Privacy Policy for Gyre Holdings LLC D/B/A Gyre Research

Welcome to Gyre Research

This Privacy Policy explains how Gyre Holdings LLC D/B/A Gyre Research (“we,” “us,” or “Gyre Research”) collects, uses, shares, and protects your personal information when you use our Gyre Research Security and Portfolio Analytics+ service, including its Web Dashboard, API, PDF reports, and Spreadsheet Add-In (collectively, the “Service”). It applies to information collected through the Service, including our website (https://gyreresearch.com), unless stated otherwise. Questions? Contact us at [email protected].

1. Information We Collect

We collect information you provide directly, information collected automatically, and, in limited cases, information from third parties:

Information You Provide

• Account and Registration: Name, email address, and password when you create an account. Optional demographic data (e.g., age, gender) may be provided but isn’t required.
• Orders: Contact details (e.g., name, billing address) and financial information (e.g., credit card number, expiration date) for billing and order fulfillment.
• User Content: Portfolio data, financial inputs, or comments you submit via the Web Dashboard, API, or Spreadsheet Add-In, including client-provided financial feeds explicitly shared via the API.
• Communications: Information you share when contacting us (e.g., via email, support requests).
• Surveys/Contests: Contact details (e.g., name, address) and demographic data (e.g., zip code) if you participate voluntarily.

Information Collected Automatically

• Usage Data: IP address, device type, browser, pages visited, and workflow data (e.g., clicks, API calls, undo/redo actions) to support Service functionality and analytics.
• Cookies and Similar Technologies: Data stored on your device to enhance your experience (e.g., remembering login details, tracking interactions). See Section 6 for details.
• API Data: Client-provided financial data or portfolio inputs processed via the API, limited to what you explicitly submit.

Information from Third Parties

• Service Providers: Data from payment processors to fulfill orders, used only for that purpose and not retained for secondary uses.

2. How We Use Your Information

We use your information to provide and improve the Service, based on legal grounds such as your consent, contract performance, legitimate interests, or legal obligations:

• Service Delivery: Process orders, generate PDF reports, provide analytics via the Web Dashboard, API, or Spreadsheet Add-In, and manage your account.
• Communication: Respond to inquiries, send transactional emails (e.g., order confirmations, account updates), and, with your consent, share updates about products or services.
• Analytics and Improvement: Analyze usage and workflow data to enhance the Service’s performance, security, and user experience (e.g., optimizing undo/redo features).
• Legal Compliance: Comply with laws, such as tax reporting or GDPR/CCPA requirements.
• Security: Detect and prevent fraud, unauthorized access, or misuse of the Service.

3. How We Share Your Information

We don’t sell, rent, or share your personal information with third parties, except as necessary to provide the Service or comply with legal obligations:

• Service Providers: With payment processors to handle billing or similar providers to fulfill orders. These providers are contractually prohibited from using your data for any other purpose and comply with GDPR/CCPA standards.
• Legal Requirements: With authorities if required by law, such as for tax compliance or in response to a court order.
• Business Transfers: In the event of a merger, acquisition, or sale, your data may be transferred, with notice to you where required by law.

No other third-party sharing occurs, including with analytics providers, cloud storage, or API partners, unless explicitly authorized by you via the Service.

4. Your Privacy Rights and Choices

You have rights over your personal information, depending on your location:

Global Rights

• Access: Request a copy of the data we hold about you.
• Correction: Update or correct inaccurate data.
• Deletion: Request deletion of your data, subject to legal retention requirements.
• Opt-Out: Stop receiving promotional emails by updating your account settings or contacting us.
• Complaints: Raise concerns about data use (see Section 14).

EU (GDPR) Rights

• Data Portability: Receive your data in a structured, machine-readable format.
• Restriction: Limit how we process your data in certain cases.
• Objection: Object to processing based on legitimate interests (e.g., analytics).
• Withdraw Consent: Revoke consent for non-essential processing (e.g., marketing).

California (CCPA) Rights

• Opt-Out of Sale: Opt out of any data “sale” (we don’t sell data, but some sharing may qualify).
• Non-Discrimination: Exercise rights without affecting Service access or pricing.

To exercise these rights, contact us at [email protected]. We’ll respond within 30 days (or 45 days for CCPA requests, if extended). We may verify your identity to protect your data.

