Last modified: February 24, 2023
WE DO NOT SELL YOUR PERSONAL INFORMATION, NOR DO WE INTEND TO DO SO. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SUBPROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.
If you have any questions regarding this Section, please email us at email@example.com.
2. WHAT INFORMATION DO WE COLLECT?
When you use our Website, we collect personal information (also referred to as personally identifiable information or “PII”) which may include your name, address, online contact information such as your email address, phone number, photograph or video or audio file and other personal information. The information so collected will be stored on our servers. You are able to change your personal information via email by contacting us at firstname.lastname@example.org.
A. Geolocation and Equipment Information. We may collect information that does not personally identify you such as (i) your geolocation, and (ii) information about your internet connection, the equipment you use to access our Website, and usage details.
3. HOW DO WE COLLECT INFORMATION?
We collect personal information from you in the following ways:
- At registration on our Website;
- In email, text, and other electronic messages between you and our Website;
- Through mobile and desktop applications your downloads from our Website, which provides dedicated non-browser based interaction between you and our Website;
- From you placing an order, which includes details of transactions you carry out on our Website;
- When you invest in the crowdfund on our Website;
- When you subscribe to a newsletter;
- From your responses to a survey;
- From forms filled out by you;
- From records or copies of correspondences (including email addresses) if you contact us;
- From search queries on our Website; and
- When you post information to be published or displayed on our Website.
We collect information from you automatically when you navigate through our Website in the following ways:
- Usage details;
- IP addresses;
- Information obtained through browser cookies;
- Information obtained through flash cookies;
- Web beacons on our Website;
- Web beacons on emails sent by us; and
- Other tracking technologies.
HOW DO WE USE YOUR INFORMATION?
We use the information that you provide to:
- Personalize your experience in using our Website;
- Provide you with information, products, or services requested from us;
- Present our Website and their contents to you;
- Notify you about changes to our Website;
- Allow you to participate in interactive features on our Website;
- Administer contests, promotions, and surveys or other Website;
- Anonymize data and aggregate data for statistics;
- Contact you about our products and services that may be of interest;
- Send you periodic emails, in accordance with the CAN-SPAM Act of 2003 as detailed in Section 13, via the email address provided by you to (i) send information, respond to inquiries, and/or other requests or questions; (iv) market to our mailing list.
We seek to protect the integrity of our Website and welcome any feedback. Please contact us at email@example.com.
5. HOW DO WE PROTECT INFORMATION WE COLLECT?
Our Website receives regular security scans and penetration tests. Our Website also receives regular malware scans. We require username and passwords for our employees who can access your personal information that we store and/or process on our Website and servers. In addition, we actively prevent third parties from getting access to your personal information that we store and/or process on our Website and servers. We will implement reasonable security measures every time you (a) enter, submit, or access your information, (c) register, or (d) access our Website.
6. DATA SECURITY MEASURES.
- Security Measures. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Website.
2. Fair Information Practice Principles. In the event of a personal data breach, we will notify you within seventy-two (72) hours via (i) email and/or (ii) our notification system on our Website. We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
7. DISCLOSURE OF PERSONAL INFORMATION
There are times when we may share Personal Information that you have shared with us may be shared by Nobody Studios with others to enable us to provide you over Services, including contractors, service providers, and third parties (“Partners”). This section discusses only how Nobody Studios may share such information with Partners. We will ensure that our Partners protect your Personal Information. The following describe how and with whom we may share your Personal Information:
Disclosure of Personal Information.
- We may disclose personal information to our subsidiaries and affiliates
- We may disclose to third parties to market their products and services to you if you have either consented or not opted out of these disclosures.
- We may disclose personal information to third parties to market their products and services if you have either consented or not opted out of these disclosures.
- We may disclose personal information for any other purpose for which you have provided it.
Other Disclosure of Personal Information.
Third Party Disclosure.
- We do not sell, trade, rent, or otherwise transfer personal information to others, unless we provide you with advance notice. This does not include our hosting partners and other parties who assist us in operating our Website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
- We do not provide non-personally identifiable visitor information for marketing purposes.
Choices Users Have About How Nobody Studios Uses and Discloses Information.
8. GOOGLE ADSENSE AND GOOGLE ANALYTICS
We use these Cookies to compile data regarding User interactions with ad impressions and other ad service functions as they relate to our Website.
