Privacy Policy

Last update:

November 1, 2024

Scope:

Shiny Planes, Inc. d/b/a Graph, and its affiliated companies (collectively, “Graph”) respects your privacy. This Privacy Policy applies to personal data collected by Graph through the Graphapp.ai website and other websites and third party services on which Graph operates and on which Graph posts a direct link to this Privacy Policy.  For some websites managed by a Graph affiliate, the affiliate may act as a controller for data collected from the applicable website.  In certain cases, this Privacy Policy applies to personal data collected by Graph when Graph makes this Privacy Policy or a link to it available in a digital communication, in paper form or in person (for example, at in-person events).

As used in this Privacy Policy, the term "personal data" means any information that relates to, is capable of being associated with, describes, or could be linked to, an identified or identifiable natural person (each, a “data subject”).  An identifiable natural person is one who can be identified in particular, whether directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Types/Categories of Personal Data We Collect:‍

To the extent permitted by applicable law, the categories and types of personal data collected directly from you, whether provided by you or automatically collected through your use of the website (in the case of usage data), may include, without limitation: cookies; usage data; email address; universally unique identifiers (UUID); data communicated while using the Graph service provided through the website or provided through any third party services; payment information; first and last name; and purchase history.

Unless specified otherwise, when you use the Graph services through the website or through third party services, all personal data requested by Graph in connection with such use is mandatory and your failure to provide it may make it impossible for Graph to provide the services to you. Graph’ use of cookies and other similar tracking tools such as web beacons serves the purpose of Graph’ provision of its services to you through the website or such third party services. You are responsible for any third party personal data that you obtain, publish or share through your use of the Graph service, and you expressly confirm that you have received the third party's express written consent to provide such third-party personal data to Graph.

Please note that Graph generally does not collect sensitive personal data, which is data such as your religious or philosophical beliefs, racial or ethnic origin, health or medical information (other than for the purpose of responding to an accommodation request for an event), genetic or biometric data, bank account information (other than for the purpose of processing your order) or other similar sensitive personal data as such term is defined under applicable law.  If Graph reasonably needs to collect any sensitive personal data from you, Graph will obtain your consent for such collection as may be required under applicable law.

‍How We Collect Personal Data/Sources of Data:‍

Graph collects personal data directly from you and from other categories of sources as described in more detail below. The categories of personal data collected directly from you by Graph include all of the categories identified above in the "Types/Categories of Personal Data We Collect" section.  Graph collects personal data directly from you when you interact with us through our website(s) and/or through third party services, including, without limitation, when you:

  • Create a user account (individual or corporate);
  • Make online purchases or register products;
  • Request support;
  • Register for or participate in a class, exam, certification, training, webcast or other event;
  • Request information or materials (for example, whitepapers);
  • Participate in surveys or evaluations;
  • Participate in promotions, contests, sweepstakes or giveaways;
  • Apply for employment;
  • Submit questions or comments; or
  • Submit content or posts on our customer portal pages or other interactive webpages. 

Personal data we collect online may also be combined with personal data you provide to us through offline channels such as through a call center, during an interview, or in conjunction with a Graph-organized event you attend.

Graph may also collect information indirectly from you relating to your use of our website(s) and in response to our emails through the use of various technology.  Collecting information in this manner allows Graph to analyze the effectiveness of our website(s) and our marketing efforts, personalize your experience and improve our interactions with you.  For more information regarding the technology Graph uses for these purposes, see the “Cookie Policy” section below. 

Graph may also supplement the personal data we collect from you with additional personal data we receive from third parties, such as your employer, our customers, and our business partners where you purchase any of our products or services through such business partners, if applicable. The categories of personal data Graph may receive from such third parties may include account and commercial information and professional or employment-related information.  We do this to help us improve the overall accuracy of the information and its completeness and to help us better tailor our interactions with you.

‍Security:‍

Graph has implemented appropriate physical, administrative and technical safeguards to help us protect your personal data from unauthorized access, use and disclosure.  Graph also requires that its business partners and service providers protect such information from unauthorized access, use and disclosure.‍

How We Use/Process Your Personal Data:‍

Graph may use personal data it collects about you to:

  • Identify and Authenticate You.  Graph uses your personal data to verify your identity when you access and use our services and to ensure the security of your personal data.  This includes your creation of an account that is associated with your personal data.  Graph processes such information in order to comply with our contractual obligations to you; in some other cases, it is Graph’ legitimate business interest to be able to identify and authenticate you.
  • Fulfill Your Requests.  If you request something from Graph, such as a product or service, a call back, a newsletter subscription, or specific marketing or other materials, we use the personal data you provide to respond to your request. We or our representatives may also contact you as part of customer satisfaction surveys or for market research purposes. Where required by applicable law, we will obtain your consent before sending marketing messages.
  • Provide You with Information About Our Products, Services and Events. Graph may use your personal data to notify you about product and service offerings, and possibly events that Graph believes may be of interest to you. Graph may also use your personal data to respond directly to your requests for information.
  • Provide Support and Customer Service.  Graph may use your personal data to provide support for products or services you have obtained from us, as well as to answer related questions.
  • Process Your Job Application. When you apply for a position at Graph, we use the personal data you provide in connection with your application for the purpose of assessing your application, considering you for future positions and carrying out human resources functions in accordance with applicable law.
  • Enhance Your Website Experience.  When you use Graph’ website(s) and/or respond to our emails, we may use the personal data you provide for the purpose of enhancing and customizing your experience on our website(s) and when using our services.  Graph may also use this information to help us improve and further develop our website(s), products and services.

