Privacy policy
This Privacy Policy is issued by GL Technologies (Hong Kong) Limited and its affiliates (together, "GL.iNet", "we", "us" and
"our") and is addressed to individuals outside our organization with whom we interact, including customers, visitors to our
Sites, users of our Applications, and recipients of any of our other products or services (together, "you" and
"your").
This Privacy Policy applies to all of GL.iNet’s brands and platform, including GL.iNet, GoodCloud, AstroWarp, Lafaer, SimPoYo,
as well as any specific device, website, or application that references or links to this Privacy Notice.
We may update this Privacy Notice to reflect changes to our information practices. If we make any material changes, we will
notify you by email (sent to the e-mail address specified in your account) or by means of a notice on GL.iNet's Application or
Site you used prior to the change becoming effective. All changes shall be effective from the date of publication unless
otherwise provided. We encourage you to periodically review this page for the latest information on our privacy practices.
If you are a resident of United States, Australia or South Korean, please pay particular attention to Section 15, which
provides additional information highly relevant to your personal information and specifically outlines how we comply with local
laws and regulations.
List of Contents
1. Collection of Personal Data
1.1 Depending on how you use our Sites, Applications, products or services, we may collect or obtain Personal
Data about you from the following sources:
1.1.1 Data you provide to us: We obtain Personal Data when you provide those data to us (e.g., when you
register an account with us; where you contact us via email, telephone, or by any other means; or when you provide us with your
business card).
1.1.2 Account creation details: We collect or obtain Personal Data when you register or create an account to
use any of our Sites or Applications.
● Relationship data: We collect or obtain Personal Data in the ordinary course of our relationship with you (e.g., when we
provide a service to you).
● Site or Application data: We collect or obtain Personal Data when you visit or use any of our Sites or Applications, or use
any features or resources available on or through our Sites or Applications.
● Content and advertising information: If you interact with any third-party content or advertising on our Sites and/ or
Applications (including third-party plugins and cookies), we allow the relevant third-party providers to collect your Personal
Data relating to your interaction with that content or advertising, and we receive some or all of this Personal Data from the
relevant third-party provider relating to your interaction with that content or advertising.
● Data you make public: We may collect the Personal Data content you publish, or otherwise manifestly make public, including
comments you make about us, through our Applications and other platforms, your social media, or any other publicly available
platforms.
● Third party information: We collect or obtain Personal Data from third parties who provide it to us (e.g., single sign-on
providers and other authentication services you use to connect to our services, third-party providers of integrated services,
your employer, other GL.iNet customers, business partners, Processors, and law enforcement authorities).
● Data automatically collected: We or our third-party partners automatically collect information you provide to us and
information about how you access and use our Sites, Applications, products or other services when you visit our services, read
our emails, or otherwise engage with us. We typically collect this information through a variety of tracking technologies,
including (i) cookies or small data files that are stored on an individual’s computer and (ii) other, related technologies, such
as web beacons, pixels, embedded scripts, mobile SDKs, location-identifying technologies and logging technologies (collectively,
“tracking technologies”) and we may use third-party partners or technologies to collect this information. Information we collect
automatically about you may be combined with other personal information we collect directly from you or receive from other
sources.
2. Creation of Personal Data
We also create Personal Data records about you in certain circumstances, such as records of your interactions with us, details
of your past interactions with us. We may also link Personal Data collected from any of our Sites, Applications, products, or
services, including where those data are collected from different devices.
3. Categories of Personal Data We Collect and Process
3.1 When you first register for a GL account, we may collect the following categories of Personal Data about
you: username and password, email addresses and/or phone numbers. After successfully creating your GL account, you can use it to
log in across GL.iNet’s various Sites and Applications.
3.2 When using our Sites, Applications, products, or services, we may also collect and/or process the
following categories of Personal Data about you:
3.2.1 Contact information: including your first and last name, preferred name, phone number, email address,
mailing address, and communication preferences, all of which you have voluntarily provided.
3.2.2 Account information: including first and last name, country, language preferences, email address and/or
phone number, and all of which you have voluntarily provided.
3.2.3 Transaction information: including records of purchases and prices, consignee first and last name,
shipping address and contact information, shipment tracking details, details of returns, and warranty details, when you place
orders on our Sites or Applications.
3.2.4 Payment details: such as invoice / payment records, payment amount, payment date, billing address,and
payment method, when you place orders on our Sites or Applications. Please note that we use third-party payment providers,
including Shop Pay, Stripe, Amazon Pay, PayPal, and Google Pay, to process payments made to us. We do not receive or retain any
personally identifiable financial information such as payment card numbers; rather, all such information is provided directly by
you to our third-party payment providers. The payment provider’s use of your personal data is governed by their privacy
policy.
