PART 1: WEBSITE VISITORS
When you visit the Sites, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Sites, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Sites, and information about how you interact with the Sites. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
– “Log files” track actions occurring on the Sites, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Sites.
If you contact us through any of the Sites e.g. to request a demo or information, we may collect business contact information, such as your name, email, company name, company size and details of your request.
HOW DO WE USE YOUR PERSONAL INFORMATION?
To communicate with you; to respond to your questions or inquiries and, in line with the preferences you have shared with us, provide you with information or advertising relating to our platforms or services.
We use the Device Information that we collect to help us improve and optimize our Sites (for example, by generating analytics about how our users browse and interact with the Sites, and to assess the success of our marketing and advertising campaigns).
Cookies also enable us to recognize you as a returning visitor and optimize your browsing experience, e.g. by remembering your settings or information entered into forms, or returning you to pages you previously visited.
If you decline or delete cookies, our Sites will still function, however your browsing experience may be less optimized.
We use anonymized heat-mapping software like Hotjar in order to better understand our users’ needs and to optimize this service and experience. These technology services help us better understand our users’ experiences (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.), and enable us to build and maintain our service with user feedback. They store this information in pseudonymized user profiles.
All data collected on our public-facing Sites will never be used to identify individual users or to match it with further data on an individual user (this does not apply to logged-in users within our non-public portals).
As a Creator, if you are invited by one of CreatorIQ’s customers to use the “Creator Connect” portal, then we use a temporary cookie to authenticate your login using your email address. This cookie is strictly necessary for using the portal – without this cookie or if you have all cookies blocked by your browser, you will not be able to log in. This cookie expires when you close your session and will be reset when you log in again. This cookie is used exclusively to enable the login process and never to track or analyze your behavior. Please note that our customers are the “data controllers” and responsible for data use on their Creator Connect portal, and might use additional cookies and have data processing policies that differ from ours. Please check the applicable privacy notices when you enter the portal.
SHARING YOUR PERSONAL INFORMATION
We may share your Personal Information with third parties to help us process it and communicate with you, as further described below. For example, we use Google Analytics to help us understand how our users use the Sites — you can read more about how
Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/.
You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you on the Sites or other websites or apps. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising at the following links:
FACEBOOK – https://www.facebook.com/settings/?tab=ads
GOOGLE – https://www.google.com/settings/ads/anonymous
BING – https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
DO NOT TRACK
Please note that we do not alter our Sites’ data collection and use practices when we see a Do Not Track signal from your browser.
PART 2: DATA PROCESSING IN RELATION TO OUR PLATFORMS AND BUSINESS
Our platforms and services allow brands and agencies to discover, connect with and manage and grow their relationships with creators. These “Creators” may include creators and influencers on social media, public figures, brand ambassadors or other influencers such as journalists. This involves the adding of information to our platforms by us or by our customers which may be classed as personal data or personal information under applicable laws (referred to as “Personal Data”).
The principal purposes of our data processing are as follows:
|Category of data subject||Categories of data||Purpose||Source||Legal basis for data processing|
|Visitors to our webpages||Internet activity including web pages visited or surfed to or from; data submitted on contact forms; cookie data; Device Information||Managing and improving our Sites, login authentication, improving the browsing experience for returning users, and responding to your inquiries or requests||Directly from you||This processing is done with your consent, as you have provided us with your contact data for this purpose, including in respect of cookies and similar technologies|
|Our customers’ business, IT and billing contacts and registered users||Identifiers such as name, title, business email, business phone numbers, business address, login details||Managing provision of our services, permitting and controlling access to our platforms, providing customer service||From our customers or directly from the Individuals||This processing is necessary for the fulfillment of our contracts with our customers or for our legitimate interests in providing services to them. All this data is business data and its processing should have no negative impact on your privacy|
|Potential customers, suppliers and service providers||Identifiers such as name, title, business email, business phone numbers, business address, business interests, employment information and education or qualifications information||Growing and managing our business||Directly from you; or from other public sources (e.g. trade shows, professional websites)||This processing is based on our legitimate interests in developing and obtaining goods and services for our business. All this data is business data and its processing should have no negative impact on your privacy|
|Creators||Identifiers and internet activity including names and handles, bio, profile picture and interests, public posting activity, public conversations, engagement, followers and follower counts, brand affiliations*||Providing our services which include creating for our customers a profile of you and your activity as a Creator, and permitting customers to view, evaluate and create reports on Creators and set up and manage campaigns on our platforms||
Social network platforms.
