Form that makes reference to, is incorporated under, or is subject to the Agreement.

      3. The types of Organization Personal Information shall be as is contemplated or related to the Processing described in any Order Form that makes reference to, is incorporated under, or is subject to the Agreement.

    2. Service Provider represents, warrants, agrees, and certifies that in the context of its processing of the Organization Personal information: 

      1. it understands, and will comply with, the obligations and restrictions imposed on it by applicable Data Protection Laws in its role as a service provider and/or processor;

      2. it shall notify Organization immediately if Service Provider determines that it can no longer meet its obligations under applicable Data Protection Laws or this DPA;

      3. it shall Process Organization Personal Information only to the extent, and in such a manner, as is necessary for the purposes of fulfilling its responsibilities under the Agreement and the Organization’s instructions, and for the purposes described in Section 2.1;

      4. it shall take reasonable steps to ensure that access to Organization Personal Information is limited to those employees, agents, and Subprocessors who have a need to know or otherwise access Organization Personal Information to enable Service Provider to perform its obligations or responsibilities under this DPA and the Agreement, and who are bound in writing to protect the confidentiality of the Organization Personal Information (the restrictions set forth in this section shall not restrict Service Provider’s ability to Process Organization Personal Information where required to do so by applicable laws to which Service Provider is subject; provided, however, Service Provider shall promptly notify Organization of such legal requirement before Processing, unless such law prohibits such notification);

      5. to the extent that it deidentifies Organization Personal Information it will (i) take reasonable measures to ensure that the information cannot be associated with an individual, (ii) publicly commit to maintain and use the information in de-identified form and not to attempt to re-identify it, (iii) implement technical safeguards that prohibit reidentification, (iv) implement business processes that specifically prohibit reidentification, (v) implement business processes that prevent inadvertent release of de-identified information, (vi) make no attempt to re-identify the information, and (vii) contractually obligate any recipients of the de-identified information to comply with all provisions in this paragraph.

      6. Notwithstanding any other provision in this Section, Service Provider may use Organization Personal Information to build or improve the quality of the Offerings it provides to Organization.

    3. Service Provider represents, warrants, agrees, and certifies that it shall not:

      1. retain, use, or disclose Organization Personal Information for any purpose other than for the limited and specified purpose of performing its responsibilities under the Agreement;

      2. share, sell, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate orally, in writing, or by electronic or other means Organization Personal Information to another person or entity for: (a) monetary or other valuable consideration; or (b) cross-context behavioral advertising for the benefit of a business in which no money is exchanged; or

      3. combine Organization Personal Information with Personal Information Service Provider receives from or on behalf of another person or entity or collects from its own interactions with a Data Subject except to perform a business purpose as defined in regulations adopted pursuant applicable Data Protection Laws.

  3. Security

    1. Service Provider represents and warrants that it shall implement and maintain appropriate technical and organizational safeguards to protect Organization Personal Information that are no less rigorous than accepted industry standards for information security and shall ensure that all such safeguards comply with applicable Data Protection Laws.

    2. In assessing the appropriate level of security, Service Provider shall take into account the risks that are presented by Processing, in particular from accidental, unauthorized, or unlawful destruction, loss, alteration, damage, or disclosure of, or access to, Organization Personal Information transmitted, stored, or otherwise Processed.

  4. Personal Information Breach
    In the event of a Personal Information Breach impacting Organization Personal Information, Service Provider shall (a) notify Organization as soon as practicable under the circumstances after Service Provider or any Subprocessor becomes aware of such Personal Information Breach (and in any event within the time period required by Data Protection Laws); (b) provide Organization with sufficient details of the Personal Information Breach to allow Organization to meet any obligations under Data Protection Laws to report or inform Data Subjects or relevant Regulators of the Personal Information Breach; and (c) cooperate, and require any Subprocessor to cooperate, with Organization in the investigation, mitigation, and remediation of any such Personal Information Breach.

  5. Subprocessors
    Service Provider shall enter into a written agreement with each Subprocessor containing the same obligations imposed on Service Provider under this DPA and applicable Data Protection Laws with respect to Organization Personal Information.

