The Basic Principles
- What We Don’t Do: We don’t profile you and we don’t give your personal information to others for marketing purposes.
- Privacy by Design: We follow the principles of “Privacy by Design”, which means we try to receive the minimum amount of personal information necessary or appropriate to provide the Services.
- Your Controls: We try to give you the opportunity to see what we have received and how we share it and also for you to request that changes be made on it or that the information be removed.
For those of you familiar with what is known as “GDPR” in most of Europe (the General Data Protection Regulation of the European Union) you will see that the principles above are quite similar to the principles inherent in the GDPR.
Users in or from the EEA
If you are from or in the European Economic Area then you need to click here for more information.
FOR USERS FROM THE EEA. You have to read and consent to the GDPR privacy policies (users from other regions do not need to do so).
How to Reach Us
We want to communicate with you. If you have any questions as to how we handle your personal information or you wish to report something, please contact us as follows:
By email: [email protected]
> ATTN: Vocal Privacy
c/o Creatd, Inc.
419 Lafayette Street
New York, NY 10003
Please note: Below is the full, official policy, which we summarized above. The language below governs if there is any conflict with the summary above.
We are Creatd, Inc. and we respect the privacy of visitors to our network of websites on the vocal.media platform. (We call these “Sites” and the various features and functionality we provide the “Services”).
1.1 For users in the EEA
The EEA—which stands for the *European Economic Area*—includes the members states of the European Union and Iceland, Lichtenstein and Norway. Users in or from those countries have rights under the regulation for that region, the General Data Protection Regulation (known as the “GDPR”) including, for example, having us change or remove all or part of the Personal Information we hold.
1.2 Children’s Privacy
Regarding minors, our Sites and Services are not directed to individuals under 13. We do not knowingly receive Personal Information from anyone under 13 and will delete such information if we learn about it. If you become aware that your child under 13 has provided us with Personal Information or created an account, please contact us at [email protected].
Under California law, individuals under 18 who are users have rights of removal of Personal Information about them. If you are—or your child is—under 18 and there is an account in your name (or the name of that child), then upon request the Personal Information can be removed by emailing the address above. Please understand that we will have to verify your request, which might mean that we will contact you. Please also note that such removal might not be comprehensive because, for example, relevant User Content has been re-posted elsewhere or because the Personal Information is in archives and backups maintained for purposes noted above.
1.3 Notice to California Users: Your Privacy Rights
- A. “Shine the Light” Law and Disclosure to Third Parties: California has a privacy law known as the “Shine the Light” law. That law applies to our Sites because they are accessible in California. The law (at Civil Code Section 1798.83) gives California users the right to prevent us from disclosing their Personal Information to third parties that use such information for their direct marketing purposes. The law also requires certain companies to respond to California users requests to disclose business’ practices related to disclosing Personal Information to third parties for those direct marketing purposes. As an alternative, companies subject to the “Shine the Light Law” can have in place a policy of not disclosing Personal Information for such marketing purposes. We don’t share any such Personal Information. Period. We have a policy against it (so that would be the third alternative above).
4. Information We Receive and How We Receive It
We receive information about you—which is defined below as “Personal Information”—and your use of our Services—which is “Technical Information”—that comes from systems that measure use of our Services and also from Cookies on your browser (explained below). This Section 4 explains the information received and how it is received. The next section, Section 5, explains our use. Section 8 explains how you can protect your Personal Information and control what we receive and use.
4.1 Personal Information
- A. Definition: Applicable laws define personal information in numerous ways. Some of those definitions extend to information well beyond what we receive. We do not receive (or use) all that much. However, we have adopted the definition of “Personal Data” set forth in the General Data Protection Regulation of the European Union (“GDPR”) and called it “Personal Information.” Personal Information means: any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- B. Some Examples:
- Just Visiting? Then we do not receive “Personal Information” but only “Technical Information,” which we have defined below (typically from Cookies). In some jurisdictions the Technical Information could fall within the above definition of Personal Information, so we are careful with its use, too.
- Creating an Account? If you create an account or log into an existing account or use other features (described in more detail below), then we would receive the following: your name and username; your password; your email address. If you log in through a social network, then that network might provide us with some Personal Information.
- Connecting Stripe? We may receive limited information from Stripe through “Stripe Connect,” which is used to enable login. This may require proof of ID in the form of a photo of your official identification card or passport. This is to prevent fraudulent accounts from being able to connect Stripe. We do not collect and store any of this information.
- Posting User Content? If you post User Content and it includes information about you (such as your physical features or political or religious positions) we receive that information because we have to post the User Content and archive it but we do not use it.