Third party data providers.
Also from customers**
|This processing is based on our legitimate interests in providing and managing our platform and services. This is information that has been made available publicly by the Creators, and its processing should have no negative impact on your privacy; we apply industry-standard security measures and also provide an easy means of opting out of inclusion in our platform as indicated below.|
|Creators||Authenticated Data from social Network platforms: all available post and video activity and engagement data***||
More accurate statistical data and attribution of post/video/engagement activity to Creators;
Improvement of our services (in aggregated and anonymous form only)
Social network platforms.
Also from customers*
|This processing is based on your consent, which is collected when you voluntarily link one or more of your Social Network accounts to any of our platforms, which may be in respect of a particular customer using our platforms|
|Creators||Name, address, tax status, and bank account and payment information||Making payments to you on behalf of our customers with whom you have worked on campaigns||Clients||This processing is based on our customers’ agreements with you and on our and our customers’ legitimate interests in enabling you to be paid for your services. For this we use payment information that has been made available by you to our customer. Its processing has no negative impact on your privacy; and we apply industry-standard security measures.|
|Creators||Email addresses||Communicating with you regarding business opportunities with our customers/ advertisers||Creators’ public profiles, blogs or websites||This processing is based on our and our customers’ legitimate interests in communicating with you for business purposes, including introducing opportunities for influencer marketing arrangements or campaigns with them. For this we use contact information that has been made available publicly by you, and its processing should have no negative impact on your privacy; we apply industry-standard security measures and you can opt out of receiving such communications at any time.|
* We receive public data from social network platforms via API connections, which we then store and process in our platform as set out in this Policy. This allows any of our customers that use the “discovery” features of our service to review and locate Creators that could be of interest for their future campaigns. Clients may also review past posting activity, engagement, and past or current campaigns. Updated posts and metrics are obtained from the social network platforms each time a customer searches for posts in our system. Some of our services and platforms may also use data obtained from third party data providers (who may provide additional information or inferences such as the likely demographics of a Creator’s followers, or engagement observed directly online) and also other publicly available sources such as social media platforms, websites and blogs.
** Please note that our customers may also enter certain Personal Data into our systems (e.g. in relation to particular Creators they work with, or because Creators have directly agreed to give them greater access to Authenticated Data– please see the next section). For this data, we act as a data processor or service provider on behalf of our customers, and not as a data controller. Their processing of your Personal Data will be subject to their own privacy notices and policies. We will normally need to pass any questions in relation to this data on to the relevant customer for action or response.
*** Authentication of Data from social network platforms:
Via the Links Accounts Page of your profile page, you may choose to opt-in and allow us to connect to one or more of your social network accounts so that we may access additional data from the applicable social network platforms (e.g. the audience of the channel and additional metrics such as video annotation clicks, dark posts and geo-fenced posts, referred to as “Authenticated Data”). You may also be invited directly by a particular brand or customer to give them access to Authenticated Data, in which case: (i) that permission relates only to their use of the data; and (ii) that data will only be visible in that customer’s section of our platform and we will not share that data with any other customer.
You may revoke our ability to collect your Authenticated Data at any time through the opt-out feature in the Link Accounts Page or by contacting us using the contacts below. You may also revoke access to your Authenticated Data via the Social Networks’ own settings panels, e.g. for YouTube via the Google security settings page at https://security.google.com/settings/security/permissions. If you opt into authenticating any of your social network accounts with us, we will:
- Never post on your behalf to any of your authenticated social network accounts (e.g. your Facebook Page or YouTube Channel).
- Never manage any of your Social Network Account ad campaigns (e.g. Facebook ad campaigns or YouTube ad campaigns) and will never alter any of your Social Network ad settings.
In relation to YouTube accounts, please visit YouTube’s Terms of Service: https://www.youtube.com/t/terms and Google’s Privacy Notice: http://www.google.com/policies/privacy. Please note that this may differ from the information you are given by the relevant Social Network at the time of authenticating. However, we will always process data in accordance with this Policy.
