Last update:
November 1, 2024
Shiny Planes, Inc. d/b/a Graph, and its affiliated companies (collectively, “Graph”) respects your privacy. This Privacy Policy applies to personal data collected by Graph through the Graphapp.ai website and other websites and third party services on which Graph operates and on which Graph posts a direct link to this Privacy Policy. For some websites managed by a Graph affiliate, the affiliate may act as a controller for data collected from the applicable website. In certain cases, this Privacy Policy applies to personal data collected by Graph when Graph makes this Privacy Policy or a link to it available in a digital communication, in paper form or in person (for example, at in-person events).
As used in this Privacy Policy, the term "personal data" means any information that relates to, is capable of being associated with, describes, or could be linked to, an identified or identifiable natural person (each, a “data subject”). An identifiable natural person is one who can be identified in particular, whether directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
To the extent permitted by applicable law, the categories and types of personal data collected directly from you, whether provided by you or automatically collected through your use of the website (in the case of usage data), may include, without limitation: cookies; usage data; email address; universally unique identifiers (UUID); data communicated while using the Graph service provided through the website or provided through any third party services; payment information; first and last name; and purchase history.
Unless specified otherwise, when you use the Graph services through the website or through third party services, all personal data requested by Graph in connection with such use is mandatory and your failure to provide it may make it impossible for Graph to provide the services to you. Graph’ use of cookies and other similar tracking tools such as web beacons serves the purpose of Graph’ provision of its services to you through the website or such third party services. You are responsible for any third party personal data that you obtain, publish or share through your use of the Graph service, and you expressly confirm that you have received the third party's express written consent to provide such third-party personal data to Graph.
Please note that Graph generally does not collect sensitive personal data, which is data such as your religious or philosophical beliefs, racial or ethnic origin, health or medical information (other than for the purpose of responding to an accommodation request for an event), genetic or biometric data, bank account information (other than for the purpose of processing your order) or other similar sensitive personal data as such term is defined under applicable law. If Graph reasonably needs to collect any sensitive personal data from you, Graph will obtain your consent for such collection as may be required under applicable law.
Graph collects personal data directly from you and from other categories of sources as described in more detail below. The categories of personal data collected directly from you by Graph include all of the categories identified above in the "Types/Categories of Personal Data We Collect" section. Graph collects personal data directly from you when you interact with us through our website(s) and/or through third party services, including, without limitation, when you:
Personal data we collect online may also be combined with personal data you provide to us through offline channels such as through a call center, during an interview, or in conjunction with a Graph-organized event you attend.
Graph may also collect information indirectly from you relating to your use of our website(s) and in response to our emails through the use of various technology. Collecting information in this manner allows Graph to analyze the effectiveness of our website(s) and our marketing efforts, personalize your experience and improve our interactions with you. For more information regarding the technology Graph uses for these purposes, see the “Cookie Policy” section below.
Graph may also supplement the personal data we collect from you with additional personal data we receive from third parties, such as your employer, our customers, and our business partners where you purchase any of our products or services through such business partners, if applicable. The categories of personal data Graph may receive from such third parties may include account and commercial information and professional or employment-related information. We do this to help us improve the overall accuracy of the information and its completeness and to help us better tailor our interactions with you.
Graph has implemented appropriate physical, administrative and technical safeguards to help us protect your personal data from unauthorized access, use and disclosure. Graph also requires that its business partners and service providers protect such information from unauthorized access, use and disclosure.
Graph may use personal data it collects about you to:
Graph will not use your personal data in a manner that is inconsistent with the purpose of its original collection, unless we have provided you additional notice and you have consented. Graph will retain your personal data for only as long as is required for us to fulfill the purposes for which the information is processed or for other valid reasons to retain your personal information (for example, to comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements).
Graph may disclose personal data for the following business purposes:
Except with respect to Graph’s use of certain third party cookies and similar technology used solely on Graph’s website and which activity may constitute a "sale" under California law, Graph does not, and does not plan to, sell your personal data.
When you visit Graph’s website(s) we may automatically collect your IP address, browsing history, information on your interaction with the website, browser type and language, operating system, location, date and time. We may also use cookies to collect information as you navigate our website(s). A cookie is a small amount of data that is sent to your browser from a web server and stored on your device. The cookie may be placed by Graph or by an authorized third party.
If you do not want your information to be stored by cookies, you can manage your cookie preferences by using the options and tools made available to you by your web browser. You can configure your browser so that it always rejects these cookies or asks you each time whether you want to accept them or not. Your browser documentation includes instructions explaining how to enable, disable or delete cookies at the browser level (usually located under the “Help”, “Tools” or “Edit” menu). If a cookie manager has been implemented by Graph on the website you are visiting, the cookie tool may be displayed on the website during your visit, and you can use the cookie manager to set your cookie preference and to see a list of the cookies used on the website. You should note well that your choosing to reject cookies may reduce the performance and functionality of our website(s).