- C. How We Receive Personal Information: Generally speaking, you provide us with Personal Information by: (1) logging into, or creating, an account; (2) providing feedback to us; (3) posting a review or making other comments on any public forums available on the Sites; (4) entering a contest or sweepstakes or filling out a survey; or (5) submitting other user-generated or submitted content (#2 through 5 are defined as “User Content”). We also may receive Personal Information from Site usage to help us improve Site performance, content selection, product design, and usability.
- Using Social Media for Access: You can create an account or log in using social media such as Facebook or Twitter. Personal Information that these social media platforms collect as a function of your using them to access any of our Sites is subject to privacy policies of the social media platform that you use for access.
- Providing Us with Personal Information through User Content: You might end up providing us with Personal Information when you submit User Content, including your use of any public forums we may offer such as newsfeeds, blogs, message boards or similar tools, and articles, videos, posts or comments you make. If you include in your posts, etc., your location, ethnicity, gender and other such information then you are making such Personal Information available to any visitors to any of our Sites. We do nothing with such information, but that Personal Information could end up elsewhere by other users.
4.2 Technical Information
- A. Definition: When you visit a Site, it automatically recognizes: your domain name; IP address and region or geographical area; browser version; operating system; the website you passed through to reach our Site; and usage information such as the number and frequency of visitors to each Site and its various web pages or content. We also may receive certain Technical Information through Cookies and similar tools as further described in the section below. We define this information as “Technical Information.”
- B. How We Receive Technical Information: We receive Technical Information through Cookies, Web Beacons and Pixel Tags, each of which is defined below.
- Cookies: Cookies are pieces of information that many websites transfer to your browser and that are then stored in your computer’s system. The Cookies then provide information, as noted above, on matters such as your domain name, IP address and so forth. We use our own Cookies and information from third party Cookies. Third party Cookies are typically inserted into your computer when you visit websites of third parties (i.e., not one of our Sites) long before you visit one of our sites. We do not control when or how third parties place Cookies on your computer.
- Web Beacons and Pixel Tags: Web beacons, also known as “clear gifs”, “one-pixel gifs”, “web bugs”, “Internet tags” or “pixel tags”, are small graphic images (usually invisible) that can be embedded in content and advertising on a website or in an email. These may be embedded on our Sites or on advertisements there or on third party sites you visit from our platform. Web beacons can recognize certain types of information on your browser, check whether you have viewed a web page or email message, and determine, among other things, the time and date that you viewed the web beacon, the IP address of your computer, and the URL of the web page from which the web beacon was viewed. We use web beacons to improve your experience, including to provide you with content customized to your interests.
5. How We Use Information We Receive
We use information primarily to provide a good user experience, which includes enabling you to use the Services, communicating with you and, as a result, improving the performance of our Services. When we write “use the information” we mean, for example, knowing who you are when you login, which simplifies the login process and points you to content and Services that are consistent with your preferences. We need to communicate with you about your account (if you have one), User Content and our Services. And, improving the Services means that we need to learn how fast pages load, where people view content, where they go and so forth. (All of that comes from Technical Information. We are not personally tracking you.)
5.1 How We Use Personal Information
- B. What We Do Not Do: We’re proud of the limits we have adopted to our use of your Personal Information because it strengthens our commitment to our users as members of a community. So here is a brief list:
- We don’t license, sell or give away your Personal Information—e.g., to someone who will market to you.
- We don’t profile you.
- We don’t keep your Personal Information beyond the time-frame we need for our Services and our obligations under contract with you.
- C. Sharing of Personal Information: Except as otherwise described in this section, we do not share your Personal Information with third parties for their own use. In particular, we do not provide it to third parties for them to market to you.
- Processing for Your Account, etc.: The main sharing of your Personal Information comes when you want to establish an account, so we have to transmit your Personal Information to a third party that manages those accounts, which is currently Stripe. You are redirected to Stripe, where you establish your account, which is called the “Stripe Connect” service that generates the Stripe Access Token, Refresh Token, Publishable token, Account Type and user ID. This Stripe Connect service may require users to provide an image of an official identification card or passport to validate identify, but this information is not stored with us and is not used in any way once the validation process is complete.
- Re-publication of User Content: From time to time, we receive requests from other media companies to license some User Content they have seen on one or more of our Sites. *We never provide it to them without first obtaining the express consent of the user that created that User Content.* If that user does not consent, then we do not share the relevant Personal Information with that media company.
- When You Use Social Media for Access: When you log-in to a Site through social media platform (e.g., with "Log In With Facebook") Personal Information can be exchanged based on the Sites you visit or other Services you use. We recommend that you familiarize yourself with those services’ privacy policies and privacy controls. In addition, when you visit the Site while logged into one of those services, that service might be able to identify you and associate the Technical Information with other information the service already has about you.
- Aggregated Information: Finally, we may also share de-identified aggregate information with third parties and advertisers so they can measure the effectiveness of any advertisements viewed in connection with our Sites and understand their audiences. For example, we may tell advertisers the number of users who clicked on a particular advertisement. We might also use such aggregated information to modify our Services for better performance or other reasons.
