Gleam (“Gleam”, “we” or “us”) provides software that helps online businesses (our “Customers”) run engaging marketing campaigns that are promoted to customers (“Campaign Users”).
In order to ensure confidentiality and lawful processing of its, Visitors, Customers and Campaign Users personal data, Gleam in its capacity of a data controller and of a processor, conducts its activities in strict compliance with the requirements set in the Australia Privacy Act 1988, Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of this data (GDPR) and the California Consumer Privacy Act (CCPA).
What Information We Collect and How We Use It
We may collect the following types of information about you on our Website
Customers and Visitors of our Site
We may collect your personal data in a variety of ways, including, but not limited to, when you visit our Site, register on the Site, subscribe to our newsletter, fill out a form, or in connection with other activities, services, features or resources we make available.
Registration and Contact Information: As appropriate and depending on the Services you would like to use, Customers and Visitors may be asked to provide us with full name, username, email, address, credit card, phone number or billing information.
Payment Information: When you purchase the Services, we will also collect transaction information, which may include your credit card information, billing and mailing address, and other payment-related information.
Third Party Platforms. We may collect information when you interact with our advertisements and other content on third-party sites or platforms, such as social networking sites. This may include information such as Facebook Likes, profile information gathered from social networking sites during signup or the fact that you viewed or interacted with our content.
Gleam Campaign Users
Gleam is a consent based marketing platform, this means that in order for us to process data on behalf of users they must provide it via explicit consent first. This might be as simple as filling out a form or something more complex like connecting Facebook to their Gleam account.
Gleam also does not collect retain or share end user information including IP addresses, unique user identifiers, or personally identifiable information gathered on sites or apps not owned by Gleam, except for the limited purpose of determining conversion rates & detecting fraud, in which case all personally identifiable information remains anonymous until you explicitly consent by entering a campaign.
Gleam does not track or provide any personal information to Companies that run Campaigns until you explicitly provide consent. This means that you do not expose any personal information to either Gleam or Companies until you actively participate in their Campaign (even if you are still logged into Gleam or not).
IP Addresses: IP addresses are collected Anonymously (last octet removed) for reporting and usage purposes. When you consent to a specific campaign your IP address is linked to the associated record and allows campaign owners to filter records that share an IP address. Your IP address is never shared publicly within the app and always remains hidden.
Name, Email & Form Fields: By default each Campaign may collect basic login information from users that includes their full name and email address. By entering campaigns you are accepting that campaign owners will have access to the information you provide.
Some Campaigns may also require additional Custom Fields which include Date of Birth (for Age Verification) and other identifiable fields that the user can choose to fill out.
Social Logins: Gleam also allows Campaign Users to connect social accounts to your profile. Companies that have social logins enabled on their Campaigns will be able to see basic information related to accounts that you connect. This includes but is not limited to your name, email address, social profile URL’s and associated profile photos.
Gleam will never use or post to these accounts without your permission and will always require your interaction with the widget to execute any specific actions
Gleam will only ever use information that you have made public or specifically allowed us to access when you accept permissions
Gleam does not know or store any passwords associated with your social accounts
If you wish to remove the link between Gleam and any social network, you can either remove the Gleam Competitions app inside that specific social network or unlink it from the Edit tab inside the Campaign
Persistent Logins: Gleam is a distributed platform, which means that if a Campaign User has previously logged into our widget they will continue to stay logged in via third party Cookies across other Campaigns owned by other Companies until they specifically log out. This is designed to make it easy for users to enter more than one campaign without having to re-enter their details again.
YouTube and Google
For YouTube Actions, Gleam uses YouTube’s API Services to receive data. Users who use these Actions agree to be bound by the YouTube Terms of Service.
Persist Customers sessions that are logged into Gleam
Persist Campaign Users sessions that are logged into campaigns (either on Gleam.io or embedded via iFrames)
Tracking and awarding credit for referring users via our Viral Share Action
Tracking browser behaviours to show Capture campaigns
Tracked users referred by our Referral Program
Device fingerprinting is a process by which a fingerprint of a device is captured when visiting a website.
