Privacy policy

Introduction

We value your integrity, in other words to respect and protect the information you share with us. It is about processing your data in a way that is fair, clear and secure. You have the right to know what information is collected about you and why. 

This notice tells you what information we collect, why we do it, how long we keep it, and what rights you have as a user.

To use Gimi, it is the parent who approves Gimi’s terms and conditions for themselves and their children.

If you are under 18, you can download and install the app, but we will delete your account and all your personal data within 7 days if you do not connect with a parent/guardian. We do this because we need your parent’s approval of Gimi’s terms and conditions in order for you to use the app. When we do this, we process your Profile information and Device Information (see below for more information). We do this with legitimate interest as a legal basis. We save the information for 7 days.

 

Update of rules

We updated our rules on 4th of April 2024, and those are the current rules. If we make major changes, we will let you know on our website, via SMS/email or in the Gimi app.

This Privacy Notice applies to all countries Gimi operates in. Please note that there might be differences between countries and that local versions of Privacy Notice might be different from this one. If so, the local versions will never have more data processing than what is described in this Privacy Notice.

 

About us

Gimi AB, called “Gimi,” “We,” or “us,” a Swedish company with organisation number 556985-8029, is responsible for the processing of your information.

 

Information we collect

Here you can see what information We process when you are using Gimi. We have gathered several different pieces of information under one definition to make it easier for you to understand. In the continuation of this Privacy notice these definitions will be used.

Profile information:

Email, phone number, date of birth, age, gender, user ID, username, photo

Device Information:

ID for your phone or tablet, user data, information about how you use Gimi, technical information about your phone or tablet, and other data about your use of the app.

Demographic data (Survey Information):

What bank you are banking with, salary range, educational level, area where you live. 

Account Information:

Bank details, account number, balance, transaction history, and other information about your account.

Free text:

Text you write in customer support,customer surveys or comment fields.

 

Processing, purposes, legal basis and storage time

Deliver our service to you (Gimi App)

In order to deliver our service to you, we process your Profile information and Device Information. We do this with the fulfillment of a contract as a legal basis. We save the data as long as you use the app and we delete the data when you have been inactive for 2 years or in connection with your termination of service. 

Add bank accounts to the Gimi app and make transfers

To give you the ability to link your child’s bank account to the Gimi app and use it with value-adding features as well as make transfers to that account, we process Account Information. We do this with the fulfillment of a contract as a legal basis. We save the data as long as you use the service and delete the data when you have been inactive for 2 years or in connection with your termination of service.

Profile picture

We want to give you the ability to add a profile picture to the Gimi app. Adding a profile picture is completely optional and if you choose to do so, we will process your profile picture. We do this with legitimate interest as a legal basis. We save the data as long as you use the app and we delete the data after you have been inactive for 2 years.

Customer surveys

In order to improve the app and know what you as a user think, Gimi conducts customer surveys. Participation is completely voluntary. If you participate, we will process your Profile information, Survey Information Free text. We do this with legitimate interest as a legal basis. We save the data as long as it is relevant for us, a maximum of 3 years.

Product development

In order to improve the app, we collect statistics about your use of the app and analyse it. We then process your Profile information, Device Information and Account Information. We do this with legitimate interest as a legal basis. We save the data as long as you use the app and we delete the data after you have been inactive for 2 years.

Research collaborations

To learn more about how children use and learn about money, we collaborate with universities and other research organizations. When we do this, we pseudonymise or anonymise personal data so that no person can be identified and then share the data with the collaboration partner. We can then process Profile information, Device Information and Account Information. We do this with legitimate interest as a legal basis. We save the data for as long as the research project is ongoing and we delete the data after the project has ended, no later than 5 years afterwards.

Marketing

To inform you about new services, functions and offers in Gimi, we may send you marketing by email or push notification. Note that you can unsubscribe from this marketing. We can then process Profile information and Device information. We can also use your Profile information to create target groups for advertising on social media. We do this with legitimate interest as a legal basis. We save the data until the campaign is finished and a maximum of 3 more years.

Social media and App stores

Gimi has pages on social media and App Stores. In order for you to be able to leave comments and ratings in our social media and App Stores, Gimi needs to process Profile information that you provide when you comment or rate. We do this with legitimate interest as a legal basis. We save the data for 5 years.

Defense of our legal rights

Gimi has an interest in being able to defend legal rights and can process your Profile information, Device Information and Account Information. We do this with legitimate interest as a legal basis. Gimi may share information for national security or legal purposes. We save the data for as long as we need, a maximum of 5 years.

 

Cookies

Gimi’s websites use cookies to improve service and marketing. Read more in our Cookie Policy.

 

Information security

We do everything we can to keep your personal information and other data safe from falling into the wrong hands. We have different physical, electronic and organisational security measures to protect it. We work according to established routines and principles for safety. We save the data on secure servers and protect it with strong networks. Only a few people who work here have access to it. But, keep in mind that no method on the internet is completely 100% secure.

 

Transfer to third countries

In order to offer the Gimi service, we may sometimes send, process and store your information in different countries. Sometimes we may also hire other companies outside your home country to help us process your information. If we collect information within the European Economic Area (EEA), we may sometimes send and process it in another country outside the EEA, primarily the United States. We ensure that there is adequate protection and that your information is treated with the same level of security as within the EEA. You understand that we may do this with your information, as described in our Privacy Policy.

 

Profiling and automated decision-making

Profiling is used for product development and statistics without legal consequences.

Automated decision-making is not applied with legal consequences.

 

Your rights

It is important that you have control over your own information on the Internet. This means that you have the right to know what information is collected about you, why it is collected and what it is used for. You also have the right to say “no” if someone wants to use your information in a way you don’t like. In addition, you can ask to find out what they know about you and even to remove the information if you want. So in short, GDPR gives you the right to control and decide over your own information online. Specifically, you can:

  • Get information about your personal data, correct it, object to our processing, ask us to delete it or limit how we use it.
  • Say no to processing and request that we transfer your data to another company (data portability).
  • Contact hello@gimitheapp.com or dpo@gimitheapp.com in order to use your rights.
  • File a complaint with the Privacy Protection Authority in your country.

Gimi AB is a registered payment service provider for account information services with the Swedish Financial Supervisory Authority, and is under its supervision.