Introduction

Welcome to glp.space, a brand of Ex Automata, Inc. We are committed to protecting your privacy and being transparent about the minimal data we collect. This Privacy Policy explains how we handle your personal information in accordance with applicable data protection laws, including the US privacy laws, UK General Data Protection Regulation (UK GDPR), EU General Data Protection Regulation (EU GDPR), and California Consumer Privacy Act (CCPA).

By using our website, you agree to the collection and use of information in accordance with this policy.

About Us

Brand Name: glp.space

Company Name: Ex Automata, Inc.

Registered Address: 2261 Market Street, STE 86396, San Francisco, CA, 94114, US

Email: [email protected]

Phone: +1 628 287-3564

Ex Automata, Inc. is a company registered in the United States. glp.space operates as a brand of Ex Automata, Inc.

What Data We Collect

We operate a minimal data collection policy. We only collect personal data when you voluntarily submit it to us.

Contact Form Submissions

When you use our contact form, we collect:

Name: Your full name or the name you provide
Email Address: To respond to your inquiry
Message Content: The information you choose to share in your message
Submission Timestamp: When you submitted the form

Automatically Collected Technical Data

When you visit our website, we may automatically collect:

IP Address: For security purposes and to prevent abuse
Browser Type and Version: To ensure website compatibility
Device Information: Device type and operating system
Access Times and Pages Visited: Basic analytics to improve our website
Geographic Location: General location based on IP address (country/region level only)

We do NOT collect or store:

User accounts or passwords
Payment information
Social security numbers or government IDs
Financial information
Precise geolocation data
Sensitive personal information
Tracking cookies for advertising purposes
Personal data beyond what you voluntarily provide in the contact form

Legal Basis for Processing (UK/EU Users)

For users in the United Kingdom and European Union, we process your personal data under the following legal bases:

Consent: When you submit our contact form, you consent to us processing your data to respond to your inquiry
Legitimate Interests: We have a legitimate interest in maintaining website security, preventing abuse, and improving our services

How We Use Your Data

We use your personal data only for the following purposes:

To respond to your inquiries submitted via the contact form
To maintain correspondence and follow up on your requests
To ensure website security and prevent spam or abuse
To improve our website functionality and user experience
To comply with legal obligations

We do NOT use your data for:

Marketing or promotional purposes (unless you specifically request updates)
Selling or sharing with third parties for commercial purposes
Profiling or automated decision-making
Targeted advertising
Creating user profiles for commercial purposes

Data Sharing and Disclosure

We do not sell, rent, or share your personal data with third parties except in the following limited circumstances:

Service Providers

Your contact form submissions may be processed through:

Email Service Provider: (e.g., Gmail, SendGrid, Mailgun) solely for delivering your message to us
Web Hosting Provider: For website operation and data storage
Analytics Services: (if applicable) with anonymized data only

These service providers are contractually obligated to protect your data and use it only for specified purposes.

Legal Requirements

We may disclose your personal data if required by:

Law, court order, or government regulation
Protection of our legal rights, property, or safety
Prevention of fraud or illegal activities
Compliance with valid legal processes

Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred. We will notify you of any such change.

We do NOT share your data with:

Marketing companies or data brokers
Social media platforms for advertising
Third-party advertisers
Any party for commercial purposes

Data Retention

We retain your personal data only as long as necessary:

Contact Form Submissions: Retained for up to 2 years or until the matter is resolved, whichever is shorter
Technical Logs: Retained for up to 12 months for security purposes
Email Correspondence: Retained for the duration of our communication and up to 1 year afterward

You may request deletion of your data at any time by contacting us at [email protected].

Your Privacy Rights

Your rights depend on your location. We respect all applicable privacy rights.

Rights for UK/EU Users (GDPR)

Under UK GDPR and EU GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your personal data (right to be forgotten)
Restrict Processing: Request limitation on how we use your data
Data Portability: Receive your data in a portable format
Object: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent at any time
Lodge a Complaint: File a complaint with your local data protection authority

UK Users: Contact the Information Commissioner's Office (ICO) at www.ico.org.uk

EU Users: Contact your national data protection authority

Rights for California Users (CCPA/CPRA)

Under the California Consumer Privacy Act, California residents have the right to:

Know: Request information about the personal information we collect, use, disclose, and sell
Access: Request a copy of your personal data
Delete: Request deletion of your personal data
Opt-Out: Opt out of the sale of personal information (Note: We do NOT sell personal data)
Non-Discrimination: Not be discriminated against for exercising your privacy rights

Rights for All Users

Regardless of location, you can:

Request information about what data we hold about you
Request correction or deletion of your data
Opt out of any communications
Withdraw consent at any time

To exercise your rights: Contact us at [email protected]. We will respond within 30 days (or as required by applicable law).