9. FOR OUR EUROPEAN CUSTOMERS AND VISITORS
We are headquartered in the United States. Most of the operations are located in the United States. Your Personal Information, which you give to us during use of our Website, may be accessed by or transferred to us in the United States. If you are visiting our Website or registering for our Services from outside the United States, be aware that your Personal Information may be transferred to, stored, and processed in the United States. Our servers or our third-party hosting services partners are located in the United States. By using our site, you consent to any transfer of your Personal Information out of Europe, UK, or Switzerland for processing in the US or other countries.
- If you are a resident of or a visitor to Europe, you have certain rights with respect to the processing of your Personal Data, as defined in the General Data Protection Regulation (“GDPR”).
- Please note that in some circumstances, we may ask you to provide us with additional information in connection with your request, which may be Personal Data, for example, if we need to verify your identity or the nature of your request.
- In such situations, however, we will still respond to let you know of our decision.
- As used herein, “Personal Data” means any information that identifies you as an individual, such as name, address, email address, IP address, phone number, business address, business title, business email address, company, etc.
- Our lawful basis for processing your personal data
A. Processing on the basis of legitimate business interests. When we process personal information on the basis that the processing is necessary for our legitimate business interests, such interests include:
i. providing, improving, and promoting our Internet Website, products, and services;
ii. improving, and promoting our Internet Website, products, and services; communicating with current and potential customers, other business partners, and their individual points of contact;
iii. managing our relationships with our customers and other business partners, and their individual points of contact;
iv. other business development purposes;
v. sharing information within our group, as well as with service providers and other third parties; and
vi. maintaining the safety and security of our products, services and employees, including fraud protection.
B. Processing on the basis of performance of a contract. Examples of situations in which we process personal information as necessary for performance of a contract include e-commerce transactions in which you purchase a product or service from us on your own behalf, through our Website.
C. Processing on the basis of consent. Examples of processing activities for which we use consent as our legal basis include:
i. collecting and processing precise location information from your mobile device;
ii. sending promotional emails when consent is required under applicable law; and
iii. processing personal data on our Websites through cookies and similar technologies when consent is required by applicable law.
D. Processing because we are under a legal obligation to do so. Examples of situations in which we must process personal data to comply with our legal obligations include:
i. payment of taxes and other government levies;
ii. providing your personal data to law enforcement agencies and other governmental bodies when required by applicable laws;
iii. retaining business records required to be retained by applicable laws; and
iv. complying with court orders or other legal process.
E. Additional information about the retention of your personal data: To determine the period for which your personal data will be retained in accordance with this policy, we consider criteria such as:
i. any applicable legal requirements to retain data for a certain period of time;
ii. any retention obligations related to actual or potential litigation or government investigations;
iii. any retention requirements in relevant agreements with our business partners;
iv. the date of your last interaction with us (including with our Website, communications, etc.);
v. the length of time between your interactions with us;
vi. the sensitivity of the data; and
vii. the purposes for which the data was collected
B. The New SCCs.
- The New SCCs took effect on June 27, 2021.
- The Old SCCs may still be used for new data transfers in new contracts during a three-month transition period that ends on September 27, 2021.
- Existing data transfers contracts that rely on the Old SCCs can be used until December 27, 2022, by which time all data transfers relying on the Old SCCs must be transitioned to the New SCCs.
- As of now, we and our customers are using the New SCCs to transport Personal Data from the EU to other countries including the US for processing by us.
- You are the Controller, as defined in the GDPR, and the Exporter, as defined in the New SCCs, of the Personal Data and we are a processor, as defined in the GDPR, and the Importer of such Personal Data.
- You agree to comply with the GDPR rules that apply to Controllers and the New SCCs rules that apply to Data Exporters. We agree to comply with the GDPR rules that apply to Processors and the New SCCs rules that apply to Data Importers.
C. Our GDPR Compliance Commitment.
- We agree to fully comply with the letter and the spirit of the GDPR and the New SCCs with respect to the transfer or your Personal Data for Processing outside the EU.
- As a Data Importer, a User may contact us as set forth in Subsection 9(d) below with respect to the Personal Data we store and process on you.
- We hereby notify you that we will be processing, as defined in the GDPR, the Personal Data of your Authorized Users (i.e., those individuals whom you have authorized to access our Platform and to use our Services) in the US, Canada, and Turkey for us to be able to provide the Services to you that we have agreed to do in our definitive service agreement between you and us.
- Upon request, we will provide you with a list of your Personal Data that we will process and a copy of the New SCCs under which we will transport your Personal Data for processing.