Gleam uses 3rd party services to gather a number of data points from a Gleam Campaign Users computer, such as operating system version, browser version, screen resolution, plug-ins & language. This unique ID is then transmitted when Gleam Campaign Users consent by providing their details when entering a campaign.
The information collected via Device Fingerprinting is used to identify patterns of fraudulent behaviour by Gleam Campaign Users that violate our Terms of Service. This includes trying to cheat by creating multiple accounts, referring your own devices or accounts into a Campaign or attempting to redeem a Reward that is limited to one per person.
Gleam does not use this information to track or identify users on sites or apps not owned by Gleam or for any other purpose than to detect fraud & protect the integrity of Campaigns, nor do we use the gleam.io or js.gleam.io domains to fingerprint on 3rd party domains.
How We Use Collected Information
Gleam may collect and use User’s personal information for the following purposes:
Gleam Website Users
To administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
To write or display content such as case studies or customer testimonials on our Site;
To improve Gleam to ensure that content is presented in the most effective manner for you and for your Device;
To allow you to participate in interactive features of our service, when you choose to do so;
To send periodic emails: We may use the email address to send User information and updates pertaining to their subscription. It may also be used to respond to their inquiries, questions, and/or other requests.
Gleam Campaign Users
Gleam does not own or use any identifiable data provided by Campaign Users for any reason other than to:
Ensure that your specific request is carried out and assigned to the correct campaign that you provided consent for
Identify and detect fraudulent behaviour or Campaign Users that are violating our Terms of Service
Provide support to Customers regarding specific Campaign User queries
Analyze anonymized statistics or usage to help improve the Gleam platform
Sharing Information With Third Parties
To guarantee the legality of any transfer of personal data of EEA or Swiss citizens to sub-processors located outside the EEA or Switzerland, Gleam applies additional terms via our Data Processing Agreement.
Customers and Visitors of our Site
Gleam may use third party service providers to help us operate our business or administer activities on our behalf, such as sending out newsletters or collecting Website analytics. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
Gleam engages certain onward subprocessors that may process personal data submitted to Gleam’s services. These subprocessors are listed below, and may be updated by Gleam from time to time:
Amazon Web Services – Privacy Shield Certified
Bugsnag – Privacy Shield Certified
Frontapp – Privacy Shield Certified
Google Analytics – Privacy Shield Certified
Intercom – Privacy Shield Certified
Mailgun – Privacy Shield Certified
Stripe – Privacy Shield Certified
Gleam Campaign Owners
Gleam offers a number of integrations with 3rd party service providers that enable Campaign Owners to send Campaign Users data from Gleam for processing:
These providers include:
Active Campaign – Privacy Shield Certified
Amazon Web Services – Privacy Shield Certified
AWeber – Privacy Shield Certified
Benchmark Email – Privacy Shield Certified
Bit.ly – Privacy Shield Certified
Bronto – Privacy Shield Certified
Constant Contact – Privacy Shield Certified
Emma – Privacy Shield Certified
Google Analytics – Privacy Shield Certified
Highrise – Privacy Shield Certified
HubSpot – Privacy Shield Certified
Mad Mimi – Privacy Shield Certified
MailChimp – Privacy Shield Certified
Mailgun – Privacy Shield Certified
Marketo – Privacy Shield Certified
Ontraport – Privacy Shield Certified
Sailthru – Privacy Shield Certified
SalesForce – Privacy Shield Certified
SalesForce Marketing Cloud – Privacy Shield Certified
SendGrid – Privacy Shield Certified
Shopify – Privacy Shield Certified
Silverpop (IBM Cloud) – Privacy Shield Certified
Zapier – Privacy Shield Certified
Zoho – Privacy Shield Certified
Third Party Websites
Users may find advertising or other content on our Site that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site, is subject to that website’s own terms and policies.
