top of page

Privacy Policy

Privacy Policy

Your privacy is of utmost importance to us at Mindmode GmbH. This document outlines our Privacy Policy, detailing how we handle and protect your personal information. It covers all aspects of data collection and processing related to your use of our website, applications, and services (collectively referred to as our "Services").

 

Data Controller Information

The entity responsible for processing your personal data, as outlined in this Privacy Policy, is:

Gaudio c/oMindmode GmbH

Schiller 33

6440 Brunnen

Switzerland

As the data controller, we are committed to ensuring the security and proper handling of your personal information in compliance with applicable data protection laws.

 

GDPR and DSG Compliance

Mindmode GmbH is committed to protecting your personal data in compliance with both the European Union's General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (DSG). This policy and our data practices adhere to the principles outlined in these regulations, including lawfulness, fairness, and transparency in data processing. We respect your rights as a data subject and have implemented appropriate technical and organizational measures to ensure the security of your personal data.

 

Data Collection Practices at Mindmode GmbH

Overview of Personal Data Collection

At Mindmode GmbH, we gather various types of personal data to provide and improve our Services. This data falls into two main categories: (I) information you actively provide and (II) data we collect automatically.

 

User-Provided Information

1. Account Details

When you create an account, we collect the following data you fill out:

  • Your name

  • Respective further information provided in the onboarding process such as; age, interests, language preference

  • Contact information

  • Login credentials

  • Payment card details

  • Transaction history

2. User-Generated Content

We store personal information included in:

  • Your submissions

  • File uploads

  • Feedback on our Services

3. Communication Records

When you reach out to us, we retain:

  • Your name

  • Contact details

  • The content of your messages

 

4. Social Media Interactions

On our social media profiles (including Instagram, Facebook, TikTok, X, YouTube, Pinterest, and LinkedIn), we collect:

  • Voluntarily provided contact information

  • Aggregated data and analytics about our social media presence (provided by the platform hosts)

5. Additional Voluntary Information

We also gather data you provide during:

  • Event participation

  • Survey responses

  • Identity verification processes

Automatically Collected Information

1. Log Data

Our systems automatically record:

  • IP addresses

  • Browser types and settings

  • Access times and dates

  • Service interaction details

 

2. Usage Statistics

We track:

  • Content engagement patterns

  • Feature utilization

  • User actions

  • Time zone and country

  • Access frequency and duration

  • Device and software information

 

3. Device-Specific Data

We collect:

  • Device names

  • Operating system details

  • Unique device identifiers

  • Browser information

 

4. Cookie Usage

We employ cookies to manage our services and enhance your user experience. Cookies are small text files that store specific, user-related information on your device while you use our website. They allow us to determine usage frequency, analyze user behavior, and make our services more user-friendly.

Cookies can remain stored on your device beyond the end of a browser session and can be recalled upon subsequent visits. If you prefer not to have cookies stored on your device, you can set your internet browser to refuse the acceptance of cookies. However, please note that this may limit the functionality of our website.

We use cookies for various purposes, including:

  • Managing our services

  • Enhancing user experience

  • Analyzing usage patterns

  • Improving our offerings

You can control cookie settings in your browser, but this may limit website functionality.

For users who wish to object to the use of cookies for online marketing purposes, you can do so for many services (especially in the case of tracking) via the US-based website http://www.aboutads.info/choices/ or the EU-based website Your Online Choices | EDAA .

Additionally, you can prevent the storage of cookies by adjusting your browser settings accordingly. Please be aware that if you do so, you may not be able to use all functions of our website to their fullest extent.

For more detailed information about the specific cookies we use and their purposes, please contact us at hello@gaudio.ai.

 

5. Analytics

We utilize various analytics tools to:

  • Analyze service usage patterns

  • Improve user experience

These tools may use cookies for data collection and analysis.