  6. Data Subject Rights

    1. Service Provider shall promptly notify Organization if it receives a request from a Data Subject or Consumer regarding Organization Personal Information, including a request by a Data Subject to exercise a right under Data Protection Laws.

    2. Service Provider shall assist Organization in fulfilling Organization’s obligations to respond to such requests, including at minimum, maintaining the ability to access, modify, remove from Processing, or irrevocably delete or destroy the Personal Information of an individual Data Subject when requested by Organization.

    3. Should Service Provider or any Subprocessor directly perform any data collection from Data Subjects in connection with Organization’s instructions, Service Provider shall ensure that Data Subjects receive Organization’s Privacy Policy at or before the point at which any information is collected about the Data Subject.

  7. Deletion or Return of Organization Personal Information
    Service Provider shall promptly return or destroy (at Organization’s election) all copies of Organization Personal Information in its possession, or in the possession of its Subprocessor (a) any time requested by the Organization, or (b) within sixty (60) calendar days of the effective date of termination. Notwithstanding the requirements in this paragraph, Service Provider may retain Organization Personal Information if required by applicable Data Protection Laws, but only to the extent and for such period as required by such legal requirement. Service Provider shall notify Organization in writing if it believes that such a legal requirement exists. If required by law to retain Organization Personal Information, Service Provider shall continue to ensure the security and confidentiality of such Organization Personal Information and only Process such Organization Personal Information as necessary for the purpose specified in the applicable Data Protection Laws requiring such storage.

  8. Compliance and Audits

    1. Upon Organization’s request, Service Provider shall provide such assistance as Organization reasonably requires to ensure compliance with Organization’s obligations under applicable Data Protection Laws, including, but not limited to, any data protection impact assessments.

    2. In addition to any audit rights Organization may have under any other agreement between Organization and Service Provider, Service Provider shall make available to Organization all information necessary to demonstrate Service Provider’s compliance with this DPA, as well as any applicable Data Protection Laws, and shall allow for and contribute to audits, including inspections, by Organization, or a third-party auditor mandated by Organization, in order to assess Service Provider’s compliance.

  9. Termination and Remediation
    In the event that Service Provider fails to comply with any of the provisions of this DPA, Organization may, without penalty to Organization, take steps to stop and remediate any unauthorized Processing of Organization Personal Information. Upon expiration or termination of the Agreement for any reason, Service Provider’s obligations under this DPA in relation to the Processing of Personal Information shall continue for as long as Service Provider has access to Organization Personal Information.

  10. General Terms
    This DPA supersedes any prior data processing agreements, addenda, or similar terms between the parties. Should any provision of this DPA be invalid or unenforceable, then the remainder of this DPA will remain valid and in force. The invalid or unenforceable provision shall be either: (a) amended as necessary to ensure its validity and enforceability, while preserving the intent of the provision as closely as possible or, if this is not possible, (b) construed in a manner as if the invalid or unenforceable part had never been contained therein. In the event of any conflict between the Agreement and this DPA, this DPA will govern. If any variation is required to this DPA as a result of a change in applicable Data Protection Laws, the parties agree to discuss and negotiate in good faith any necessary variation to this DPA. 

Last Revised: March 20, 2024

For Individuals & Champions

Gloo Website Terms of Service

Interactive Services and Assessment Terms of Service

Gloo Services Terms of Service

Supplemental Terms of Service

Supplemental Terms for Gloo Impact

Supplemental Terms for Gloo AI

Data Processing Agreement

Gloo Services Acceptable Use Policy (AUP)

For Partners & Vendors

Data Protection Standards

Producer Terms

General

Privacy Statement

Resources

Security Statement

Data Privacy FAQ

Data Processing Agreement

The Data Processing Agreement (“DPA”) between Gloo, LLC (“Service Provider”) and you (“Organization”) form part of any agreement which incorporates them as to any offerings by Gloo (the “Offerings”).  This DPA does not extend to the Processing of Personal Information, including the Processing of Personal Information, that is outside of the scope of the Offerings.

  1. Definitions. For purposes of this DPA, the following terms shall have the meanings set forth below:

    1. “Organization Personal Information” means only the Personal Information described in Section 2.1 which is Processed by Service Provider, or by a Subprocessor, on behalf of Organization as part of the Offerings. 