In certain limited circumstances, we may also have to disclose your personal data to public authorities and other third parties, if the disclosure is in response to lawful requests made by such public authorities, including to conform with national security or law enforcement requirements. Your personal information may also be disclosed to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Gleam may also share personal data with third parties to prevent, investigate or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service or any other agreement related to the Services, or as otherwise required by law.
We use appropriate technical and organizational security measures to protect any personal information we process about visitors to our Website against unauthorized access, disclosure, alteration, and destruction. However, please note that no Internet transmission can ever be guaranteed 100% secure, and so we encourage you to take care when disclosing personal information online and to use readily available tools, such as Internet firewalls, secure e-mail and similar technologies to protect yourself online.
Sensitive and private data exchange between the Site and its Users happens over an SSL secured communication channel and is encrypted and protected with digital signatures. All user data is encrypted at rest using industry standard AES-256 encryption.
Gleam uses Stripe to process our credit card payments and no credit card details are stored on our servers. Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
In case of an unauthorized security intrusion that materially affects you or the people on your mailing list Gleam will notify you as soon as possible and will within reasonable time report the action we took in response.
Reporting Seucrity Issues
Gleam runs a bug bountry program via HackerOne with cash bounties. If you have found a bug and would like report it ethically, please email [email protected] for an invite.
EU and EEA residents
The servers where Gleam stores all personal data are located in the US. If you are located in a country member of either the EU or the EEA, please be aware that any information provided to us, including personal information, will be transferred from your country of origin to the US. Except in the case of data transfers under the EU-US Privacy Shield and the Swiss-US Privacy Shield, we may ask for your express consent to provide such data to us or allow us to collect such data.
International Transfer of Personal Data
All personal data we process is stored directly, without any subsequent transfers, on US-based servers, which we loan from a third-party datacenter that is certified and adheres to the EU – U.S Privacy Shield Framework.
To additionally guarantee to our Customers and their European Campaign users (data subjects) the legality of our processing services and the international transfers of the personal data, Gleam has undertaken GDPR compliant contractual commitments, binding us, as a data processor, to protect the data privacy and to ensure the most adequate level of data security.
Data Processing Agreement
If you are our Customer and your company is either located in the European Economic Area (EEA) or Switzerland, or your company, by using our services, is processing the data of anyone who is in the EEA or Switzerland, then you can request our GDPR compliant Data Processing Agreement by submitting a support ticket from the Support tab inside your account.
Data Retention Periods
Gleam will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. For Campaign data, Gleam’s Customers have control of the purpose for collecting data, and the duration for which the Personal Data may be kept. When a User’s account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.
If a Customer or User account has been suspended for a Terms of Service violation, Gleam will retain the information necessary to continue to enforce this suspension for up to 10 years.
Privacy Controls & Choices
Gleam Website Communication: Our Customers, Site Visitors and Users have a choice about how we use their personal data to get in touch with them and may choose to opt-out at any time by unsubscribing or changing their account settings.
Campaign Users Notifications: We provide an easy mechanism for opt-ing out of any communication from campaigns inside the Post Entry Email. You can simply select the Unsubscribe or “Turn them off” links in the footer.
Campaign Users Social Accounts: We provide a mechanism for every Campaign User to remove any linked social accounts from Gleam via the Edit panel inside our campaign widget.
Your Rights: We provide all Customers, Visitors and Users of our Site with the opportunity to request access, correction, restriction, deletion, data portability or oppose to any personal information that has previously been provided to us in connection with the use of our Website, as required by law. You can send us an email to [email protected]. We may request specific information from you to confirm your identity.
Gleam’s Data Protection Officer
Gleam has a Data Protection Officer who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:
Attn: Data Protection Officer
33 Wimbledon Avenue
California Consumer Privacy Act
For our users or customers living or doing business in California, Gleam is subject to the California Consumer Privacy Act (“CCPA”).