Graph will not use your personal data in a manner that is inconsistent with the purpose of its original collection, unless we have provided you additional notice and you have consented.  Graph will retain your personal data for only as long as is required for us to fulfill the purposes for which the information is processed or for other valid reasons to retain your personal information (for example, to comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements). 

‍How We Disclose/Share Your Personal Data:‍

Graph may disclose personal data for the following business purposes: 

  • To business partners and service providers in order to support our business operations, such as fulfilling your orders, following up on requests, providing support and assisting Graph with sales, marketing and communication initiatives. Such business partners and service providers may include distributors, resellers, payment processors, financial service providers and institutions, postal or government authorities, market intelligence and consulting service providers, and information technology service providers. Such business partners and service providers are required by contract to keep the information received on behalf of Graph confidential and secure and to not use it for any purpose other than the purpose for which it was provided to them.
  • Graph may disclose personal data as required by law or legal process, such as responding to a duly authorized and lawful request of police or a public authority, to enforce or protect Graph’ rights, when such disclosure is necessary or appropriate to prevent physical harm or financial loss as permitted by applicable law, or in connection with an investigation of suspected or actual illegal activity.
  • Graph may disclose personal data in the context of a business transaction involving part or all of Graph, such as transactions with investors, or a merger, acquisition, consolidation, or divestiture.  Such transactions may involve the disclosure of personal data to prospective or actual purchasers or institutional investors, or the receipt of it from sellers. It is Graph’ practice to seek appropriate protection for information in these types of transactions.  Graph will inform you of the name and the contact information of the receiver of your personal data. Following such a business transaction, you may contact the entity to which we transferred your personal data with any inquiries concerning the use of that information.
  • Graph may disclose personal data to its affiliates for the business purposes described above.

Except with respect to Graph’s use of certain third party cookies and similar technology used solely on Graph’s website and which activity may constitute a "sale" under California law, Graph does not, and does not plan to, sell your personal data.

Cookie Policy:‍

When you visit Graph’s website(s) we may automatically collect your IP address, browsing history, information on your interaction with the website, browser type and language, operating system, location, date and time.  We may also use cookies to collect information as you navigate our website(s).  A cookie is a small amount of data that is sent to your browser from a web server and stored on your device.  The cookie may be placed by Graph or by an authorized third party.

If you do not want your information to be stored by cookies, you can manage your cookie preferences by using the options and tools made available to you by your web browser.  You can configure your browser so that it always rejects these cookies or asks you each time whether you want to accept them or not.  Your browser documentation includes instructions explaining how to enable, disable or delete cookies at the browser level (usually located under the “Help”, “Tools” or “Edit” menu).  If a cookie manager has been implemented by Graph on the website you are visiting, the cookie tool may be displayed on the website during your visit, and you can use the cookie manager to set your cookie preference and to see a list of the cookies used on the website.  You should note well that your choosing to reject cookies may reduce the performance and functionality of our website(s).

Graph may use web beacons alone or in conjunction with cookies to compile information about usage of our website(s) and interaction with emails from Graph, and to operate and improve our website(s) and email communications.  Web beacons are clear electronic images that can recognize certain types of information on your device, such as cookies, when you viewed a particular website tied to the web beacon, and a description of a website tied to the web beacon.  Graph uses web beacons to operate and improve our websites and email communications.‍

Certain Rights You Have Regarding Your Personal Data:‍

In accordance with the laws of certain jurisdictions, you may have certain rights and choices regarding the personal data Graph collects and maintain about you, and how Graph communicates with you.