    2. “Data Protection Laws” means any local or national laws, rules, and regulations related to privacy, security, data protection, and/or the Processing of Personal Information, as amended, replaced, or superseded from time to time.

    3. “Data Subject” means the identified or identifiable person to whom Personal Information relates.

    4. “Consumer” means an individual who is acting only in an individual or household context; and does not include an individual acting in a commercial or employment context, as a job applicant, or as a beneficiary of someone acting in an employment context.

    5. “Deidentified Information” means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular Data Subject or Consumer

    6. “Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or household.

    7. “Personal Information Breach” means the accidental, unauthorized, or unlawful disclosure of, or access to, Organization Personal Information by Service Provider or any Subprocessor.

    8. “Process” means any operation or set of operations that is performed upon Personal Information, whether or not by automatic means, such as access, collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, return or destruction.

    9. “Subprocessor” means any third party engaged by the Service Provider to Process Organization Personal Information.

  2. Processing of Organization Personal Information

    1. This DPA covers the following:

      1. The subject-matter of the Processing of Organization Personal Information is the performance of the Offerings pursuant to the Agreement.

      2. Organization Personal Information will be Processed as necessary to perform the Offerings pursuant to the Agreement and will be subject to the processing activities described in any Order Form that makes reference to, is incorporated under, or is subject to the Agreement.

      3. The types of Organization Personal Information shall be as is contemplated or related to the Processing described in any Order Form that makes reference to, is incorporated under, or is subject to the Agreement.

    2. Service Provider represents, warrants, agrees, and certifies that in the context of its processing of the Organization Personal information: 

      1. it understands, and will comply with, the obligations and restrictions imposed on it by applicable Data Protection Laws in its role as a service provider and/or processor;

      2. it shall notify Organization immediately if Service Provider determines that it can no longer meet its obligations under applicable Data Protection Laws or this DPA;

      3. it shall Process Organization Personal Information only to the extent, and in such a manner, as is necessary for the purposes of fulfilling its responsibilities under the Agreement and the Organization’s instructions, and for the purposes described in Section 2.1;

      4. it shall take reasonable steps to ensure that access to Organization Personal Information is limited to those employees, agents, and Subprocessors who have a need to know or otherwise access Organization Personal Information to enable Service Provider to perform its obligations or responsibilities under this DPA and the Agreement, and who are bound in writing to protect the confidentiality of the Organization Personal Information (the restrictions set forth in this section shall not restrict Service Provider’s ability to Process Organization Personal Information where required to do so by applicable laws to which Service Provider is subject; provided, however, Service Provider shall promptly notify Organization of such legal requirement before Processing, unless such law prohibits such notification);

      5. to the extent that it deidentifies Organization Personal Information it will (i) take reasonable measures to ensure that the information cannot be associated with an individual, (ii) publicly commit to maintain and use the information in de-identified form and not to attempt to re-identify it, (iii) implement technical safeguards that prohibit reidentification, (iv) implement business processes that specifically prohibit reidentification, (v) implement business processes that prevent inadvertent release of de-identified information, (vi) make no attempt to re-identify the information, and (vii) contractually obligate any recipients of the de-identified information to comply with all provisions in this paragraph.

      6. Notwithstanding any other provision in this Section, Service Provider may use Organization Personal Information to build or improve the quality of the Offerings it provides to Organization.

    3. Service Provider represents, warrants, agrees, and certifies that it shall not:

      1. retain, use, or disclose Organization Personal Information for any purpose other than for the limited and specified purpose of performing its responsibilities under the Agreement;

      2. share, sell, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate orally, in writing, or by electronic or other means Organization Personal Information to another person or entity for: (a) monetary or other valuable consideration; or (b) cross-context behavioral advertising for the benefit of a business in which no money is exchanged; or

      3. combine Organization Personal Information with Personal Information Service Provider receives from or on behalf of another person or entity or collects from its own interactions with a Data Subject except to perform a business purpose as defined in regulations adopted pursuant applicable Data Protection Laws.