Gleam Does Not Sell Your Personal Information. You can read more about this in our Sharing Information With Third Parties section.
Accuracy and Access To Your Personal Information. If you believe that Personal Information Gleam holds about you is inaccurate, you may modify or correct your Personal Information the Edit tab for Gleam Campaign Users, the User Settings tab for Gleam Customers or by contacting us at: [email protected]. We may request specific information from you to confirm your identity.
Deleting Your Personal Information. You can learn about this in our Privacy Controls & Choices section.
Compliance With Children’s Online Privacy Protection Act
Because the nature of our Site and Services does not appeal to children under the age of 13, Gleam does not knowingly acquire or receive personal data from children under 13. We do not intentionally process any information, including Personal Data, from children or other individuals who are not legally able to use our Site and Services. If we later learn that any user of our Service is under the age of 13 and that we have obtained his/her Personal Data, we will promptly delete it from our database and will take further steps to restrict that individual from future access to our Services, unless we are legally obligated to retain such data.
In some cases, we may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that are transferred. Moreover, if Gleam, or substantially all of its assets were to be acquired, or in the unlikely event that Gleam goes out of business or enters bankruptcy, customer information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquire of Gleam or its assets may continue to use your Personal Information as set forth in this policy.
Your Acceptance Of These Terms
By using this Site, you signify your acceptance of this policy and terms of service. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
This document was last updated on Feb 18th, 2020
Title: The Reality of Giveaways: Authenticity, Legitimacy, and Consumer Insights
Giveaways have become a prevalent marketing strategy, often used by businesses, influencers, and content creators to engage their audience, boost brand awareness, and promote products or services. However, as giveaways flood our social media feeds and inboxes, questions about their authenticity and legitimacy have emerged. Are giveaways real, or are they just clever marketing ploys? In this comprehensive exploration, we will delve into the world of giveaways, addressing the authenticity of these promotions, the various types of giveaways, their impact on consumers, and tips for both participants and hosts to ensure a genuine giveaway experience.
Section 1: Authenticity of Giveaways
1.1 Real vs. Fake Giveaways:
It’s essential to differentiate between genuine giveaways and fake ones. Genuine giveaways involve the actual distribution of prizes to selected winners, often through random drawings or specific criteria. Fake giveaways, on the other hand, are deceptive tactics used to gather personal information or boost social media metrics without delivering promised rewards.
1.2 Host Credibility:
The credibility of the giveaway host is a crucial factor in determining authenticity. Established brands, influencers, and reputable organizations are more likely to host real giveaways, as their reputation is at stake. However, even well-known entities should be scrutinized to ensure transparency.
1.3 Transparency and Communication:
Authentic giveaways are characterized by clear and transparent communication. Hosts should provide detailed information about the rules, eligibility criteria, prize fulfillment process, and contact information. Lack of transparency can raise red flags.
1.4 Legality and Compliance:
Real giveaways adhere to applicable laws and regulations, ensuring compliance with local, state, and national contest and sweepstakes laws. Compliance includes obtaining necessary permits and disclosures.
1.5 Social Media Verification:
Participants can verify the legitimacy of a giveaway by checking the host’s social media profiles, looking for established accounts with consistent content and a history of hosting real giveaways.
Section 2: Types of Giveaways
Sweepstakes are giveaways in which participants enter without making a purchase or providing consideration. Winners are typically chosen randomly from eligible entries. Legitimate sweepstakes adhere to strict rules to ensure fairness.
Contests involve participants showcasing a skill or talent, such as submitting a photo, writing an essay, or solving a puzzle. Judges or a panel evaluate entries, and winners are selected based on merit. Contests often require more effort from participants but can yield valuable prizes.
2.3 Instant Win Games:
Instant win games offer participants immediate feedback on whether they’ve won a prize. These games may involve scratch-off cards, online spins, or other interactive elements. Prizes are pre-determined and randomly awarded.