Cookies and Tracking Technologies

Our website uses minimal cookies and tracking technologies:

Essential Cookies

We may use strictly necessary cookies required for the website to function:

Session cookies for form submission
Security cookies to prevent abuse and CSRF attacks

Analytics (Optional)

If we use analytics tools (e.g., Google Analytics), we:

Use anonymized IP addresses
Disable advertising features
Enable user privacy controls
Provide opt-out mechanisms

What We DON'T Use

We do NOT use:

Advertising cookies
Third-party tracking cookies for marketing
Social media tracking pixels
Cross-site tracking technologies
Cookies to sell your data

Managing Cookies

You can control cookies through your browser settings:

Chrome: Settings > Privacy and Security > Cookies
Firefox: Settings > Privacy & Security
Safari: Preferences > Privacy
Edge: Settings > Cookies and site permissions

Disabling essential cookies may affect contact form functionality. For more information, visit www.aboutcookies.org or www.allaboutcookies.org.

International Data Transfers

Ex Automata, Inc. is based in the United States. If you are located outside the US:

For UK/EU Users

When we transfer your data from the UK/EU to the US, we ensure appropriate safeguards:

Standard Contractual Clauses (SCCs) approved by UK/EU authorities
Compliance with UK/EU data protection requirements
Additional security measures to protect your data

For All International Users

Your data may be processed in the United States, which may have different data protection laws than your country. By using our services, you consent to the transfer of your data to the US with appropriate safeguards in place.

Security

We implement appropriate security measures to protect your data:

Encryption: HTTPS/SSL encryption for data transmission
Access Controls: Limited access to personal data on a need-to-know basis
Secure Storage: Data stored on secure servers with access controls
Regular Updates: Security monitoring and software updates
Incident Response: Procedures for handling security breaches

While we take reasonable precautions, no internet transmission is 100% secure. We will notify you promptly of any data breach affecting your personal data, as required by applicable law (within 72 hours for UK/EU users, as required by CCPA for California users).

Children's Privacy

Our website and services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from anyone under 18.

If you are under 18, please do not use our contact form or provide any personal information to us. If you are a parent or guardian and believe that your child under 18 has provided us with personal information, please contact us immediately at [email protected], and we will promptly delete such information from our records.

Third-Party Links

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of these third-party sites. Please review their privacy policies before providing any personal information.

Do Not Track Signals

Some browsers have "Do Not Track" (DNT) features. Currently, there is no industry standard for how to respond to DNT signals. Our website does not respond to DNT signals at this time. However, we do not track users across third-party websites for advertising purposes.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

Changes in our data practices
New legal requirements
User feedback
Business changes

When we make changes:

We will post the updated policy with a new "Last Updated" date
For material changes, we will display a prominent notice on our website
For UK/EU users, we may seek renewed consent if required

Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

Contact Us

For any questions, concerns, or requests regarding this Privacy Policy or your personal data:

Email: [email protected]

Company: Ex Automata, Inc.

Address: 2261 Market Street, STE 86396, San Francisco, CA, 94114, US

Phone: +1 628 287-3564

For Privacy Rights Requests

To exercise your privacy rights, email us at [email protected] with:

Your full name
Email address used in the contact form
Description of your request
Proof of identity (if required for security)

We will respond within:

30 days for most requests
1 month for UK/EU users (extendable by 2 months for complex requests)
45 days for California users (extendable by 45 days with notice)

For Complaints (UK/EU Users)

UK Users - Information Commissioner's Office (ICO):

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113

Website: www.ico.org.uk

Email: [email protected]

EU Users: Contact your national data protection authority (supervisory authority in your member state)

For Complaints (California Users)

California Attorney General's Office:

Website: oag.ca.gov/contact

Phone: (916) 210-6276

Summary

What we collect: Only your name, email, and message from the contact form

Why we collect it: To respond to your inquiries

Who we share it with: Only our email service provider (to deliver your message to us)

Your rights: Access, correct, delete, or export your data at any time

Our commitment: We don't sell your data, track you for advertising, or use your information for marketing

This Privacy Policy complies with:

US Federal privacy laws
UK GDPR (General Data Protection Regulation)
EU GDPR (General Data Protection Regulation)
CCPA/CPRA (California Consumer Privacy Act)
COPPA (Children's Online Privacy Protection Act)

Effective as of October 2025