Privacy policy
Introduction
Got-U Skier Safety (“Got-U,” “we,” “us,” or “our”) provides B2B managed skier safety and monitoring services to ski resorts and their affiliates (“Clients”). We are committed to protecting the privacy and security of data that we collect, process, store, or transmit in the course of providing those Services.
This Privacy Policy explains how we handle Personal Information and Client Data, including compliance with U.S. privacy laws (such as the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)), as well as other applicable state and federal privacy regulations.
By engaging with Got-U or using our Services, Clients and their authorized users agree to the practices described in this Privacy Policy.
1. Scope & Applicability
This Policy covers Personal Information collected in connection with our Services (including mobile apps, APIs, dashboards, integrations, and related tools).
This Policy applies across the United States, including compliance with California (CCPA/CPRA), Colorado, Virginia, Connecticut, and Utah privacy laws. Where other state or federal rules apply, we will meet or exceed their requirements.
Clients remain responsible for their own direct data collection practices; Got-U acts primarily as a service provider/processor under U.S. privacy laws.
2. Categories of Personal Information We Collect (per CCPA/CPRA)
Identifiers: Name, username, email, phone, device ID, IP address.
Personal Records: Contact details, account credentials, service configuration.
Commercial Information: Subscription level, billing history, transactions.
Internet / Mobile Activity: Log data, cookies, device telemetry, browsing activity on Got-U portals.
Geolocation Data: Real-time and historical location of devices/users.
Sensory/Device Data: Motion, altitude, accelerometer, barometer, or other device-based telemetry.
Professional / Employment Info: Role, organizational affiliation (for Client staff).
Inferences: Derived insights (e.g., incident risk profiles, activity patterns).
We do not collect Social Security Numbers, driver’s license numbers, or precise financial account details.
3. Sources of Information
Directly from Clients and authorized users.
Automatically from device sensors and usage of the Services.
Third parties (e.g., mapping, weather, integration partners).
4. Purposes of Collection & Use
We use data to:
- Deliver and improve the Services.
- Detect and respond to safety incidents.
- Provide analytics, dashboards, and reporting.
- Monitor system security and troubleshoot issues.
- Support billing, account management, and compliance.
- Comply with applicable law.
We do not use Personal Information for cross-context behavioral advertising or sell Personal Information.
5. Sharing & Disclosure
We may share Personal Information:
- With Clients (as data controllers) for their authorized purposes.
- With Service Providers (e.g., hosting, analytics, support) under written contracts requiring confidentiality and limiting use to service delivery.
- With Emergency Responders or Authorized Integration Partners at the Client’s direction.
- For Legal Compliance (subpoenas, lawful requests).
- During Business Transactions (merger, acquisition, reorganization).
Got-U does not “sell” Personal Information under CCPA/CPRA definitions.
6. Data Subject Rights (U.S. Privacy Laws)
Under California (CCPA/CPRA) and similar state laws, individuals whose data we process may have rights, including:
- Right to Know.
- Right to Delete.
- Right to Correct.
- Right to Opt-Out.
- Right to Limit Use of Sensitive Personal Information.
- Right to Non-Discrimination.
How to Exercise Rights: Clients and end users may submit requests by emailing support@got-u.io.
We will verify identity before fulfilling requests. As a service provider, Got-U may redirect certain requests to the relevant Client.
7. Retention
We retain Personal Information for as long as necessary to:
- Fulfill service contracts.
- Meet safety and compliance obligations.
- Comply with law.
When no longer needed, we securely delete or de-identify data.
8. Security
We employ administrative, technical, and physical safeguards (encryption, access controls, monitoring, secure development practices, incident response). However, no system is fully secure.
9. Children’s Data
Got-U does not knowingly collect data from children under 13 years old (COPPA) or under 16 in California without verified parental consent. If discovered, such data will be deleted.
10. Cookies & Tracking
We may use cookies, analytics, and mobile SDKs to support functionality and security. Clients and users may disable non-essential cookies, though some features may be impaired.
11. Changes
We may update this Policy. Material changes will be communicated to Clients in advance.
12. Contact Us
Got-U Skier Safety
Attn: Privacy Officer
Email: support@got-u.io