 

Data Usage and Disclosure Practices at Mindmode GmbH

How We Utilize Your Personal Information

At Mindmode GmbH, we employ your personal data for various purposes, including:

  1. Service Provision and Management: To deliver, administer, maintain, and analyze our Services.

  2. Continuous Improvement: To enhance our offerings and conduct research for better user experiences.

  3. User Communication: To keep you informed about our Services and events.

  4. Innovation: To develop new programs and services tailored to user needs.

  5. Security Measures: To prevent fraud, criminal activity, or misuse of our Services, and to safeguard our IT infrastructure.

  6. Business Operations: To facilitate business transfers when necessary.

  7. Legal Compliance: To adhere to legal obligations and protect the rights, privacy, safety, and property of our company, partners, users, and other relevant parties.

 

Handling of Aggregated and De-identified Data

We may process your personal information to create aggregated or de-identified datasets. This transformed data, which can no longer be used to identify individuals, serves several purposes:

  • Analyzing and improving our Services

  • Developing new features

  • Conducting research

  • Sharing general user statistics with third parties

  • Publishing or making available aggregated information

We collect this type of data through our Services, cookies, and other means outlined in this Privacy Policy. We commit to maintaining the anonymity of de-identified information and will not attempt to re-identify it unless legally required.

 

Circumstances of Personal Data Disclosure

In specific situations, we may share your personal data with third parties without prior notification, unless legally mandated:

  1. Service Providers: We may share data with vendors who assist in our business operations, including hosting, AI, customer service, cloud computing, email communication, and analytics providers. These entities will only process data as per our instructions and for specified tasks.

  2. Business Transactions: In events such as mergers, reorganizations, or service transfers, your data may be disclosed to relevant parties and transferred to successors or affiliates.

  3. Legal Obligations: We may disclose your information to authorities or third parties to comply with legal requirements, protect our rights, enforce our policies, prevent illegal activities, ensure safety, or guard against legal liabilities.

  4. Affiliated Companies: We may share data with our affiliate companies (those we control, are controlled by, or are under common control with). They will use this information in line with our Privacy Policy.

  5. User-Initiated Sharing: Some features of our Services allow you to share information with other users or third parties. Exercise caution when sharing and ensure you trust the recipients.

We urge users to be mindful when sharing information and to consider the trustworthiness of other users or third parties before disclosing personal data.

 

Data Minimization

At Gaudio, we are committed to the principle of data minimization. We collect and process only the personal data that is necessary for the specific purpose of providing and improving our AI-powered audio guide service. We regularly review our data collection practices to ensure we're not collecting excessive information, especially in culturally sensitive contexts. When possible, we anonymize or pseudonymize data to further protect your privacy.

 

Gaudio App specific Data Processing

Our AI-powered audio guide service processes the following types of data:

  1. Voice Data: When you use our audio guide features, we may collect and process your voice input. This data is used to:

    • Provide real-time responses and information

    • Improve the accuracy and effectiveness of our voice recognition technology

    • Enhance the personalization of your experience

  2. Transcripts: We may generate and store transcripts of your interactions with the audio guide. These transcripts are used to:

    • Provide you with a record of your tour experience

    • Analyze and improve our service quality

    • Develop new features and content

  3. Location Data: With your permission, we may collect and process your location data to:

    • Provide location-specific information and guidance

    • Offer relevant content based on your position within a cultural site

  4. User Preferences: We collect and process data about your interests, preferred languages, and interaction patterns to:

    • Personalize your audio guide experience

    • Recommend relevant content and features

 

Data Processing and Storage

  • Voice data is processed in real-time and is not stored long-term unless necessary for service improvement or legal compliance.

  • Transcripts are stored securely and retained in line with our data retention policy.

  • All data is encrypted both in transit and at rest.

AI Technology

We use advanced AI technology to power our audio guide service. This involves:

  • Natural Language Processing (NLP) to understand and respond to your queries

  • Machine Learning algorithms to improve personalization and content relevance

We ensure that our AI processes comply with data protection regulations and ethical AI principles.