  3. Security

    1. Service Provider represents and warrants that it shall implement and maintain appropriate technical and organizational safeguards to protect Organization Personal Information that are no less rigorous than accepted industry standards for information security and shall ensure that all such safeguards comply with applicable Data Protection Laws.

    2. In assessing the appropriate level of security, Service Provider shall take into account the risks that are presented by Processing, in particular from accidental, unauthorized, or unlawful destruction, loss, alteration, damage, or disclosure of, or access to, Organization Personal Information transmitted, stored, or otherwise Processed.

  4. Personal Information Breach
    In the event of a Personal Information Breach impacting Organization Personal Information, Service Provider shall (a) notify Organization as soon as practicable under the circumstances after Service Provider or any Subprocessor becomes aware of such Personal Information Breach (and in any event within the time period required by Data Protection Laws); (b) provide Organization with sufficient details of the Personal Information Breach to allow Organization to meet any obligations under Data Protection Laws to report or inform Data Subjects or relevant Regulators of the Personal Information Breach; and (c) cooperate, and require any Subprocessor to cooperate, with Organization in the investigation, mitigation, and remediation of any such Personal Information Breach.

  5. Subprocessors
    Service Provider shall enter into a written agreement with each Subprocessor containing the same obligations imposed on Service Provider under this DPA and applicable Data Protection Laws with respect to Organization Personal Information.

  6. Data Subject Rights

    1. Service Provider shall promptly notify Organization if it receives a request from a Data Subject or Consumer regarding Organization Personal Information, including a request by a Data Subject to exercise a right under Data Protection Laws.

    2. Service Provider shall assist Organization in fulfilling Organization’s obligations to respond to such requests, including at minimum, maintaining the ability to access, modify, remove from Processing, or irrevocably delete or destroy the Personal Information of an individual Data Subject when requested by Organization.

    3. Should Service Provider or any Subprocessor directly perform any data collection from Data Subjects in connection with Organization’s instructions, Service Provider shall ensure that Data Subjects receive Organization’s Privacy Policy at or before the point at which any information is collected about the Data Subject.

  7. Deletion or Return of Organization Personal Information
    Service Provider shall promptly return or destroy (at Organization’s election) all copies of Organization Personal Information in its possession, or in the possession of its Subprocessor (a) any time requested by the Organization, or (b) within sixty (60) calendar days of the effective date of termination. Notwithstanding the requirements in this paragraph, Service Provider may retain Organization Personal Information if required by applicable Data Protection Laws, but only to the extent and for such period as required by such legal requirement. Service Provider shall notify Organization in writing if it believes that such a legal requirement exists. If required by law to retain Organization Personal Information, Service Provider shall continue to ensure the security and confidentiality of such Organization Personal Information and only Process such Organization Personal Information as necessary for the purpose specified in the applicable Data Protection Laws requiring such storage.

  8. Compliance and Audits

    1. Upon Organization’s request, Service Provider shall provide such assistance as Organization reasonably requires to ensure compliance with Organization’s obligations under applicable Data Protection Laws, including, but not limited to, any data protection impact assessments.

    2. In addition to any audit rights Organization may have under any other agreement between Organization and Service Provider, Service Provider shall make available to Organization all information necessary to demonstrate Service Provider’s compliance with this DPA, as well as any applicable Data Protection Laws, and shall allow for and contribute to audits, including inspections, by Organization, or a third-party auditor mandated by Organization, in order to assess Service Provider’s compliance.

  9. Termination and Remediation
    In the event that Service Provider fails to comply with any of the provisions of this DPA, Organization may, without penalty to Organization, take steps to stop and remediate any unauthorized Processing of Organization Personal Information. Upon expiration or termination of the Agreement for any reason, Service Provider’s obligations under this DPA in relation to the Processing of Personal Information shall continue for as long as Service Provider has access to Organization Personal Information.