Where the EU General Data Protection Regulation 2016/679 (“GDPR”), the Brazilian General Data Protection Law (“LGPD”), the California Consumer Privacy Act of 2018, as amended (“CCPA”) , the Personal Information Protection Law of the People’s Republic of China (“PIPL”), or similar legal requirements apply to the processing of your personal data, especially when you access the website from a country in the European Economic Area (“EEA”), Brazil, the People’s Republic of China or as a consumer in the State of California or in a jurisdiction with similar legal protections, you have the following rights with respect to the Graph website(s) you are using, subject to some limitations:

  • The right to request information about our use of your personal data (for example, the pieces and categories of personal data we have, the categories of sources, the purposes for collection, the third parties with whom we have shared personal data, and the personal data we have disclosed);
  • The right to review and access your personal data;
  • The right to rectify/correct/update/modify your personal data in our possession;
  • The right to erase/delete, de-identify, anonymize, or block your personal data;
  • The right to restrict our use of your personal data;
  • The right to object to our use, or certain types of disclosures, of your personal data;
  • The right to request the transfer of your personal data in our possession to a third party;
  • The right to receive your personal data in a usable format and transmit it to a third party (sometimes referred to as data portability); and
  • The right to lodge a complaint with your local data protection authority.

If you would like to exercise any of these rights, you may do so by contacting us as set forth in the “How to Contact Us” section below, subject to our verification as described below in the Verification section. Where the GDPR, LGPD, CCPA, PIPL or similar legal requirements apply, you also have the right to withdraw any consent you have given to any of our uses of your personal data.  If you wish to withdraw consent that you have previously provided to us, you may do so by contacting us as set forth in the “How to Contact Us” section below, subject to our verification as described below in the Verification section. However, the withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal. Where the GDPR, LGPD, CCPA, PIPL or similar legal requirements do not apply, Graph provides you with the ability to access, modify, or update some of your personal data online at any time.  You may log in and make changes to your information, such as your password, your contact information, your general preferences, and your personalization settings.  If necessary, you may also contact us as set forth in the “How to Contact Us” section below, subject to our verification as described below in the Verification section and describe the changes you would like for us to make to the information you previously provided.  However, note that changing or deleting information necessary for Graph to assist with support, services, and purchases may result in a delay or interruption in processing your requests. You may be given an opportunity to tell us whether you would like to receive information, special offers, and promotional materials by email from Graph or our business partners when you create an account, register for a service, or provide us with your personal data, or when we send you a marketing email.  Where required by applicable law, we will obtain adequate consent to provide you with such marketing materials.  You also have the ability to opt out of receiving marketing emails from Graph at any time without cost by clicking on the applicable link in our marketing emails or by contacting us as set forth in the “How to Contact Us” section below, subject to our verification as described in the “Verification” section below.‍

Verification:‍

Before responding to a request for information about your personal data, we must verify the request. Verification is important to protect your information and to help confirm that we are responding to a valid request and providing the response to the correct individual.  To verify your request, we initially ask for at least two (2) or three (3) identifiers, such as name, email address and location.  If we have a need to request additional identifiers to reasonably verify your identity, we will contact you and request additional verification. The information we ask to verify your identity may depend on your relationship with us.

When you exercise your rights under the GDPR, LGPD, CCPA, PIPL or similar laws, you can designate an authorized agent or representative to make a request on your behalf by providing the authorized agent with written permission to do so and verifying your identity with us as part of the request, or by providing the authorized agent with power of attorney pursuant to applicable law.  We will ask the individual submitting the request to verify that they are an authorized agent or representative.  When submitted by an authorized agent or representative, we will ask the authorized agent or representative to provide the name, email address, and a description of the relationship with the individual who is the subject of the request and to certify that the representative has permission to submit the request, and we may request proof of the consumer’s written permission.‍

Third Party Links:‍

Graph’s website(s) may contain links to other, third party websites.  Graph does not control and is not responsible for the information collected by third party websites accessible through links from our website(s) or from third party services through which you’re accessing Graph’s services.  If you have questions about the data collection with respect to any third party linked websites or third party services, please contact the third parties that operate those websites or services.

Children’s Online Privacy:

Graph’s products and services are not directed to children, and Graph consequently does not knowingly collect online personal data from children under the age of 16.  If you are a parent or guardian of a child under the age of 16 and believe that he or she has disclosed personal data to us, please contact us as set forth in the “How to Contact Us” section below.  Graph will ensure their personal data is properly processed and disposed of with the consent of their parent or guardian.‍

How to Contact Us:‍

If you would like to exercise any of your privacy rights, or if you have any questions about this Privacy Policy or any of Graph’ privacy practices or use of your personal data, please feel free to contact by mail at Shiny Planes, Inc - 440 N BARRANCA AVE #3304 Covina CA 91723
United States, or by email at support@graphapp.ai.

Changes to This Privacy Policy:

Graph may make changes to this Privacy Policy at any time.  The revised Privacy Policy will be posted on this website, and the date of last update will be indicated at the top of the Privacy Policy.  If you do not refuse the changes in writing within thirty (30) days of the “last updated” date and you continue to use our website(s) and/or services, we will consider that you have read and understand the Privacy Policy as changed, including with respect to personal data provided to us prior to the changes in the Privacy Policy.  We encourage you to periodically review this Privacy Policy for any changes or updates.  If you would like information related to the previous version of this Privacy Policy and/or a copy of the previous version, please contact us as set forth in the “How to Contact Us” section above.