PART 3: GENERAL PROVISIONS
We may share Personal Data with the following categories of recipients(and have done so during the past 12 months):
Our platforms and the Personal Data processed within them are hosted on our behalf by Amazon Web Services on servers located in the USA.
We also provide data to other companies in our corporate group, technical service providers (for purposes such as customer support, analytics, email delivery, or database management), professional advisers (such as payment processors and security, insurance, legal, and accounting service providers) inside and outside the European Union (with Iceland, Liechtenstein and Norway, the “EEA”), Switzerland and the UK, that require access to data in order to assist us in providing our services. In particular, we work with reputable external data processors in order to provide our platforms and services, including for the purposes of storage, analysis, development, testing etc., and who are not permitted to use any data processed on our behalf for any other purpose.
In each case we have in place safeguards that enable transfers from the EEA, Switzerland or the UK to happen in a way that ensures that data is handled in accordance with similar standards to those applicable in those territories. These include: a decision from the relevant authorities indicating that the place of receipt has adequate data protection laws; and standard contract clauses approved by the relevant authorities for other international transfers. A copy of these safeguards may be made available if we receive a valid request.
The data contained in our platforms is made available to our customers, who may also process it in accordance with their own privacy policies and practices.
Where data (which may include Personal Data) is provided to us by one of our customers we enable such customer’s authorized users to access, update and process the data provided by that customer.
In connection with a business transaction (or potential business transaction) such as an investment, pestiture, acquisition, merger, consolidation, reorganization or sale of assets, or in the event of bankruptcy or dissolution, we may transfer or otherwise share some or all of our business or assets, which may include Personal Data, with the relevant investor or acquirer, their advisers, and where applicable any relevant regulatory authorities.
Finally, if any authority, police force or regulator validly requested data from us, then we would normally comply with such request without having to notify you.
DATA RETENTION PERIODS
We retain the data only as long as necessary for the purposes described in this Policy. When we no longer need to use the data for such purposes (or for us to comply with our legal or regulatory obligations), then we will either remove it from our systems or delete all personally identifying elements so that the data cannot be traced back to you or any other identifiable person.
Individuals located in EEA, Switzerland or the UK have various legalrights in relation to their data including:
• To ask for access to it;
• To ask for errors in it to be corrected;
• To ask for it to be erased (the “right to be forgotten”);
• If not erased, then to ask us to restrict its processing;
• To object to its processing for specific purposes;
• To ask for a copy to take to another service provider.
California consumers also have legal rights in relation to their Personal Data including:
• To know what Personal Data has been collected about you;
• To ask to have it deleted;
• To opt out of sales of that Personal Data (please see the next Section);
• Not to be discriminated against for exercising any of your rights under California privacy legislation (for example we would not deny you service, charge you a different price, or provide you a different quality of service fordoing so).
Where we process any data based on consent that you have given in the past, then you are always allowed to withdraw your consent at any time (though the processing that took place before withdrawal will still be legal).
Please note that in some circumstances we may not be able to fully comply with a request, e.g. where are required to retain data in order to comply with legal, accounting, tax, or record-keeping obligations.
Where you make a request, please understand that we may need to take reasonable steps to verify your identity or authority to make the request, and confirm the personal information relates to you.
We are always available through the contacts at the end of this Policy to help resolve any issues or doubts you may have in relation to processing of your Personal Data. If you believe that your rights have not been respected at any time then you also have a right to complain to the Data Protection Supervisory Authority in your country to ask them for a resolution.
The Sites and our platforms and services are not intended for children and we do not intend to process children’s data. If we learn that we have collected a child’s personal information without the consent of the child’s parent or guardian, we will delete it. Please always contact us with any concerns.
The Data Controller of the Personal Data we hold is: Social Edge, Inc. dba CreatorIQ. For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us bye-mail at email@example.com or by mail using the details provided below:
600 Corporate Pointe Suite 210, Culver City, CA, 90230, United States
Our representative in Europe is:
Floor 11, Whitefriars, Lewins Mead, Bristol BS1 2NT, United Kingdom
Certain of our platforms and services are provided by Tribe3.com Inc., who also have a representative in the EEA who can be reached at The DPO Centre Europe, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2, Ireland, on +3531 631 9460 or at firstname.lastname@example.org.
Last updated: December 8, 2021