  10. General Terms
    This DPA supersedes any prior data processing agreements, addenda, or similar terms between the parties. Should any provision of this DPA be invalid or unenforceable, then the remainder of this DPA will remain valid and in force. The invalid or unenforceable provision shall be either: (a) amended as necessary to ensure its validity and enforceability, while preserving the intent of the provision as closely as possible or, if this is not possible, (b) construed in a manner as if the invalid or unenforceable part had never been contained therein. In the event of any conflict between the Agreement and this DPA, this DPA will govern. If any variation is required to this DPA as a result of a change in applicable Data Protection Laws, the parties agree to discuss and negotiate in good faith any necessary variation to this DPA. 

Last Revised: March 20, 2024

Data Privacy FAQ

Data Privacy FAQ

Gloo was founded to bring the best possible data and technology to churches, charities, and community service organizations that help people grow.  Gloo is committed to maintaining the privacy and security of your data. Below are a few frequently asked questions and our responses about our privacy practices. Further information regarding our privacy practices is set out in our Privacy Statement. 


  1. What Services does Gloo provide?

    We offer a variety of products, services, mobile applications, and software offerings (collectively, the “Services”) that help organizations know and understand their members, prospective members, and communities; connect organizations and individuals to one another; and measure their impact as they help people on their journey towards growth. As part of providing the Services, we collect and receive information in a variety of ways, including information on our websites and applications, from our organizational customers and/or prospective customers, from individuals that use the Services as well as other third parties described below.

  2. To whom does Gloo offer its Services?

    Gloo offers Services to organizations that support personal growth, including churches, charities, addiction recovery institutions, and community service organizations (we may refer to these organizations as Champions). We are open to all organizations whose principles align with our Services Acceptable Use Policy. We do not unlawfully discriminate against any religions, churches, or other organizations.

    We also offer Services to individuals who are interested in connecting with the organizations we work with. 

  3. How does Gloo collect and use personal information?

    As we explain in our Privacy Statement, we use personal information about individuals to provide our Services. We may collect the following data:

    • When individuals visit our website or sign up for our Services, we receive data from these individuals themselves. We do not disclose this data in identifiable form with others, except at the request or direction of the individual, such as when individuals ask us to connect them with churches or other organizations who can help them or in the limited circumstances described in our Privacy Statement (e.g., to service providers).

    • When a church or other organization engages us as a service provider, we process personal information the organization provides to us on the organization’s behalf, such as to create surveys and social media outreach campaigns for those organizations at the explicit instruction of the organization.

    • We also license personal information from data providers. We use this data to provide insights and related Services to our customers. Gloo does not seek to receive names and contact information of data subjects provided by data providers. However, if a data provider were to include names or contact information, we remove this identifying information. In any event, we do not share such information in identifiable form with customers or other organizations.

  4. What information does Gloo receive from and about Gloo Customers?

    We receive information from data partners about our customers, including contact information about individuals who work for those organizations (e.g., pastors). We use this information for market research, product development, and marketing in accordance with applicable laws as further described in our Privacy Statement.

  5. Is Gloo a data broker?

    No. Gloo does not “sell” a consumer’s personal information to third parties as defined by applicable law and/or engage in activities that meet the definition of “data” broker. 

  6. How does Gloo safeguard Gloo Services?

    As set out  in our Services Acceptable Use Policy, we contractually prohibit recipients of our Services from using our Services (a) for any illegal purposes, (b) to promote hate speech or incite violence, (c) to create a risk to a person’s health or safety, (d) for the advancement of political parties or election campaigns, (e) for anything malicious, fraudulent, harassing or threatening, or (f) for any covert, misleading or unfair communications, including, without limitation, any advertisements or social media campaigns that fail to identify the organization that controls or pays for the communication.

  7. What does Gloo do to maintain the privacy of personal information?

    We may handle sensitive information, including information on faith, religion, family, health, and finances. Gloo has taken measures to mitigate privacy risks with data security and data privacy protection mechanisms including the following:

    • We limit data access within our company to those individuals who have a need to access data.

    • We implement the measures described in our Security Statement.

    • We limit the personal information that we share, as described under this Section.

    • We restrict what our customers may do with  the Services and personal information, as set forth in our terms of service, Privacy Statement, and acceptable use policy (see our answers to Questions 3 and 6).

If you have any further questions, please contact us at:  privacy@gloo.us.