3.2.5 Information collected from third-party authentication services or other third-party accounts you link to
our services: some of our Sites, Applications, products or services may allow you to log in through a third-party social network
or authentication service, such as Google. When you use these single sign-on services to access our Sites, Applications,
products, or services, we do not receive your login credentials for the relevant third-party service. Instead, we receive tokens
from the single sign-on service to help identify you in our system (such as by your username) and confirm you successfully
authenticated with the single sign-on services. In addition to authenticating your identity, these services will, in most cases,
provide you the option to share certain Personal Data with us, which could include your name, email address, friend list and
other contacts, or other information in your public profile (e.g., profile picture, age range, gender, language, country). The
data we receive is dependent on that third party’s policies and your privacy settings on that third-party site.
3.2.6 Product-specific information: Upon installation of and/or binding IoT products to our Applications, we
will collect certain data to maintain and protect our services, monitor, manage and optimize performance, and provide customer
support and warranty services. Additionally, we may ask you to provide some other information or obtain information from third
parties if relevant to the functionality of the products. The specific data collected will depend on the products you choose to
install and/or use with our Applications. For details about the product-specific information we collect, please refer to the
following:
GL.iNet & Goodcloud: When you use our GL.iNet routers and Goodcloud service, we will collect information related to the use
of our products and devices and statistics about the performance of your GL.iNet devices through automated technologies. This
information includes:
● Inter GL.iNet speed, storage information, error rates, and other performance information.
● Basic information. For the purpose of adapting to user terminal devices, optimizing interface display effects and
compatibility analysis, we may collect your browser information, operating system, device type (mobile, PC), screen
resolution.
● Network environment. We may collect your network status (downlink speed, latency, compatibility), language and time zone to
determine performance bottlenecks, optimize loading speed, and do regional/language adaptation.
● User behavior data. We may collect your login time, user active time, PV (page visits, including non-login pages), UV (unique
visitors, only logged-in users, not deduplicated yet), page access path to analyze user usage habits, optimize product structure
and interaction paths, and evaluate user stickiness.
● Function usage. We may collect your statistics on specific function usage to evaluate the popularity of functions and provide
a basis for function optimization and iteration.
● Error collection. We may collect the interface error (such as API call failure), backend error (server error), front-end
interface error (JavaScript error, etc.) to monitor system stability, assist in quickly locating and fixing bugs, and improve
user experience.
GLKVM: When you use GLKVM devices and GLKVM Cloud Platform, we will collect the following information from you:
1) your login account information:
● Login account information: gl account, nickname, avatar information;
● When you use GLKVM Cloud Platform, the network egress IP of the PC you are currently using will be
collected.
2) We may collect the list and version of your connected IOT devices to provide you with the upgraded
functionality of your IOT devices to ensure that you can use the latest version of the service (including the firmware
version).
3) Information we collect through automated means
When you use GLKVM Cloud Platform, we collect data about the device you use to access GLKVM Cloud Platform, such as: device
name; relevant operating system type; host name; IP address; encryption public key; language setting; date and time of access to
the cloud platform; logs describing the connection, and statistics about data sent from other devices ("inter-node traffic
logs"); however, please note that GLKVM Cloud Platform does not process or access the content of user traffic data transmitted
through the cloud platform, which is fully end-to-end encrypted.
You may choose to use certain features and functions through GLKVM Cloud Platform, which may generate additional logs and other
data that will be sent to GLKVM Cloud Platform for processing and storage on behalf of our customers ("customer log
data").
When you use GLKVM Cloud Platform, we also collect aggregated usage statistics and user behavior data (such as your login time,
login activity, user active time, PV (page views, including non-login pages), UV (unique visitors, limited to logged-in users,
not yet deduplicated), page access path, feature usage, KVM device information, and KVM device usage duration) to analyze user
usage habits, optimize product structure and interaction paths, assess user stickiness, and improve product functionality. We
will use de-identification/anonymization techniques to process the above data, ensuring that it cannot identify your specific
personal identity, either alone or in combination with other information.
4) When you use the "Screen Wall" feature, for your convenience, we will remember your device password with your
consent and store it securely in the cloud after encryption. If you choose not to agree, we will not record your device
password. After your consent, you can also click the key icon on the editing page at any time to cancel saving, and we will
immediately clear the password storage record.
AstroWarp: When you use our AstroWarp services, we will collect the following information from you:
1) Login Account Data
● Login account information: GL account, nickname, profile picture.
● Information collected during the use of the router: Router MAC address, IP address, device name, device model, and firmware
version.
● Resource sharing data from connected routers: IP, MAC, and default names of connected devices.
● Cloud gateway purchases: When users purchase a cloud gateway, we will collect the network exit IP of the PC.