- We hereby warrant that, at the time of agreeing to the SCCs for the transport of your Personal Data, we have no reason to believe that the laws and practices applicable to us as a data processor and a data importer, including those of the US, Canada, and Turkey are not in line with the requirements of the New SCCs.
- If we cannot satisfy any request or dispute to your satisfaction, we will agree to arbitrate or litigate the dispute in the EU jurisdiction in which your reside.
- We will only transfer your Personal Data to a third country in accordance with documented instructions from you.
- Your Personal Data will be transferred and stored in an encryption format.
- Only our employees, who have a need to access your Personal Data to enable us to meet our contractual and legal obligations to you, will be given access to your Personal Data.
- Such employees will be given a User Name and Password to access your Personal Data.
- We will keep an automated record of all persons who have accessed your Personal Data.
- Access: You can request more information about the Personal Information we hold about you. You can also request a copy of the Personal Information.
- Rectification: If you believe that any Personal Information we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
- Objection: You can contact us to let us know that you object to the collection or use of your Personal Information for certain purposes.
- Erasure: You can request that we erase some or all of your Personal Information from our systems.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Information.
- Portability: You have the right to ask for a copy of your Personal Information in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.
- Withdrawal of Consent: If we are processing your Personal Information based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, it may limit your ability to use some/ all of our Services or Platform and you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Information, if such use or disclosure is necessary to enable you to utilize some or all of our Services and Platform.
- Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personal Information with the supervisory authority of your country or EU Member State. Please go to https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm to locate your Data Protection Authority in the EU. You may contact the UK’s Information Commissioner at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113.
- We will respond to your inquiry within thirty (30) days of the receipt.
10. FOR OUR CANADIAN USERS
A. Definition of Personal Information. Any information about an identifiable individual. Whatever may be the physical form or characteristics of a particular regime for “business contact information” (name, position, title, address, professional phone number, etc.)
B. Right to Access Personal Information. You can request to access your personal information we hold about you. We will first confirm whether you have requested such information, explain how we have used your information, provide a list of names with whom your information has been shared and provide a copy of your information in an accessible format and make alternative formats available if requested.
C. Right to Correction/Limited Right to Deletion. You can request us to correct or delete your information IF you demonstrate that the personal information we hold on you is inaccurate. We will delete or correct your information within thirty (30) calendar days. When we delete/correct your personal information we will inform the third parties with whom we have shared your information.
D. Right to be Forgotten. Your information will be kept with us for as long as it is required for the fulfillment of the purposes of Nobody Studios’ Website. Unless we otherwise give you notice, we will retain your Information on the Nobody Studios’ Website on your behalf until such times as you or we terminate your User Account.
E. Data Breach Notification. We will send a notification to you as soon as feasible regarding the information of any breach that creates a “real risk of significant harm” to you. We keep a record of every data breach and, on request, provide the Office of the Privacy Commissioner with access to the record.
F. Canadian Privacy Officer. We have appointed a Canadian Privacy and Data Protection Officer, Greg Lovett, firstname.lastname@example.org, to make sure the privacy rights of our Canadian users are protected in compliance with PIPEDA.
G. Two Factor Authentication. You may enable two-factor authentication on your account to help ensure that only you can access your account. If you do, in addition to entering your password to log in to your account to access the Nobody Studios’ Website, we will send a code to your mobile number, which you will need to enter. This added security prevents anyone else from accessing your Nobody Studios account unless they have access to your login information, if applicable.
11. YOUR CALIFORNIA PRIVACY RIGHTS
Nobody Studios does not sell, trade, or otherwise transfer to outside third parties your “Personal Information” as the term is defined under the California Civil Code Section § 1798.82(h). Additionally, California Civil Code Section § 1798.83 permits Users of our Website that are California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to email@example.com or write us at Nobody Studios, 1968 S. Coast Hwy #3703, Laguna Beach, CA 92651 USA.
Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide our services to you and (ii) we may need to keep such Personal Information for a while during the shutting down and billing process. If you would like to discuss our Personal Information storage and processing process with us, please send us an email at firstname.lastname@example.org or write us at Nobody Studios, 1968 S. Coast Hwy #3703, Laguna Beach, CA 92651 USA.
