This Policy does not apply to the extent that we process Personal Data in the role of a service provider on behalf of our customers. We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Privacy Policy. That said, we have provided our customers with tools to ensure member privacy in our applications.
Crowdstack, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Crowdstack, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Crowdstack, Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit the Data privacy framework website.
Collectively, we refer to the EU-U.S Framework, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Framework as the "Principles".
Information That You Provide Us: When you sign up for any account or service operated by us, we store all information that you provide to us. This may include personal information like email addresses, your name, passwords, phone numbers, birth date, gender, and address information. For services that require payment, we also collect credit card information, which is stored in encrypted form on secure servers, including PCI-compliant third-party vendors.
If you register and grant access to a third party social network (e.g., Facebook) or integrated service (e.g., Google), we will collect the personal information directly associated with those accounts. This includes your name, email address and the unique identifier provided by the service. The information collected from these third parties will be managed in accordance with this privacy policy.
Browser Cookies: When you use one of our services, we may store certain information in browser cookies. These cookies identify your browser and allow us to enhance your online experience. Most browsers are configured to accept cookies, but you may change your browser's settings so that you are informed every time a cookie is set, or to prevent cookies from being set at all. Please note, however, that many of our services do not function properly if cookies are disabled. Advertisers or other third parties do not have access to our cookies. However, such advertisers may set their own cookies. Such cookies are subject to the advertisers' own privacy policies, not this Policy.
Analytics: On sites that we own (e.g. crowdstack.com), we track overall usage and traffic on our own sites, including page views, visits, IP addresses, and traffic sources, using third party services like Google Analytics. We do not use Google Analytics (or any other third party analytics services) on Crowdstack Pro customer sites. For all other services, however, we use Google Analytics to track usage and traffic on an aggregated basis, including page views, visits, and traffic sources.
Visit Information Via Server Logs: We record information on our server logs from your browser, including your IP address, cookie information, and page request.
User Communications: Any email or written correspondence that you send us may be stored.
Transaction Records: Data from any monetary transaction taking place via our service may be stored.
We use collected information to enhance your experience online, authenticate you when you sign in, send notifications, fulfill your requests for services, contact you, customize the advertising or content that you see, and provide anonymous reporting for internal and external clients.
We do not track your activity between sites using our services, or from one of our sites to another; therefore "do not track" requests are not applicable for our platforms and services. If you are on a site hosted by us that is serving third party ads, that particular ad partner is responsible for its response to your browser's Do Not Track request.
We do not share personal information with other individuals, organizations, or companies outside of our company and its related entities, unless we have your consent or unless:
We are not responsible for the processing of your personal information by any third party, other than those third parties acting as our subcontractors to process data on our behalf. We remain liable and responsible for the data processing undertaken by our subcontractors on our behalf.
Note that we may share certain aggregated, non-personal information, such as demographic information, browser type, and usage statistics. In such cases, the information does not identify you personally.
Profile information collected by sites hosted by us is collected by the sites themselves. Thus, you should review the privacy policy for each site before joining sites hosted by us.
While we do not provide any personal information to advertisers, it is possible that, if you view a certain ad, it may have been delivered to you based on targeting demographic criteria (for example, men who are between 18-24 years of age). Please note that in such situations, the advertiser does not know any specific personal information about you. You understand, however, that the advertiser will make the assumption that you meet its particular targeting criteria. We may also share conversion data with advertisers.
We process personal information only for the purposes for which it was collected, and in accordance with the Principles. We review our data collection, storage, and processing practices to ensure that we only collect, store, and process the personal information needed to provide our services. We depend on our users to update or correct their own personal information.
Depending where you reside, you have certain rights related to your personal data. The rights available to you depend on our reason for processing personal information. Please note that these rights are also subject to local data protection laws and regulations, and that these rights do not apply in all situations.
Your rights include:
To exercise your rights, please contact us at [email protected]. We respond to all legitimate requests and will contact you if we need additional information from you in order to honor your request. Additionally, some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.
We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those explained in this Privacy Policy. If your data has been submitted to us by or on behalf of one of our customers and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.
We are a U.S.-based business that operates on a global basis. This means that your personal information may be transferred to and stored in the United States, which may be subject to different standards of data protection than your country of residence.
We take appropriate steps to ensure that transfers of personal information are in accordance with applicable law, are carefully managed to protect your privacy rights and interests and limited to countries which are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.
We periodically review our compliance with the Principles. If you have questions or concerns, please contact us at: Crowdstack, Inc., ATTN: Crowdstack Privacy Administrator, 1985 Riviera Drive, Suite 103-122, Mount Pleasant, SC 29464, USA. If you contact us at this address with your concerns/questions, we will respond. We will also cooperate with the appropriate regulatory authorities to resolve any complaints regarding the transfer of personal information that cannot be resolved between us and you.
We restrict access to personal information to our employees, contractors, related entities, and agents who need to access the information in order to operate, sustain, improve, or repair our services. These individuals are bound to confidentiality agreements and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We take appropriate security measures to protect your information. These measures include physical, electronic, and procedural safeguards, as well as software/system security reviews.
If your dispute or complaint cannot be resolved through our internal process, we have agreed to cooperate with and participate in, the dispute resolution procedures of the EU Data Protection Authorities, the UK ICO, and the Swiss Federal Data Protection and Information Commission. You may contact the relevant EU Data Protection Authority here to seek independent recourse: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm
You may contact the UK ICO here: https://ico.org.uk/make-a-complaint/data-protection-complaints/data-protection-complaints/.
You may contact the Swiss FDPIC here: https://www.edoeb.admin.ch/edoeb/en/home/datenschutz/datenschutz-services.html.
If your dispute or complaint cannot be resolved by us, nor by the panel established by the EU Data Protection authorities or through the U. S. Department of Commerce, you may have the right to require that we enter into binding arbitration pursuant to the Recourse, Enforcement and Liability Principle and Annex I.
We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
We are classified as a “service provider”, not a “business” or “third party”, with respect to your use of the Service. That means we process any data you share with us only to provide the Service. We will not retain, use, disclose, or sell any of that information for any other commercial purposes. In addition, we do grant rights to your information as detailed in this Privacy Policy.
The European Union has stronger privacy laws than the United States and a core tenet of the GDPR is that any EU personal data transferred out of the EU must be protected to the same level as guaranteed under EU law. We aspire to protect all personal data - no matter where it is processed and/or stored. For EU based customers, we provide options for processing data within the EU for some of our service plans. In addition, we can provide a standard Data Processing Addendum (DPA) that is GDPR-compliant.
We grant rights to your personal data in accordance with Brazil’s General Data Protection Law. In addition, we do not collect sensitive data (which is data that relates to racial or ethnic origin, religious beliefs, political opinion, affiliation to unions or political, philosophical or religious organizations, health information, sexual preference, or genetic and biometric data) or use anonymized data to formulate behavioral profiles of a particular natural person, if that person is identified.
We may revise this Policy in the future. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address on your account.
If you have any questions or comments, or wish to file a complaint regarding our Policy, please contact us at:
Crowdstack, Inc.
Crowdstack Privacy Administrator
1985 Riviera Drive
Suite 103-122
Mt. Pleasant, SC 29464 USA