2) Application Data
To ensure you continue to enjoy the latest AstroWarp services, we collect version information of your AstroWarp application and
mobile device model during firmware upgrades. We may also collect a list of connected smart devices and their version numbers to
provide upgrade functionality, ensuring you can access the latest services (including firmware versions).
3) Information collected automatically:
● Device name,operating system, hostname, IP address, encryption public key, language settings, access date and time,
connection logs, and inter-node traffic statistics.
● Aggregated usage statistics, such as the amount of data transmitted.
Note:
● AstroWarp does not process or have access to the content of user traffic data transmitted through AstroWarp, as it is fully
end-to-end encrypted.
● Customers may choose to use certain features and functions of AstroWarp, which may generate additional logs and data sent to
AstroWarp for processing and storage on behalf of our customers (referred to as “customer log data”).
● When you use our services, we also collect aggregated usage statistics (e.g., the amount of data transmitted through
AstroWarp's cloud gateway over a period). Please note that this aggregated information or metadata cannot be used to identify
you or your device, and we may use and disclose such information at our discretion as described in the “Aggregated/De-identified
Information” section below.
Others
If you learned about Lafaer and SimPoyo's products through our website and would like to learn more about the data they
collect, you can view their privacy policy at the following URL:
1) Lafaer: https://lafaer.co/policies/privacy-policy
2) SimPoYo: https://w.simpoyo.com/privacy-statement/
4. Purposes of Processing
GL.iNet processes Personal Data for the following purposes and based on the following legal grounds:
● For the performance of GL.iNet services. This element covers all technical and commercial processes required to carry-out
user requests.
● Processing is necessary to perform a contract with the User, or in order to conclude one.
● For correct operation of our products and services through internal data analysis.
● For convenient and straightforward use of our products and services.
● To improve the Site, personalize the user experience, and enhance user interactions with the Site.
● Processing is based on GL.iNet's legitimate interest to conduct its business, improve its product and service offerings, and
facilitate communication.
● Promotional communications.
● Processing is based on your consent.
● For linking various user accounts (i.e. the GL account with other social media or email accounts) and extracting information
for specialized requested services.
● To provide customer service and ensure the security of our operations.
● Processing is based on the legal obligation to ensure the confidentiality of processing and GL.iNet's legitimate interest to
secure its operations.
● To offer you optimized advertising and product information.
● To confirm identity and prevent fraud.
● Processing may be requested by some judicial process or governmental agency.
5. Legal bases for Processing
5.1 The legal bases on which we rely for the processing of Personal Data , are as follows:
5.1.1 Perform our contractual services or prior to entering into a contract with you: If you order products or
services from us or if you contact us to request our products or services, we use your Personal Data to provide you with these
products or services, including for account and contract management, to facilitate user benefits and services, including
customer support and process payment for our products and services or with information that may be relevant for you to decide on
whether you want to order our products and services;
5.1.2 Justified by our legitimate interests: The usage of your Personal Data may also be necessary for our own
business interests. For example, we may use some of your Personal Data to update and monitor the services, or diagnose or fix
technology problems; help maintain the safety, security and integrity of our property and services, technology assets and
business; enforce our terms, resolve disputes, carry out our obligations and enforce our rights, and protect our business
interests and the interests and rights of third parties; and prevent, investigate or provide notice of fraud or unlawful or
criminal activity.
5.1.3 Consent: In some cases, we may ask you to grant us separate consent to use your Personal Data. In this
case, you can revoke your consent at any time with effect for the future.
5.1.4 Compliance with legal obligations: We are obligated to collect or retain certain Personal Data because
of legal requirements, for example, tax or commercial laws, or we may be required by law enforcement to provide Personal Data on
request.
6. Disclosure of Personal Data
6.1 We may also share, transmit, disclose, grant access to, make available, and provide Personal Data with and
to third parties, as described below.
6.1.1 you and, where appropriate, your appointed representatives.
6.1.2 GL.iNet affiliates: We share Personal Data amongst the legal entities that make up the GL.iNet, for
legitimate business purposes and the operation of our Sites, Applications, products, and services for you, in accordance with
applicable law. These legal entities may use your Personal Data in the manner described in this Privacy Policy.
6.1.3 As required by law: We may disclose Personal Data to third parties, such as legal advisors and law
enforcement agencies, regulators, other authorities and other third parties for legal reasons if we reasonably believe in good
faith that such action is necessary:
(a) in connection with the establishment, exercise, or defense of legal claims;
(b) to comply with laws or to respond to lawful requests and legal process;
(c) to protect our rights and property and the rights, personal safety and property of others, including to enforce our
agreements and policies;
(d) to detect, suppress, or prevent fraud or other criminal activity; or
(e) as otherwise required by applicable law.
