Last Updated: April 20, 2019
1. Our Privacy Principles
We are committed to recognizing and respecting your privacy rights keeping you informed and processing and protecting your personal data in compliance with applicable data protection laws and regulations (“Data Protection Laws”).
If you are located outside of the United States and you choose to use the Services or provide your information to us, your data may be transferred to, processed and maintained on servers, databases or cloud storage facilities located in the United States. Your use of the Services represents your consent and agreement to these practices. If you do not want your data transferred to or processed or maintained in the United States, you should not use the Services.
2. Information that We Collect from You
Account Data You Directly and Voluntarily Provide to Us. We may collect and process some or all of the following information you make available to us if you register, download or use the Services, such as your:
- Email Address
- Mailing Address
- Phone Number
- User Name
- Other Registration Information
- Customer Support or Technical Information you provide when you contact us with questions about your use of the Services
- Details of transactions you carry out through the Services, your purchases, and the fulfillment of orders we provide to you
- Other information you may provide to us through promotions or surveys
User Profile Data.
In addition to the data listed above, we may offer you the option to create a user profile to describe yourself that may be visible to other users of the Services. If you are a registered user you may also be able to adjust your account settings through your user account. We note that, even if you adjust your settings so that your user profile remains private, we will still be able to access and view the information you provide as part of your user profile.
Public Data You Post through the Services. If you post information on public areas of the Services, such as reviews, comments, and user content, that data may be collected and used us, other users of the Services, and the public generally. We strongly recommend that you do not post any information through the Services that allows strangers to identify or locate you or that you otherwise do not want to share with the public.
Usage Data We Automatically Collect from You. In addition to the information you provide to us, the Services may collect and process additional data automatically, this data may include your:
- Device Registration Data (for example, the type of mobile device you use, your mobile device’s unique device or advertising ID, IP address, operating system and browser type)
- Device Settings (for example, your language preference)
- Mobile Carrier
- Information about how you use the Services (for example, how many times you use the Services each day)
- Requested and Referring URLs
- Location Data collected through your Device (including, for example, precise location data such as GPS and WiFi information)
- Information collected through cookies and other tracking technologies including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access
3. How We Use Your Information
In this section, we set out the purposes for which we use personal information that we collect when you use the Services. In relation to EU Users, we are required under applicable Data Protection Laws, to identify the legal bases on which we rely to process the information.
Providing the Services, Improving the Services, Providing Support, and Communicating With You. We and our service providers may use the data you provide or that is collected through the Services to operate and improve the Services, our other sites, applications, products and services, to contact you from time to time to provide you with important information and notices relating to the Services, and to carry out obligations arising from any agreements between you and us.
Legal Bases: contract performance, legitimate interests (to correspond with you, to enable us to provide you with the Services and to improve the Services)
Providing Marketing and Promotion Materials. We and our service providers may use the data you provide or that is collected through the Services to provide you with updates, offers, and promotions, where you have chosen to receive these. We may also use your information for marketing our own and our selected business partners’ products and services to you email and, where required law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing. If you wish to unsubscribe from receiving marketing communications from us email, please follow the instructions contained in each email you receive from us describing how you can unsubscribe from receiving further marketing communications from us.
For information about how tracking works for targeted advertising purposes, and to opt out of the collection of data for this purpose companies participating in the Digital Advertising Alliance Self-Regulatory Program, you can visit http://www.aboutads.info/choices (from your browser) or http:///www.aboutads.info/appchoices (from your mobile device).
In addition, the Services may include third-party content and links to other third-party websites. We are not responsible for the privacy practices or the content of these third-party websites. You are encouraged to review the privacy policies of the different websites that you visit.
You may opt out of the collection, use, and transfer of precise location data for location-based advertising purposes, using the location services controls in your mobile device’s settings.
Legal Bases: consent, legitimate interest where consent is not required (to enable us to provide you with an experience related to your interests)
Analytics Services. We may also work with third party analytics companies to help us understand how the Services are being used, such as data collection, reporting, ad response measurement, website and mobile application analytics, and to assist with delivery of relevant marketing messages and advertisements.
We may use Google Analytics, an analytics service provided Google or other third party analytics services providers (“Analytics Services”) to collect information about your use of the Services. These Analytics Services may collect information about the content you view and your system information and geographic information. The information generated the Analytics Services about your use of the Services will be transmitted to and stored the Analytics Services. The information collected the Analytics Services allows us to analyze your use of the Services.
We encourage you to review your device and Services settings to ensure they are consistent with your preferences, including with respect to the collection and use of information. You may be able to stop further collection of certain data the Services updating your applicable device settings, or you may uninstall the Services. In addition, you may choose not to share your location details adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider/carrier or device manufacturer.