 

Data Retention Policy

At Mindmode GmbH, we retain personal data only for as long as necessary to:

  1. Provide our services

  2. Fulfill legitimate business needs

  3. Resolve disputes

  4. Maintain security

  5. Comply with legal obligations

 

The duration of data retention is influenced by several factors:

  • The purpose of data processing

  • The volume, nature, and sensitivity of the data

  • Potential risks associated with unauthorized use or disclosure

  • Applicable legal and regulatory requirements

 

Your Data Rights

Depending on your location, you may have specific rights regarding your personal data:

  1. Data Access: View your personal data and learn how it's processed

  2. Data Deletion: Request removal of your data from our records

  3. Data Correction: Update or rectify your personal information

  4. Data Portability: Transfer your data to another entity

  5. Processing Restrictions: Limit how we use your data

  6. Consent Withdrawal: Revoke previously given consent for data processing

  7. Objection Rights:

    • Oppose personal data processing for direct marketing

    • Contest data processing based on our legitimate interests

  8. Complaint Filing: Report concerns to your local data protection authority

To exercise these rights:

  • Use your Gaudio account settings where possible

  • For actions not available through your account, contact us at hello@gaudio.ai

Note: These rights may have limitations, such as when fulfilling a request would infringe on another person's privacy or conflict with our legal obligations.

For unresolved issues:

  • EU residents: Contact your local supervisory authority

  • UK residents: Reach out to the Information Commissioner's Office

  • Swiss residents: Consult the Swiss Federal Data Protection and Information Commissioner

 

Children's Privacy

Our services are not directed to children under the age of 16 without the consent of a parent or guardian. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us at hello@gaudio.ai. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

 

External Website Links

Our Service may include links to third-party websites, including social media platforms. Please note:

  • We don't control or operate these Third Party Sites

  • Your activities on these sites are governed by their specific privacy policies and terms

  • We don't endorse or vouch for these sites simply by providing links

  • Contact third-party sites directly for information about their privacy practices

 

Security Measures

We implement reasonable technical, administrative, and organizational safeguards to protect your data:

  • Online and offline protection against unauthorized access, misuse, alteration, and destruction

However, be aware that:

  • No Internet or email transmission is 100% secure or error-free

  • Emails to or from us may not be secure

  • Exercise caution when deciding what information to send via our Service or email

  • We're not responsible for bypassing any privacy settings or security measures on our Service or third-party websites

We advise users to be mindful of the inherent risks in transmitting sensitive information online and to take appropriate precautions.

 

Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the appropriate supervisory authority without undue delay. This notification will include:

  • The nature of the personal data breach

  • The likely consequences of the breach

  • The measures taken or proposed to address the breach and mitigate its possible adverse effects

We maintain internal procedures to detect, report, and investigate personal data breaches in line with our legal obligations.

 

Mindmode GmbH: Legal Foundations for Data Processing

At Mindmode GmbH, we process your personal data based on several legal grounds, depending on the specific purpose and type of data involved. Here's a comprehensive overview of our legal bases for data processing:

 

1. Service Provision and Maintenance

Purpose: To deliver and maintain our services

Data Types:

  • Account details

  • User-generated content

  • Communication records

  • Supplementary user-provided information

  • System logs

  • Usage statistics

  • Device-specific data

  • Cookies and related technologies

Legal Basis: Contractual necessity - processing is required to fulfill our service agreement with you, such as addressing user inquiries.

 

2. Service Enhancement and Research

Purpose: To improve existing services, develop new features, and conduct research

Data Types:

  • All types listed under Service Provision

  • Information from external sources

Legal Basis: Legitimate interests - processing is necessary for our business interests and those of third parties, including societal benefits. For example, refining our AI models to enhance service quality.

 

3. User Communication and Marketing

Purpose: To relay information about our services and events, including marketing materials

Data Types:

  • Account information

  • Communication records

  • Social media interactions

  • Additional user-provided data

  • System logs

  • Usage patterns

  • Device information

  • Cookies and similar technologies

Legal Basis:

  1. Contractual necessity - for essential service communications, like technical updates.

  2. User consent - for specific processing activities we clearly communicate, such as sending marketing materials.

 

4. Security and Fraud Prevention

Purpose: To prevent fraudulent activities, misuse of our services, and protect our systems

Data Types:

  • All previously mentioned data types

Legal Basis:

  1. Legal obligation - when we're required to process data to comply with laws.

  2. Legitimate interests - when not bound by specific legal requirements, processing is necessary to protect our services, users, and third parties from security threats, fraud, and abuse.