6.1.4 Third-party Processors: We share Personal Data with third party contractors and service providers
subject to reasonable confidentiality terms. such as email service providers; marketing/advertising service providers; text
message service providers; payment services providers; shipping companies; and postal carriers, subject to the requirements
noted below in this Section (6). These Processors support us in processing the types of Personal Data described above in
Sections (1) - (3), and for the purposes described in Section (4). They only are authorized to process that information as
necessary and as directed by us;
6.1.5 Advertising networks and partners: To efficiently market our products and services to you, including to
deliver advertising and personalize content on our Sites, Applications, products and services, on other websites and services,
and across other devices, we may share Personal Data with advertising networks and partners. These parties may collect
information automatically from your browser or device when you visit our websites and other services through the use of cookies
and similar technologies. This information is used to provide and inform targeted advertising, as well as to provide
advertising-related services such as reporting, attribution, analytics, and market research.
6.1.6 Business and marketing partners: We may also disclose Personal Data with other business and marketing
partners with whom we jointly offer products or services or who are part of our partner program. We may obtain your consent
where required by applicable law;
6.1.7 Individuals you choose, for example through our device-sharing function; we recommend you share
information with only people you trust;
6.1.8 Independent advisors: We may disclose Personal Data to our independent advisors such as accountants,
auditors, consultants, lawyers, and other outside professional advisors to GL.iNet, subject to binding contractual or statutory
obligations or statutory of confidentiality;
6.1.9 Corporate transactions: if GL.iNet is involved in a corporate business transaction, such as a merger,
acquisition, or sale of all or a portion of our company assets, we may disclose Personal Data to a third party during
negotiation of, in connection with or as an asset in such a corporate business transaction. If GL.iNet completes such a
corporate business transaction, you will be notified via email and/or a prominent notice on our website, of any change in
ownership, uses of your Personal Data, and choices you may have regarding your Personal Data. Personal Data may also be
disclosed in the event of insolvency, bankruptcy or receivership; and
6.1.10 Other Disclosures We may also disclose your Personal Data to any other third party or publicly with
your prior consent or direction.
6.2 If we engage a third-party Processor to Process your Personal Data, the Processor will be subject to
binding contractual obligations to: (i) only Process the Personal Data in accordance with our prior written instructions; and
(ii) use measures to protect the confidentiality and security of the Personal Data; together with any additional requirements
under applicable law. Please note that third parties and business partners may process your Personal Data in accordance with
their own privacy policies and terms of service.
7. International Transfer of Personal Data
7.1 Because of the international nature of our business, we transfer Personal Data within the GL.iNet, and to
third parties as noted in Section (6) above, in connection with the purposes set out in this Policy. For this reason, we
transfer Personal Data to other countries that may have different laws and data protection compliance requirements than those
that apply in the country in which you are located, including China, the EEA, and the US.
7.2 In the event of a transfer by GL.iNet, we ensure that international transfers of your Personal Data are
made pursuant to appropriate safeguards, such as:
7.2.1 Ensuring that the Personal Data is only transferred to countries recognized as Adequate
Jurisdictions.
7.2.2 The transfer is made pursuant to appropriate safeguards;
7.3 If you wish to enquire further about these safeguards, including the specific contracts entered into, or
used, please contact us using the details set out under Section (14) of this Privacy Notice.
7.4 Please note that when you transfer any Personal Data directly to any GL.iNet entity established outside
the UK, Switzerland, or the EEA (as applicable), this is considered a direct collection, to which the safeguards mentioned in
this Section (7) may not apply. We will nevertheless Process your Personal Data, from the point at which we receive such data,
in accordance with the provisions of this Privacy Notice.
8. Data Retention
8.1 We have implemented processes designed to ensure that your Personal Data are only processed for the
minimum period necessary for the purposes set out in this Privacy Policy. The criteria for determining the duration for which we
will retain your Personal Data are as follows:
8.1.1 we will retain Personal Data in a form that permits identification only for as long as:
(a) we maintain an ongoing relationship with you (e.g., where you are a user of our services, or you are lawfully included in
our mailing list and have not unsubscribed); or
(b) your Personal Data are necessary in connection with the lawful purposes set out in this Privacy Notice, for which we have a
valid legal basis (e.g., where your Personal Data are included in a contract between you and us, and we have a legitimate
interest in Processing those Personal Data for the purposes of operating our business and fulfilling our obligations under that
contract; or where we have a legal obligation to retain your Personal Data),
8.1.2 the duration of:
(a) any applicable limitation period under applicable law (i.e., either any statutory retention periods as required by the law
of the applicable region (e.g., the European Union or a member state of the EEA), or any period during which any person could
bring a legal claim against us in connection with your Personal Data, or to which your Personal Data are relevant); and
(b) an additional two (2) month period following the end of such applicable limitation period (so that, if a person brings a
claim at the end of the limitation period, we are still afforded a reasonable amount of time in which to identify any Personal
Data that are relevant to that claim),
8.1.3 in addition, if any relevant legal claims are brought, we continue to Process Personal Data for such
additional periods as are necessary in connection with that claim.