12. COPPA COMPLIANCE (FOR CHILDREN UNDER 13 USERS ONLY)
The Children’s Online Privacy Protection Act (“COPPA”) is a federal legislation that applies to entities that collect and store “Personal Information,” as the term is defined under COPPA, from children under the age of 13. We are committed to ensure compliance with COPPA. Our Website is not meant for use by children under the age of 13. Our Website does not target children under the age of 13, but we do not age-screen or otherwise prevent the collection, use, and personal disclosure of persons identified as under 13. If you would like to know more about our practices and specifically our practices in relation to COPPA compliance, please email us at email@example.com.
IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR WEBSITE.
13. CAN-SPAM ACT OF 2003
The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations. Per the CAN-SPAM Act, we will:
- not use false or misleading subjects or email addresses;
- identify the email message as an advertisement in some reasonable way;
- include the physical address of Nobody Studios, which is 1968 S. Coast Hwy #3703, Laguna Beach, CA 92651 USA;
- monitor third-party email marketing services for compliance, if one is used;
- honor opt-out/unsubscribe requests quickly; and
- give an “opt-out” or “unsubscribe” option.
If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us at firstname.lastname@example.org and we will promptly remove you from all future marketing correspondences.
15. LIST OF THIRD-PARTY SERVICE PROVIDERS
|Name of Third-Party Service Provider||Contact Information|
|HubSpot, Inc.||Website: https://www.hubspot.com/
Privacy Query Form: https://preferences.hubspot.com/privacy
Address: 25 First Street, 2nd Floor, Cambridge, MA 02141 USA
|Google Analytics||Website: https://analytics.google.com
Address: 1600 Amphitheatre Pkwy, Mountain View, CA 94043
|Sprout Social, Inc.||Website: https://sproutsocial.com/
Address: 131 S. Dearborn St. Suite 700. Chicago, IL 60603.
|OpenDeal Inc. DBA Republic||Website: https://republic.com/
Address: 149 E 23rd St #200, New York, NY 10010
Additionally, if you have any questions or concerns about our third-party service providers, please email us at email@example.com.
16. COPYRIGHT INFRINGEMENT/DMCA NOTICE
If you believe that any content on our Website violates your copyright, and you wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA Takedown Notice”) must be provided to our designated Copyright Agent.
- Your physical or electronic signature;
- Identification of the copyrighted work(s) that you claim to have been infringed;
- Identification of the material on our Website that you claim is infringing and that you request us to remove;
- Sufficient information to permit us to locate such material;
- Your address, telephone number, and email address;
- A statement that you have a good faith belief that use of the objectionable material is not authorized by the copyright owner, its agent, or under the law; and
- A statement that the information in the notification is accurate, and under penalty of perjury, that you are either the owner of the copyright that has allegedly been infringed or that you are authorized to act on behalf of the copyright owner.
Nobody Studios’ Copyright Agent to receive DMCA Takedown Notices is DMCA Copyright Manager, at firstname.lastname@example.org and at Nobody Studios, Attn: DMCA Notice, – 1968 S. Coast Hwy #3703, Laguna Beach, CA 92651 USA. You acknowledge that for us to be authorized to take down any content, your DMCA Takedown Notice must comply with all the requirements of this Section. Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorney’s fees incurred by Nobody Studios in connection with the written notification and allegation of copyright infringement.
17. ANTI-BRIBERY COMPLIANCE
Nobody Studios represents and warrants that it is fully aware of and will comply with, and in the performance of its obligations hereunder will not take any action or omit to take any action that would cause it or its customers to be in violation of, (i) U.S. Foreign Corrupt Practices Act, (ii) U.K. Anti-Bribery Act, (iii) India Prevention of Corruption Act of 1988, or (iv) any other applicable anti-bribery statutes and regulations, and (v) any regulations promulgated under any such laws. Company represents and warrants that neither it nor any of its employees, officers, or directors is an official or employee of any government (or any department, agency or instrumentality of any government), political party, state owned enterprise or a public international organization such as the United Nations, or a representative or any such person (each, an “Official”). Company further represents and warrants that, to its knowledge, neither it nor any of the Supplier Personnel has offered, promised, made or authorized to be made, or provided any contribution, thing of value or gift, or any other type of payment to, or for the private use of, directly or indirectly, any Official for the purpose of influencing or inducing any act or decision of the Official to secure an improper advantage in connection with, or in any way relating to, (A) any government authorization or approval involving Nobody Studios, or (B) the obtaining or retention of business by Nobody Studios.
18. CONTACT US
- Privacy Officer
- Email: email@example.com
- Address: Nobody Studios, 1968 S. Coast Hwy #3703, Laguna Beach, CA 92651 USA;