 

Important Notes:

  1. The legal basis for processing may vary depending on the specific circumstances and the nature of the data involved.

  2. Where we rely on legitimate interests, we carefully balance our needs against your privacy rights.

  3. When consent is the basis for processing, you have the right to withdraw this consent at any time.

  4. We may process data under multiple legal bases depending on the context and purpose of the processing.

For any questions about the legal basis for processing your data, please contact our data protection team at hello@gaudio.ai.

 

Mindmode GmbH: Legal Compliance, International Data Transfers, and Privacy Policy Updates

 

Legal Compliance and Protection of Rights

Purpose of Processing

To fulfill legal obligations and safeguard the rights, privacy, safety, and property of our users, our company, our affiliates, and third parties.

 

Types of Personal Data Processed

  • Account details

  • User-generated content

  • Communication records

  • Social media interactions

  • Additional user-provided information

  • Data from external sources

  • System logs

  • Usage statistics

  • Device-specific information

  • Cookies and related technologies

 

Legal Basis

  1. Legal Obligation: When we must process data to comply with laws, such as maintaining transaction records for accounting purposes.

  2. Legitimate Interests: In cases where no specific legal obligation exists, processing may be necessary to protect the interests of our company, users, affiliates, or third parties. For example, analyzing log data to identify and prevent fraudulent activities or service abuse.

 

International Data Transfers

At Mindmode GmbH, we utilize services from various third-party providers, including OpenAI, which may involve transferring your personal data to countries outside the European Economic Area (EEA), Switzerland, and the UK. Please be aware:

  1. Data Protection Standards: Some countries may not offer the same level of data protection as your home country.

  2. Compliance Measures: We adhere to applicable data protection laws when transferring personal data internationally.

  3. Transfer Mechanisms: For transfers to non-EEA countries, we rely on:

    • European Commission's adequacy decisions for certain countries

    • European Commission's Standard Contractual Clauses with country-specific addenda for other jurisdictions

  4. Third-Party Services: By using our services, you acknowledge that:

    • Your personal data may be processed and stored on servers located in the United States and other countries

    • Your data may be shared with service providers and affiliates of our third-party partners in various countries

 

Our AI-powered audio guide service may utilize technology from providers such as OpenAI, which may involve transferring your data to countries outside Switzerland and the European Economic Area (EEA). To ensure the protection of your data in these transfers:

  1. We implement strong contractual safeguards, including Standard Contractual Clauses approved by the European Commission, supplemented by additional measures where necessary.

  2. We conduct regular assessments of the data protection laws in recipient countries and implement additional safeguards where required.

  3. For transfers specifically related to AI processing:

    • We ensure that only necessary data is transferred

    • We use anonymization or pseudonymization techniques where possible

    • We implement strict access controls and encryption measures

  4. We regularly audit our AI providers to ensure they maintain appropriate technical and organizational measures to protect your data.

You can request more information about the specific safeguards applied to the transfer of your personal data by contacting us at hello@gaudio.ai.

 

Vendor Management

We carefully select and regularly review our third-party service providers (vendors) who process personal data on our behalf. We enter into data processing agreements with these vendors, requiring them to implement appropriate technical and organizational measures to protect your personal data. These agreements ensure that vendors only process personal data according to our instructions and in compliance with this Privacy Policy. We maintain a list of approved vendors and conduct periodic assessments of their data protection practices.

For more detailed information about our data transfer practices, please contact us at hello@gaudio.ai.

 

Privacy Policy Updates

We may periodically update this Privacy Policy to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make changes:

  1. We will post the updated version on this page.

  2. If required by applicable law, we may use alternative methods to notify you of significant changes.

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal information.

 

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices that are not addressed here, please contact our privacy team at hello@gaudio.ai.

We are committed to addressing your inquiries and resolving any issues related to your privacy and data protection rights.

 

Version Control

This Privacy Policy was last updated on the 2nd of August, 2024. Version 1.0.

bottom of page