Global Privacy Policy
Our commitment to your data sovereignty and privacy, compliant with GDPR, CCPA, and international standards.
01. Introduction
At Gimmir (hereinafter "We," "Us," or "Our"), we recognize that in the era of digital engineering, data is a critical asset. We treat your privacy not just as a compliance requirement, but as a core component of our system architecture.
Transparency Statement: We operate with full transparency regarding data collection protocols. This policy details the technical and legal frameworks governing your information.
02. Data Sovereignty & Jurisdiction
Your data is processed under strict legal frameworks depending on your region. We maintain distinct legal entities to ensure compliance with local regulations.
USA Jurisdiction
Governing Law: Delaware State Law
For clients in North America, contracting and data processing are handled by our US entity in Wilmington, DE. Compliant with CCPA.
EU Jurisdiction
Governing Law: Estonian & EU Law
For global and EU clients, operations are governed by our entity in Tallinn, Estonia. Fully GDPR compliant regarding data portability and privacy.
03. Information We Collect
Explicit Data (Input)
Data you voluntarily provide through our Inquiry Forms, Project Simulator, or direct correspondence.
- Full Name & Job Title
- Corporate Email Address
- Direct Phone Number
- Project Briefs & Technical Specs
- Budget Constraints
- Uploaded RFPs / Architecture Docs
Implicit Data (Telemetry)
Technical data automatically collected to optimize system performance and security.
- IP Address & Geolocation (for regional compliance)
- Browser Type & Version
- Session Duration & Simulator Interaction Metrics
04. Usage & International Transfer
We operate a global engineering network. Data collected in the EEA may be transferred to, and stored at, a destination outside the EEA (e.g., our US HQ or LATAM hubs) for processing.
GDPR Compliance Guarantee
Any transfer of data outside the EEA is protected by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring your data rights travel with your data.
05. Security Protocols
Enterprise-Grade Encryption
We adhere to a "Security by Design" philosophy. All sensitive project data is treated as high-value intellectual property.
06. Your GDPR Rights
We empower you with full control over your digital footprint. You have the right to:
Right to Access
Request a complete export of the personal and project data we hold about you.
Right to Rectification
Correct any inaccurate or incomplete data in our CRM systems.
Right to Erasure ('Right to be Forgotten')
Request permanent deletion of your data from our servers, subject to legal retention obligations.
Right to Restriction
Request a temporary halt to the processing of your data.
Contact Data Protection Officer
To exercise your rights or report a vulnerability, initiate a secure channel with our DPO.