Legal Bases: legitimate interest where consent is not required (to enable us to provide you with an experience relevant to your interests)
Legal Bases: consent, legitimate interests (to enable us to perform our obligations and provide the Services to you); contract performance
If you wish to unsubscribe from receiving marketing communications from us email, please follow the instructions contained in each email you receive from us describing how you can unsubscribe from receiving further marketing communications from us. If you are a registered user you may also be able to adjust your email settings logging in to your account and adjusting your account settings.
Legal Bases: consent, legitimate interests where consent is not required (to keep you updated with news in relation to our products and services)
4. How Your Information is Shared with Third Parties
We may share the information you provide or that we collect in some circumstances as follows:
With Advertisers. We may share your information with advertisers, third-party advertising networks and analytics companies who may use it to deliver targeted advertisements to you on the Services or third-party websites or advertisers. Similarly, these advertisers may share information with us about you that they have independently gathered or acquired. We may also share encrypted versions of information we have collected in order to enable our advertising partners to perform data analysis or for advertising-related use.
With Our Company Affiliates. We may share your information with members of the Spiegato corporate family in order to provide joint content and services (like registration, transactions and customer support), or to improve your experience with the Services, products and other services.
With Our Partner Programs. If you are directed to the Services through a third party, we may share certain information back with that third party, which may include information such as name, email and value of purchase depending on the type of relationship or Services utilized.
For Marketing Campaigns. From time to time we may disclose certain information (name, mailing address and non-sensitive transactional information such as your purchase history, amounts paid and products ordered) to marketing companies for trade or rental purposes. If you prefer to opt-out of the use of your personal information marketing companies for trade or rental purposes, please let us know using our contact form.
With Our Service Providers. We may share your information with our service providers who work on our behalf. For example, these service providers may handle payment or credit card processing, data management, customer data pooling or aggregating, feature administration, email distribution, market research, information analysis, and promotions management. These service providers will only have access to the information needed to perform these limited functions on our behalf.
Social Media and Sharing. The Services may use social networking or “share functionality” or may contain links to third-party social media sites or applications that are not owned or controlled us. We also may allow you to use social media sites or applications to leverage your existing social media site or application accounts to access features of the Services. Your use of these features may result in the collection or sharing of information about you these sites or applications, depending on the feature.
We have no control over, and assume no responsibility for, any share functionality or the content, privacy policies, or practices of any third-party site or application. We encourage you to review the privacy policies and settings on the social media sites or applications with which you interact to make sure you understand the information that may be collected, used, and shared those sites. You are subject to the policies of those third parties when and where applicable.
5. The Privacy of Children
The Services are not intended for children under age 16. We do not knowingly collect or distribute personal information from or about children under the age of 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us using our contact form.
6. EU Users – Your Rights Under the General Data Protection Regulation
We acknowledge your right to access and control your personal data in accordance with applicable Data Protection Laws.
Effective May 25th, 2018, if you are subject to European Union Data Protection Laws (“EU Users”), our processing of your personal data will comply with the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (“GDPR”).
Accessing, Correcting or Deleting Your Information. For EU Users, to request access to or correction of your personal data in accordance with applicable Data Protection Laws, you may send us an e-mail to our contact form.
Please include your registration information you provided through the Services. We may ask you to provide additional information for identity verification purposes, or to verify that you are in possession of an applicable email account.
For EU Users, if you’d like us to delete information that you have provided through the Services, please contact us using our contact formand we will respond in a reasonable time in accordance with applicable Data Protection Laws. Please note that some or all of the information you provided may be required in order for the Services to function properly or may be automatically retained in backup storage or records retention archival storage.
Portability of Your Personal Data. For EU Users, should you request it, we will provide you with an electronic file of your basic account information and the information under your sole control in accordance with applicable Data Protection Laws.
Data portability is the ability to obtain some of your information in a format you can move from one service provider to another in accordance with applicable Data Protection Laws. Depending on the context and applicable Data Protection Laws, this applies to some of your information, but not to all of your information.
7. EU Users and Swiss Users – Privacy Shield (For EU and Swiss Data Transferred Into the US)
We comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles with respect to such data.
Pursuant to the EU-US and Swiss-US Privacy Shield Frameworks, the following statements apply:
- We are subject to the jurisdiction and enforcement authority of the U.S. Federal Trade Commission (FTC);
- We are liable for the onward transfer of personal data to third parties acting as our agents unless we can prove we were not a party giving rise to the damages; and
- We may be required to release EU and Swiss personal data in response to lawful requests public authorities including to meet national security and law enforcement requirements
We have further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated BBB National Programs, Inc. (BBB NP). If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
8. Nevada Privacy Rights
Under Nevada law, Nevada residents may submit a request directing us not to make certain disclosures of personal information we maintain about them. To exercise this right, please contact us.
9. California Residents Under 18
This section contains disclosures required the California Consumer Privacy Act (“CCPA”) and applies only to “personal information” that is subject to the CCPA. Consumers with disabilities may access this notice with a standard screen reader.