8.2 During the periods noted in 8.1.2 above, we will restrict our Processing of your Personal Data to storage
of, and maintaining the security of, those data, except to the extent that those data need to be reviewed in connection with any
legal claim, or any obligation under applicable law.
Once the periods in 8.1 above, each to the extent applicable, have concluded, we will either:
(a) permanently delete or destroy the Relevant Personal Data; or
(b) anonymize or deidentify the Relevant Personal Data.
9. Your Privacy Rights
9.1 Subject to applicable law, you may have the following rights regarding the Processing of your Relevant
Personal Data:
(a) the right not to provide your Personal Data to us (however, please note that we may be unable to provide you with the full
benefit of our services, if you do not provide us with your Personal Data – e.g., we might not be able to process your requests
without the necessary details);
(b) the right to request access to, or copies of, your Relevant Personal Data, together with additional information, such as
information regarding the nature, Processing and disclosure of those Relevant Personal Data;
(c) the right to request rectification of any inaccuracies or incompleteness in your Relevant Personal Data;
(d) the right to request, on legitimate grounds, restriction of Processing of your Relevant Personal Data (limiting the
purposes for which we Process your Personal Data);
(e) the right to have certain Relevant Personal Data transferred to another Controller, in a structured, commonly used and
machine-readable format, to the extent applicable;
(f) the right to request the deletion or removal of your Relevant Personal Data where there is no other legal basis for us to
keep using it. Please note that we may not be able to immediately remove the information from the backup system due to
applicable laws and regulations or technological limitations. If this is the case, we will isolate your Relevant Personal Data
from any further processing until the backup can be deleted or be anonymized / deidentified.
(g) where we Process your Relevant Personal Data on the basis of your consent, the right to withdraw that consent at any time
(noting that such withdrawal does not affect the lawfulness of any Processing performed prior to the date on which we receive
notice of such withdrawal).
9.2 Under the GDPR , you may also have the following additional rights regarding the Processing of your
Relevant Personal Data:
(a) the right to object, on grounds relating to your particular situation, to the Processing of your Relevant Personal Data by
us or on our behalf, where such processing is based on Articles 6(1)(e) (public interest) or 6(1)(f) (legitimate interests) of
the GDPR;
(b) the right to object to the Processing of your Relevant Personal Data by us or on our behalf for direct marketing
purposes.
(c) the right to lodge complaints regarding the Processing of your Relevant Personal Data with a competent Data Protection
Authority. However, we encourage you to first contact us so that we can together solve any concerns you may have.
9.3 This does not affect your statutory rights.
9.4 To exercise one or more of these rights, or to ask a question about these rights or any other provision of
this Privacy Notice, or about our Processing of your Personal Data, please use the contact details provided in Section (14)
below. Please note that:
9.4.1 in some cases it will be necessary to provide evidence of your identity before we can give effect to
these rights; and
9.4.2 where your request requires the establishment of additional facts (e.g., a determination of whether any
Processing is non-compliant with applicable law) we will investigate your request reasonably promptly, before deciding what
action to take.
10. Direct Marketing
10.1 We Process Personal Data to contact you via email, telephone, SMS, EMS, direct mail, or other
communication formats to provide you with information regarding Sites, Applications, products, and services that may be of
interest to you. If we provide Sites, Applications, products, or services to you, we may send or display information to you
regarding our Sites, Applications, products, or services, upcoming promotions and other information that may be of interest to
you, including by using the contact details that you have provided to us, or any other appropriate means, subject always to
obtaining your prior opt-in consent to the extent required under applicable law. Please note that we may track your opening and
clicking behavior.
10.2 You may unsubscribe from specific promotional email campaigns at any time by simply clicking on the
unsubscribe link included in every promotional electronic communication we send.After you unsubscribe, we will not send you
further promotional emails in connection with the email campaigns you have unsubscribed from, but in some circumstances we will
continue to contact you to the extent necessary for the purposes of providing any Sites, Applications, products, or services you
have requested or in connection with any email campaigns to which you remain subscribed.
10.3 You may unsubscribe from specific promotional text campaigns at any time by replying STOP via text
message to any of the promotional text communications we send in relation to the specific campaign you would like to opt out
from. After you unsubscribe, we will not send you further promotional text messages in connection with the text campaigns you
have unsubscribed from, but in some circumstances, we will continue to contact you to the extent necessary for the purposes of
providing any Sites, Applications, products, or services you have requested or in connection with any text campaigns to which
you remain subscribed.