2.4 Social Media Giveaways:
Social media platforms are popular venues for hosting giveaways. Participants typically follow, like, share, or comment on a post to enter. Social media giveaways can quickly gain traction and reach a broad audience.
2.5 Skill-Based Giveaways:
Skill-based giveaways require participants to complete a specific task or demonstrate their knowledge or abilities. These tasks can include solving puzzles, answering trivia questions, or creating content like videos or artwork.
Section 3: The Impact of Giveaways on Consumers
3.1 Consumer Engagement:
Giveaways are effective tools for engaging consumers and increasing their interaction with brands and content creators. Participants often engage with posts, share content, and provide valuable user-generated content.
3.2 Audience Growth:
Hosts of giveaways frequently experience substantial audience growth, especially on social media platforms. The allure of winning prizes motivates individuals to follow accounts and subscribe to newsletters.
3.3 Brand Awareness:
Giveaways can significantly boost brand awareness, as they often require participants to perform actions related to the host’s brand, such as tagging friends, visiting websites, or exploring products and services.
3.4 Data Collection:
Hosts can collect valuable consumer data through giveaways, including email addresses and demographic information. Participants should be informed about how their data will be used and protected.
3.5 Customer Loyalty:
For existing customers, giveaways can enhance loyalty and strengthen the bond between consumers and brands. Exclusive giveaways and rewards for loyal customers can reinforce their commitment to a brand.
3.6 Consumer Perception:
The success and fairness of giveaways influence consumers’ perceptions of brands and content creators. Well-organized, authentic giveaways can positively shape consumer attitudes.
Section 4: Tips for Participants in Giveaways
4.1 Verify the Host:
Before entering a giveaway, research the host to confirm their authenticity. Look for established social media profiles, reviews, and a history of hosting legitimate giveaways.
4.2 Read the Rules:
Carefully read and understand the giveaway rules and requirements. Ensure that you meet the eligibility criteria and can fulfill any necessary actions or tasks.
4.3 Stay Skeptical:
Exercise caution if a giveaway appears too good to be true. Beware of giveaways that ask for extensive personal information or financial details.
4.4 Use a Dedicated Email Address:
To manage the influx of emails related to giveaways, consider using a separate email address. This helps organize communications and prevents your primary inbox from becoming cluttered.
4.5 Be Wary of Scams:
Be cautious of giveaway scams that require payment or request sensitive information. Legitimate giveaways do not ask for payment or personal financial information.
4.6 Report Suspicious Activity:
If you encounter a suspicious giveaway or believe it may be a scam, report it to the hosting platform and relevant authorities. Reporting helps protect other potential victims.
Section 5: Tips for Hosts of Authentic Giveaways
5.1 Know the Laws:
Familiarize yourself with the laws and regulations governing giveaways in your region. Consult legal experts if necessary to ensure compliance.
5.2 Be Transparent:
Maintain transparency throughout the giveaway process. Clearly communicate the rules, eligibility criteria, prize details, and winner selection process.
5.3 Prize Fulfillment:
Plan for efficient and secure prize fulfillment. Delays or mishaps in delivering prizes can tarnish your giveaway’s reputation.
5.4 Engage with Participants:
Interact with participants throughout the giveaway period. Respond to comments, acknowledge entries, and create a sense of excitement and community.
5.5 Random Selection:
If winners are selected randomly, use a reputable method or software to pick them. Document the selection process to maintain transparency.
5.6 Privacy and Data Protection:
Safeguard the personal information of participants and adhere to data protection laws. Clearly communicate your data collection and usage practices.
Giveaways, when authentic and well-executed, can offer benefits to both participants and hosts. For consumers, giveaways provide opportunities to win valuable prizes, engage with brands and content creators, and discover new products and services. For hosts, giveaways can boost brand awareness, foster customer loyalty, and expand their audience.
The authenticity of giveaways, however, is of utmost importance. Hosts must adhere to legal regulations, maintain transparency, and ensure fair and honest practices