Graph may use web beacons alone or in conjunction with cookies to compile information about usage of our website(s) and interaction with emails from Graph, and to operate and improve our website(s) and email communications. Web beacons are clear electronic images that can recognize certain types of information on your device, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon. Graph uses web beacons to operate and improve our websites and email communications.
In accordance with the laws of certain jurisdictions, you may have certain rights and choices regarding the personal data Graph collects and maintain about you, and how Graph communicates with you.
Where the EU General Data Protection Regulation 2016/679 (“GDPR”), the Brazilian General Data Protection Law (“LGPD”), the California Consumer Privacy Act of 2018, as amended (“CCPA”) , the Personal Information Protection Law of the People’s Republic of China (“PIPL”), or similar legal requirements apply to the processing of your personal data, especially when you access the website from a country in the European Economic Area (“EEA”), Brazil, the People’s Republic of China or as a consumer in the State of California or in a jurisdiction with similar legal protections, you have the following rights with respect to the Graph website(s) you are using, subject to some limitations:
If you would like to exercise any of these rights, you may do so by contacting us as set forth in the “How to Contact Us” section below, subject to our verification as described below in the Verification section. Where the GDPR, LGPD, CCPA, PIPL or similar legal requirements apply, you also have the right to withdraw any consent you have given to any of our uses of your personal data. If you wish to withdraw consent that you have previously provided to us, you may do so by contacting us as set forth in the “How to Contact Us” section below, subject to our verification as described below in the Verification section. However, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Where the GDPR, LGPD, CCPA, PIPL or similar legal requirements do not apply, Graph provides you with the ability to access, modify, or update some of your personal data online at any time. You may log in and make changes to your information, such as your password, your contact information, your general preferences, and your personalization settings. If necessary, you may also contact us as set forth in the “How to Contact Us” section below, subject to our verification as described below in the Verification section and describe the changes you would like for us to make to the information you previously provided. However, note that changing or deleting information necessary for Graph to assist with support, services, and purchases may result in a delay or interruption in processing your requests. You may be given an opportunity to tell us whether you would like to receive information, special offers, and promotional materials by email from Graph or our business partners when you create an account, register for a service, or provide us with your personal data, or when we send you a marketing email. Where required by applicable law, we will obtain adequate consent to provide you with such marketing materials. You also have the ability to opt out of receiving marketing emails from Graph at any time without cost by clicking on the applicable link in our marketing emails or by contacting us as set forth in the “How to Contact Us” section below, subject to our verification as described in the “Verification” section below.
Before responding to a request for information about your personal data, we must verify the request. Verification is important to protect your information and to help confirm that we are responding to a valid request and providing the response to the correct individual. To verify your request, we initially ask for at least two (2) or three (3) identifiers, such as name, email address and location. If we have a need to request additional identifiers to reasonably verify your identity, we will contact you and request additional verification. The information we ask to verify your identity may depend on your relationship with us.
When you exercise your rights under the GDPR, LGPD, CCPA, PIPL or similar laws, you can designate an authorized agent or representative to make a request on your behalf by providing the authorized agent with written permission to do so and verifying your identity with us as part of the request, or by providing the authorized agent with power of attorney pursuant to applicable law. We will ask the individual submitting the request to verify that they are an authorized agent or representative. When submitted by an authorized agent or representative, we will ask the authorized agent or representative to provide the name, email address, and a description of the relationship with the individual who is the subject of the request and to certify that the representative has permission to submit the request, and we may request proof of the consumer’s written permission.
Third Party Links:
Graph’s website(s) may contain links to other, third party websites. Graph does not control and is not responsible for the information collected by third party websites accessible through links from our website(s) or from third party services through which you’re accessing Graph’s services. If you have questions about the data collection with respect to any third party linked websites or third party services, please contact the third parties that operate those websites or services.
Graph’s products and services are not directed to children, and Graph consequently does not knowingly collect online personal data from children under the age of 16. If you are a parent or guardian of a child under the age of 16 and believe that he or she has disclosed personal data to us, please contact us as set forth in the “How to Contact Us” section below. Graph will ensure their personal data is properly processed and disposed of with the consent of their parent or guardian.
If you would like to exercise any of your privacy rights, or if you have any questions about this Privacy Policy or any of Graph’ privacy practices or use of your personal data, please feel free to contact by mail at Shiny Planes, Inc - 440 N BARRANCA AVE #3304 Covina CA 91723
United States, or by email at support@graphapp.ai.
Graph may make changes to this Privacy Policy at any time. The revised Privacy Policy will be posted on this website, and the date of last update will be indicated at the top of the Privacy Policy. If you do not refuse the changes in writing within thirty (30) days of the “last updated” date and you continue to use our website(s) and/or services, we will consider that you have read and understand the Privacy Policy as changed, including with respect to personal data provided to us prior to the changes in the Privacy Policy. We encourage you to periodically review this Privacy Policy for any changes or updates. If you would like information related to the previous version of this Privacy Policy and/or a copy of the previous version, please contact us as set forth in the “How to Contact Us” section above.