Personal Information We Collect, Disclose for a Business Purpose, and Sell. We collect the categories of personal information about California consumers identified in the chart below. As further set forth in the chart below, in the past 12 months, we have disclosed and sold California consumers’ personal information to third parties for business or commercial purposes. [Note: Please confirm which (if any) of the below categories (1) you collect; (2) you have disclosed for a business purpose (e.g., to service providers) within the preceding 12 months; and (3) you have sold to third parties within the preceding 12 months. After filling out the chart, we can adjust this section as needed.]
|Categories of Personal Information||Collected in the last 12 months:||Categories of sources from which information is collected:||Business or commercial purposes for collection, use, and sharing:||Disclosed for business purposes to the following categories of third parties:||Sold to the following categories of third parties:|
|Personal and online identifiers (such as first and last name, email address, or unique online identifiers)||Yes||All categories listed below.||All purposes listed below.||All categories listed below.||All categories listed below.|
|Commercial or transactions information (such as records of personal property or products or services purchased, obtained or considered)||Yes||All categories listed below.||All purposes listed below.||All categories listed below.||All categories listed below.|
|Internet or other electronic network activity information (such as browsing history, search history, interactions with a website, email, application, or advertisement)||Yes||All categories listed below.||All purposes listed below.||All categories listed below.||All categories listed below.|
|Inferences drawn from the above information about your predicted characteristics and preferences||Yes||All categories listed below.||All purposes listed below.||All categories listed below.||All categories listed below.|
|Other information about you that is linked to the personal information above||Yes||All categories listed below.||All purposes listed below.||All categories listed below.||All categories listed below.|
Categories of Sources: We collect this personal information from the following categories of sources:
- Service providers;
- Affiliates not under the Spiegato brand; and
- Consumer data resellers
- Our commercial purposes, including marketing, advertising, offering promotions, authentication, identity resolution, fraud prevention, fulfillment services, and facilitating transactions.
- Our business purposes as identified in the CCPA, which include:
- Auditing related to our interactions with you;
- Legal compliance;
- Detecting and protecting against security incidents, fraud, and illegal activity;
- Performing services (for us or our service provider) such as account servicing, processing orders and payments, and analytics;
- Internal research for technological improvement;
- Internal operations;
- Activities to maintain and improve our services; and
- Other one-time uses.
Recipients of California Personal Information. We may sell the categories of personal information designated above to the categories of third parties listed below:
- Advertising/Marketing companies;
- Affiliates not under the Spiegato brand;
- Partner programs;
- Service providers; and
- Social networks
We disclose the categories of personal information designated above to the categories of third parties listed below for business purposes:
- Service providers;
- Affiliates not under the Spiegato brand;
- Internet service providers;
- Data analytics providers;
- Operating systems and platforms; and
- Social networks
Your Rights Regarding Personal Information. California residents have certain rights with respect to the personal information collected businesses. If you are a California resident, you may exercise the following rights regarding your personal information, subject to certain exceptions and limitations:
- For certain categories of personal information, the right to request a list of what personal information (if any) we disclosed to third parties for their own direct marketing purposes in the preceding calendar year and the names and addresses of those third parties;
- The right to know the categories and specific pieces of personal information we collect, use, disclose, and sell about you, the categories of sources from which we collected your personal information, our purposes for collecting or selling your personal information, the categories of your personal information that we have either sold or disclosed for a business purpose, and the categories of third parties with which we have shared personal information;
- The right to request that we delete the personal information we have collected from you or maintain about you.
- The right to opt out of our sale(s) of your personal information. Please note that if you opt out of certain types of sales, we will be unable to provide you with the services that rely on such sales.
- The right not to receive discriminatory treatment for the exercise of the privacy rights conferred the CCPA. We may offer you certain financial incentives permitted applicable law as compensation for allowing us to collect, sell, or maintain your personal information.
To exercise any of the above rights, please contact us using the following information and submit the required verifying information online at: Make a CCPA consumer rights request online through our request form.
Verification Process and Required Information. Note that we may need to request additional information from you to verify your identity or understand the scope of your request, although you will not be required to create an account with us to submit a request or have it fulfilled.
Authorized Agent. You may designate an authorized agent to make a CCPA request on your behalf. We will require proof of your consent to designating such an agent and verification of your identity as described above.
Minors’ Right to Opt In. We do not sell the personal information of minors under 16 years of age.
11. Security Measures and Storage Limits
We provide industry-standard physical, electronic, and procedural safeguards to protect personal data we process and maintain. For example, we take reasonable measures to limit access to this data to authorized employees and contractors who need to know that information in order to operate, develop or improve our Services. Please be aware that, although we endeavor to provide reasonable security for data we process and maintain, no security system can prevent all potential security breaches. As a result, we cannot guarantee or warrant the security of any information you transmit on or through the Services and you do so at your own risk.
Our retention periods for personal data are based on our business needs and legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose.
13. Contact Us
We will do our best to respond to you in a timely and professional manner to answer your questions and resolve your concerns.