Last Revised: March 16, 2023

Data Privacy FAQ

Data Privacy FAQ

Gloo was founded to bring the best possible data and technology to churches, charities, and community service organizations that help people grow.  Gloo is committed to maintaining the privacy and security of your data. Below are a few frequently asked questions and our responses about our privacy practices. Further information regarding our privacy practices is set out in our Privacy Statement. 


  1. What Services does Gloo provide?

    We offer a variety of products, services, mobile applications, and software offerings (collectively, the “Services”) that help organizations know and understand their members, prospective members, and communities; connect organizations and individuals to one another; and measure their impact as they help people on their journey towards growth. As part of providing the Services, we collect and receive information in a variety of ways, including information on our websites and applications, from our organizational customers and/or prospective customers, from individuals that use the Services as well as other third parties described below.

  2. To whom does Gloo offer its Services?

    Gloo offers Services to organizations that support personal growth, including churches, charities, addiction recovery institutions, and community service organizations (we may refer to these organizations as Champions). We are open to all organizations whose principles align with our Services Acceptable Use Policy. We do not unlawfully discriminate against any religions, churches, or other organizations.

    We also offer Services to individuals who are interested in connecting with the organizations we work with. 

  3. How does Gloo collect and use personal information?

    As we explain in our Privacy Statement, we use personal information about individuals to provide our Services. We may collect the following data:

    • When individuals visit our website or sign up for our Services, we receive data from these individuals themselves. We do not disclose this data in identifiable form with others, except at the request or direction of the individual, such as when individuals ask us to connect them with churches or other organizations who can help them or in the limited circumstances described in our Privacy Statement (e.g., to service providers).

    • When a church or other organization engages us as a service provider, we process personal information the organization provides to us on the organization’s behalf, such as to create surveys and social media outreach campaigns for those organizations at the explicit instruction of the organization.

    • We also license personal information from data providers. We use this data to provide insights and related Services to our customers. Gloo does not seek to receive names and contact information of data subjects provided by data providers. However, if a data provider were to include names or contact information, we remove this identifying information. In any event, we do not share such information in identifiable form with customers or other organizations.

  4. What information does Gloo receive from and about Gloo Customers?

    We receive information from data partners about our customers, including contact information about individuals who work for those organizations (e.g., pastors). We use this information for market research, product development, and marketing in accordance with applicable laws as further described in our Privacy Statement.

  5. Is Gloo a data broker?

    No. Gloo does not “sell” a consumer’s personal information to third parties as defined by applicable law and/or engage in activities that meet the definition of “data” broker. 

  6. How does Gloo safeguard Gloo Services?

    As set out  in our Services Acceptable Use Policy, we contractually prohibit recipients of our Services from using our Services (a) for any illegal purposes, (b) to promote hate speech or incite violence, (c) to create a risk to a person’s health or safety, (d) for the advancement of political parties or election campaigns, (e) for anything malicious, fraudulent, harassing or threatening, or (f) for any covert, misleading or unfair communications, including, without limitation, any advertisements or social media campaigns that fail to identify the organization that controls or pays for the communication.

  7. What does Gloo do to maintain the privacy of personal information?

    We may handle sensitive information, including information on faith, religion, family, health, and finances. Gloo has taken measures to mitigate privacy risks with data security and data privacy protection mechanisms including the following:

    • We limit data access within our company to those individuals who have a need to access data.

    • We implement the measures described in our Security Statement.

    • We limit the personal information that we share, as described under this Section.

    • We restrict what our customers may do with  the Services and personal information, as set forth in our terms of service, Privacy Statement, and acceptable use policy (see our answers to Questions 3 and 6).

If you have any further questions, please contact us at:  privacy@gloo.us.

Last Revised: March 16, 2023

gloo

Mission Control for the
Mission Minded

About

Careers

Press

About Us

Trust Center

Privacy

Resources

Blog

Release Notes

Support

Data Privacy FAQ

Stay Connected

Sign up for the Gloo Feed and discover the latest handpicked blog entries and newest platform features and exclusive deals.

Subscribe for Updates

Or text "Subscribe" to 46816

By signing up you agree to our privacystatement.

Terms & Conditions

Privacy Statement

Copyright © 2024 | All rights reserved