11. Details of Controllers
11.1 Your Personal Data is controlled by the GL.iNet company located in your region. The following entities
are responsible for processing your data:
Controller entity: GL Technologies (Hong Kong) Limited
Contact details: Unit 601, Building 5W,Hong Kong Science Park, Shatin, N.T., Hong Kong
Controller entity: GL Intelligence, Inc.
Contact details: 10400 Eaton Place, Suite 215, Fairfax, VA 22030
With respect to the processing of Personal Data through our Site and Applications, these entities may both access your Personal
Data and determine the means and purposes of the processing. Therefore, they are jointly responsible for such processing. If
there is no GL.iNet entity established in your region, your Personal Data will be controlled by GL Technologies (Hong Kong)
Limited, which processes your data on behalf of GL.iNet.
11.2 To provide our products and services, the Data Controllers listed above may engage other GL.iNet entities
to process your Personal Data strictly on their behalf and under their documented instructions. These internal service
providers, acting as Data Processors, include our entities headquartered in China that provide global services such as product
research, data operations, and customer support. This relationship is governed by a robust internal Data Processing Agreement
designed to ensure that your Personal Data is protected in accordance with applicable laws and to the highest standards.
11.3 For general enquiries, or to exercise any of the rights set out in this Privacy Policy, please contact
support@gl-inet.com. Requests relating to data protection will be coordinated by the appropriate GL.iNet entity based on your
location.
12. Business Information and Links to Other Websites
12.1 Business information: In the course of using our Sites, Applications, products, and services, we may ask
you to provide business information related to the company where you work. Business information may include information about
your company’s practices, policies, processes, and supporting documentation. This business information is stored on GL.iNet
systems, and we use it to provide the solutions you have contracted us to provide and in accordance with the terms and
conditions set forth in agreements between GL.iNet and your company,
12.2 Links to other websites: This Privacy Policy applies only to GL.iNet practices, technologies, and
services. Our online properties may include links to websites and online services that are operated by other companies not under
the control or direction of GL.iNet. If you provide or submit Personal Data to those websites or online services, the privacy
policies on those websites or online services apply to your Personal Data. We encourage you to carefully read the privacy
policies of any website you visit.
13. Cookies, Analytics and Tailored Advertising
13.1 GL.iNet and its third-party partners use cookies and similar technologies to automatically collect
certain Personal Data when you visit or interact with our Sites and services to enhance navigation, analyze trends, administer
the Sites, track users’ movements around the Sites, gather demographic information about our user base as a whole, and assist
with our marketing efforts and customer service. You can control the use of cookies at the individual browser level, but if you
choose to disable cookies, it may limit your use of certain features or functions on our Sites and services.
13.2 Our Sites provide you the ability to adjust your preferences regarding our use of cookies and similar
technologies by clicking the "Cookie Settings” link in the footer of our Sites. These cookie preference manager tools are
website, device, and browser specific, so you will need to change your preferences on each device and browser you use when
interacting with the specific Site you are visiting. You can also stop all collection of information via our web services by not
using our Sites and services.
13.3 You may also be able to utilize third-party tools and features to further restrict our use of cookies and similar technologies. For example, cookies may generally be disabled or removed by tools available as part of most commercial browsers, and in some instances blocked in the future by selecting certain settings. Browsers offer different functionalities and options, so you may need to set them separately. In addition, you may be able to exercise specific privacy choices, such as enabling or disabling certain location-based services, by adjusting the permissions in your mobile device or internet browser. You may also exercise choice regarding the use of cookies from Google Analytics by going to https://support.google.com/analytics/answer/181881?hl=en to download the Google Analytics Opt-out Browser Add-on. For information on how Google Analytics collects and processes data, as well as how you can control information sent to Google, review Google's website here: https://policies.google.com/technologies/partner-sites.
14. Contact Us
If you have questions or concerns with respect to our Privacy Policy, you may contact us at support@gl-inet.com or write to us
at: GL Technologies (HK) Limited, Unit 601, Building 5W, Hong Kong Science Park, Shatin, N.T., Hong Kong.
15. Supplemental Terms – Jurisdiction-Specific
15.1 UNITED STATES
15.1.1 These following disclosures supplement the information contained in the main body of our Privacy Notice
by providing additional information about our Personal Data processing practices relating to individual residents of certain
states in the United States, including the states of California, Nevada, Colorado, Connecticut, Montana, Oregon, Texas, Utah, or
Virginia in the United States. For a detailed description of how we collect, use, disclose, and otherwise process Personal Data,
please read the main body of our Privacy Notice.
15.1.2 Collection and Use of Personal Data
(1) Personal Data.