5.2 How We Use Technical Information
The Technical Information we receive (e.g., from Cookies) is used to enable your use of the Services such as storing your login information to accelerate that process or to respond to your preferences. We also use Technical Information to customize our infrequent newsletters, as well as advertising and Site content based on browser type and user profile information. The Technical Information may also provide measurements of overall and specific activity on our Sites in the use of other Services, allowing us to modify the look-and-feel, content and performance of our Services.
Third Party Services and Advertising
- A. Third Party Services: When you use our Services you may find links to sites, services or applications from third parties (“Third Party Services”). You acknowledge that such links are provided for your convenience only and do not constitute an endorsement by us of such Third Party Services. As we do not control these Third Party Services, we assume no responsibility for the privacy practices of such Third Party Services. We encourage you to review the privacy policies posted on those, and all, Third Party Services.
- B. Third Party Advertising: We do not have a lot of advertising on our Sites. But, some of the advertising is delivered by third-party Internet advertising companies (also called “ad networks” or “network advertisers”). The rest of the ads are our own.
7. How Long Do We Keep the Personal Information?
If you are posting User Content under that agreement, please note that we might continue to post it after your account is deactivated. Any association between your account and information we store will no longer be accessible through your account. However, any public activity on your account prior to deletion will remain stored on our servers and might remain accessible to the public. In addition, we will keep archived copies of your Personal Information for the legal purposes we described above (e.g., to respond to government requests, and if we are involved in legal disputes that involve you or your Personal Information).
8. What You Can Do about the Information We Have
- Of access to your Personal Information—which also means what it says: Ask us and we’ll show it to you.
- To rectify errors in your Personal Information—which means that we will try to correct errors in that Personal Information for truthfulness and accuracy.
- To restrict “processing” (our storage and use) of your Personal Information—which mean that you can tell us about limits on the use.
- To data portability of your Personal Information—which means that we will provide you with a copy of the Personal Information we have.
- To control automated decision making and profiling (which we do not do, anyway)—which means that there are certain additional rules where no human intervention as to your data occurs as to making decisions or profiling you. We do not do either, so it is not relevant.
Of course, we’ll have to verify you are who you are when you make the requests. Please also understand that we might not comply with your requests if we believe that the changes you wish to make are fraudulent or not truthful or accurate. In addition, we will not remove Personal Information that is archived for legal purposes, such as responding to government requests.
- B. Consequences: Some of your requests above will have certain consequences that might be negative to you. For example, if you wish to have your Personal Information erased, then you will not be able to use your account and other Services that rely on access to your Personal Information.
- C. What to Do: If you want to do any of the above, then please email us at: [email protected] (and include something informative in the subject line). We will reply to you to confirm your request (and as far as we can tell, to determine if you are you) and then respond to your request. The actions to complete your request may take some time. Here are some of the things that can be done:
- Finding out about Personal Information: You can access information associated with your account by logging into the Services. You can always opt not to disclose certain information to us, even though it may be needed to take advantage of some of our features.
- You Want to Change What You Receive from Us: If at any time you wish to stop receiving marketing communications from us (e.g., by email), usually there is an unsubscribe button or you can change the respective settings in your profile on the Site or contact us at [[email protected]](mailto:[email protected]) to make this request.
- Changing Your Browser Settings: Most web browsers are set up to accept Cookies. You can, however, reset your browser to refuse all Cookies or to indicate when a Cookie is being sent. If you choose to decline Cookies, some of the functionality of our Sites or other Services may be impaired. (Please remember that we cannot help you on this.)
- Deactivating Your Account: You can deactivate your account. Please note that we will need to verify that you have the authority to deactivate the account. Activity generated prior to deactivation will remain stored by us and some of it (like your posts) may be publicly accessible. Should you ever decide to deactivate your account, you may do so by emailing [email protected].
9. Protecting Your Information
We believe that we use reasonable physical, electronic, and managerial procedures to safeguard and secure the Personal Information we receive online but we do not warrant or represent that its level of security meets or exceeds any specific standards. You should keep in mind that no Internet transmission is 100% secure or error-free, nor is stored data free from vulnerabilities. We cannot guarantee the security of our database or our Sites or other Services, nor can we guarantee that the information you supply will not be intercepted while being transmitted to us over the Internet. We are not responsible for the actions of third parties.
Your account information will be protected by a password for your privacy and security. You need to prevent unauthorized access to your account and Personal Information by selecting and protecting your password appropriately and limiting access to your computer and browser by signing off after you have finished accessing your account.
How Can You Ask Questions or Raise Concerns?
If you have other questions or concerns about our privacy policies or data use, or wish to change your options, email us at [email protected].
Effective Date: September 7, 2021