5. Data Security

We prioritize the security of your information, especially financial and portfolio data:

• Online: Sensitive data (e.g., credit card details, API inputs) is encrypted using SSL/TLS, indicated by a lock icon or “https” in your browser. We comply with PCI-DSS standards for payment processing.
• Offline: Access to personal information is restricted to employees who need it for specific tasks (e.g., billing, support). Our servers are hosted in secure, access-controlled environments.
• API: Data transmitted via the API uses secure protocols, with authentication to prevent unauthorized access.
• Breach Response: If a data breach occurs, we’ll notify affected users and authorities as required by law (e.g., within 72 hours under GDPR).

No system is 100% secure, but we take reasonable measures to protect your data.

6. Cookies and Tracking Technologies

We use cookies and similar technologies (e.g., web beacons) to enhance your experience:

• Essential Cookies: Enable core functionality, like logging in, saving preferences, or supporting undo/redo features.
• Analytics Cookies: Track usage and workflow data (e.g., page visits, API calls) to improve the Service, anonymized where possible.
• Marketing Cookies: Deliver personalized promotions, with your consent.

You can manage cookies via your browser settings or our cookie consent tool on the Web Dashboard. Disabling essential cookies may affect Service functionality, such as undo/redo features.

Do Not Track (DNT): We don’t respond to DNT signals, as tracking is required for essential features like undo/redo and analytics. You can opt out of non-essential tracking (e.g., marketing cookies) via our consent tool or by contacting us at [email protected].

7. Third-Party Links

The Service may link to third-party sites (e.g., financial data providers integrated via API, if authorized by you). We’re not responsible for their privacy practices. Review their policies before sharing data.

8. Surveys and Contests

We may offer voluntary surveys or contests to improve the Service or engage users. Participation is optional, and information (e.g., name, address) is used only to administer the survey/contest or notify winners. You can choose not to participate.

9. Data Retention

We retain your personal information only as long as necessary:

• Account Data: For 5 years after your last use of the Service, or until you request deletion, whichever is sooner, unless required for legal purposes (e.g., tax records for up to 7 years).
• Financial Data: For 5 years post-last use or up to 7 years for tax/audit compliance, then securely deleted.
• Analytics Data: Anonymized and retained indefinitely for Service improvement.
• User Content: For 5 years post-last use or until deleted by you, with backup copies retained for up to 90 days.

We delete or anonymize data when no longer needed, per GDPR/CCPA guidelines.

10. International Users

The Service is accessible worldwide, hosted in the U.S., and governed by U.S. law. If you’re outside the U.S.:

• Data Transfers: Your data is transferred to the U.S., with safeguards like GDPR-compliant Standard Contractual Clauses.
• Local Rights: You may have additional rights under local laws (e.g., GDPR, CCPA). Contact us to exercise them.
• Feature Availability: Some features (e.g., API integrations) may vary by region due to local regulations.

11. Children’s Privacy

The Service is not intended for users under 16. We don’t knowingly collect data from anyone under 16, in compliance with the U.S. Children’s Online Privacy Protection Act (COPPA) and GDPR. If we learn such data was collected, we’ll delete it promptly. Contact us at [email protected] if you believe a child under 16 has provided data.

12. Changes to This Privacy Policy

We may update this Privacy Policy to reflect legal or Service changes. Material changes (e.g., new data uses, sharing practices) will be communicated via email to your registered account at least 30 days before taking effect. Check https://gyreresearch.com/privacy for the latest version. Continued use after changes indicates your acceptance.

13. Accessibility

We are working toward compliance with Web Content Accessibility Guidelines (WCAG) 2.1 Level A to ensure the Service and this Privacy Policy are accessible to all users, per the Americans with Disabilities Act (ADA). If you need specific accessibility accommodations before our WCAG 2.1-compliant release, contact us at [email protected], and we’ll do our best to assist promptly.

14. Contact Us

For questions, data requests, or concerns about this Privacy Policy, contact:

• Email: [email protected]
• Mail: [Mailing Address]
• Phone: [Phone Number]

If you’re not satisfied with our response, you may contact your local data protection authority (e.g., an EU supervisory authority for GDPR issues).