(A) As described in more detail in Section (3) above, we collect, and have collected in the preceding 12 months, the following
categories of Personal Data:
(a) Identifiers, such as first and last name, preferred name, phone number, email address, user ID, and online
identifiers.
(b) Customer records, such as contact information, and account information.
(c) Commercial information, such as records of purchases and prices, shipping address and contact information, and details of
returns, and consumer histories and tendencies.
(d) Internet / network information, such as the device type, manufacturer, and model, operating system, IP address, browser
type, Internet service provider, and unique identifiers associated with you, your device, or your network.
(e) Other Personal Data, such as your communication preferences, country, language preferences, and any other Personal Data you
choose to share in custom messages sent through the forms, email addresses, or other contact information we make available to
customers.
(f) Inferences, including consumer preferences, predispositions, and characteristics.
(B) As described in Section (1) above, we collect this Personal Data directly from you, automatically when you interact with
our Sites, Applications, products, or other services, from third parties, and from public third-party platforms such as social
media websites.
(C) We collect Personal Data from and about you for a variety of purposes. For example, we use Personal Data to communicate
with you; to facilitate, process, and fulfill orders you place with us or the services you request; to analyze and improve the
use of our Sites and Applications; to deliver marketing communications and personalized and non-personalized advertising; and to
facilitate our customer services. For more information about our use of Personal Data, please refer to Section (4) above.
(2) Deidentified Information: We may at times receive, or process Personal Data to create, deidentified information that can no
longer reasonably be used to infer information about, or otherwise be linked to, a particular individual or household. Where we
maintain deidentified information, we will maintain and use the information in deidentified form and not attempt to reidentify
the information except as required or permitted by law.
15.1.3 Keep Your Information Safe and Secure
(1) All GL.iNet products are built with strong security features that continuously protect your information. The insights we
gain from maintaining our services help us detect and automatically block security threats from ever reaching you. And if we do
detect something risky that we think you should know about, we’ll notify you and help guide you through steps to stay better
protected.
(2) We work hard to protect you and GL.iNet from unauthorized access, alteration, disclosure, or destruction of information we
hold, including:
(A) We use encryption to keep your data private while in transit.
(B) We review our information collection, storage, and processing practices, including physical security measures, to prevent
unauthorized access to our systems.
(C) We restrict access to personal information to GL.iNet employees, contractors, and agents who need that information in order
to process it. Anyone with this access is subject to strict contractual confidentiality obligations.
15.1.4 Personal Data Disclosures, Sales, and Targeted Advertising
We may disclose the categories of Personal Data above to the following categories of third parties: the entities that make up
the GL.iNet, Processors, third-party providers with services integrating with our services, individuals you choose to share
Personal Data with, and certain third parties where you have provided consent or where otherwise required or permitted by law.
Please see Section (6) for more detail. Please be aware that we will not transfer your Personal Data to any third parties,
including advertising platforms, data brokers, or information resellers, for purposes other than providing or improving the use
case or features of our Sites, Applications, products, or services, without your consent.
Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to limit or
opt-out of the sale of Personal Data or the processing of Personal Data for purposes of targeted advertising (as described in
the Your Additional U.S. Privacy Choices section below).
Please note we do not sell the Personal Data of individuals we know to be less than 16 years of age or share such information
for targeted advertising purposes. In addition, we do not sell Personal Data, and we do not process or otherwise share Personal
Data for the purpose of targeted advertising.
15.1.5 Automated Decision-Making and Profiling
We do not conduct automated processing of Personal Data for the purposes of evaluating, analyzing, or predicting an
individual’s personal aspects in furtherance of decisions that produce legal or similarly significant effects. As a result, we
do not provide a right to exercise control over such forms of automated decision-making and profiling.
15.1.6 Your Additional U.S. Privacy Choices
(1) Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to exercise
some or all of the following rights:
(A) Right to Know: the right to confirm whether we are processing Personal Data about you and, under California and Oregon law
only, to obtain certain personalized details about the Personal Data we have collected about you, including:
(a) The categories of Personal Data collected;
(b) The categories of sources of the Personal Data
(c) The purposes for which the Personal Data were collected;
(d) The categories of Personal Data disclosed to third parties (if any), and the categories of recipients to whom this Personal
Data were disclosed (or, for Oregon residents only, a list of the specific third parties to whom personal data have been
disclosed);
(e) The categories of Personal Data shared for targeted advertising purposes (if any), and the categories of recipients to whom
the Personal Data were disclosed for these purposes; and
(f) The categories of Personal Data sold (if any) and the categories of third parties to whom the Personal Data were
sold.
(B) Right to Access & Portability: the right to obtain access to the Personal Data we have collected about you and, where
required by law, the right to obtain a copy of the Personal Data in a portable and, to the extent technically feasible, readily
usable format that allows you to transmit the data to another entity without hindrance.
(C) Right to Correction: the right to correct inaccuracies in your Personal Data, taking into account the nature of the
Personal Data and the purposes of the processing of the Personal Data.
(D) Right to Control Over Sensitive Personal Data.: the right to exercise control over our collection and processing of certain
Sensitive Personal Data.
(E) Right to Opt-Out of Targeted Advertising: the right to direct us not to use or share Personal Data for certain targeted
advertising purposes.
(F) Right to Opt-Out of Sales: the right to direct us not to sell Personal Data to third parties.
(G) Right to Deletion: the right to have us delete Personal Data we maintain about you (subject to certain exceptions).
(2) Depending on your state of residency, you may also have the right to not receive retaliatory or discriminatory treatment in
connection with a request to exercise the above rights. However, the exercise of the rights described above may result in a
different price, rate or quality level of product or service where that difference is reasonably related to the impact the right
has on our relationship or is otherwise permitted by law.
(3) Submitting Privacy Rights Requests
Please submit a request specifying the right you wish to exercise by sending us an email at the following address:
support@gl-inet.com.
To exercise your right to opt-out as it relates to the use of cookies and similar technologies that involve the sale of
Personal Data or the use of Personal Data for targeted advertising purposes, please click the “Cookie Settings” link in the
footer of the website and adjust your preferences accordingly. If you are visiting our Sites with the Global Privacy Control
enabled, any cookies that constitute sales or are used for targeted advertising should already be turned off automatically in
our cookie preference manager. Please note this opt-out tool is website, device and browser specific, so you will need to change
your preferences on each device and browser you use to interact with the specific website you are visiting. In addition, you can
also opt-out of cookie-based sales by businesses that participate in the Digital Advertising Alliance’s CCPA Opt-Out Tool by
visiting https://www.privacyrights.info/. Lastly, you may follow the other steps set forth in Section (13) above to further
exercise control over cookies and similar technologies.
Before processing your request to exercise certain rights (including the Right to Know, Access & Portability, Correction,
and Deletion), we will need to verify your identity and confirm you are a resident of a state that offers the requested
right(s). In order to verify your identity, we will generally either require the successful authentication of your account, or
the matching of sufficient information you provide us to the information we maintain about you in our systems. As a result, we
require requests submitted through our email address to include the requester’s name and email address, their relationship with
GL.iNet, the brands relevant to the request, and the data subject’s email address, state/ country/ zip and any comments relating
to the request.
In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or
locate your information in our systems, or where you are not a resident of one of the eligible states.
(4) Submitting Authorized Agent Requests
In certain circumstances, you are permitted to use an authorized agent to submit requests on your behalf through the designated
methods set forth above where we can verify the authorized agent’s authority to act on your behalf. In order to verify the
authorized agent’s authority, we generally require evidence of either (i) a valid power of attorney or (ii) a signed letter
containing your name and contact information, the name and contact information of the authorized agent, and a statement of
authorization for the request. Depending on the evidence provided and your state of residency, we may still need to separately
reach out to you to confirm the authorized agent has permission to act on your behalf and to verify your identity in connection
with the request.
(5) Appealing Privacy Rights Decisions
Depending on your state of residency, you may be able to appeal a decision we have made in connection with your privacy rights
request. All appeal requests should be submitted by replying to the communication resolving your original request.
15.2 AUSTRALIA
The following disclosures supplement the information applicable to residents of Australia. We strictly comply with relevant
Australian laws and regulations to ensure transparency in the collection, use, and sharing of your information. These laws
include the Privacy Act 1988, the Spam Act 2003, and other applicable privacy and data protection legislation.
15.2.1 How We Protect Your Personal Information
(1) All personal information we hold will be processed and stored in compliance with obligations under the Privacy Act 1988. We
take reasonable steps to:
(A) Implement practices, procedures, and systems to ensure legal compliance and address compliance-related
inquiries/complaints.
(B) Maintain the accuracy, completeness, and currency of collected personal information.
(C) Secure information against misuse, interference, loss, or unauthorized access through physical and technological
safeguards.
(D) Destroy or permanently de-identify information when no longer needed for legal/business purposes.
(2) If you identify any security vulnerabilities, please notify us immediately. We adhere to all mandatory data breach
notification requirements outlined in the Privacy Act.
15.2.2 Complaints
To lodge a complaint about our handling of personal information, please submit written details via post or email using the
contact information in this policy. We will respond to formal complaints within 30 days.
If unsatisfied with our resolution, you may escalate the matter to office of the Australian Information Commissioner (OAIC).
For additional details about OAIC, you may:
Visit the Office of the Australian Information Commissioner (OAIC) website: www.oaic.gov.au