COLLECTIVELY PRIVACY POLICY

Last modified and effective as of: August 13, 2018

THIS PRIVACY POLICY RELATES TO INFORMATION COLLECTED ONLINE BY COLLECTIVELY, INC. (“COLLECTIVELY” OR "WE" OR “US” OR “OUR”) THROUGH YOUR USE OF THE WEBSITE COLLECTIVELYINC.COM (“SITE”) AND ANY SUBDOMAINS AND THE SERVICES, FEATURES, AND INFORMATION AVAILABLE THROUGH THE SITE AND/OR ANY MOBILE APPLICATIONS WE MAY OFFER (ALONG WITH ASSOCIATED AND SUCCESSOR WEBSITES, APPLICATIONS, FEATURES, INFORMATION, AND SERVICES, OR ANY PART THEREOF, THE “SERVICE”). “YOU” AND “YOUR” MEAN A USER OF THE SERVICE.

YOU SHOULD CAREFULLY READ THIS PRIVACY POLICY. BY USING THE SERVICE, YOU ARE SIGNIFYING YOUR ACCEPTANCE OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT USE THE SERVICE.

To the extent that the Service is available to individuals located in the European Economic Area and the United Kingdom we are bound by and act in compliance with the General Data Protection Regulation 2016/679 (“GDPR”). This Privacy Policy sets out our practices and obligations under the GDPR.

As used in this Privacy Policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization or among our affiliates within the United States or internationally.

WHAT INFORMATION ABOUT ME IS COLLECTED?

In order to apply to join the Collectively community online, we may collect two types of information: personally identifiable information and non-personally identifiable information.

Personally Identifiable Information

Personally identifiable information is information that identifies you or can be used to identify or contact you, which may be your name, address, email address, and blog and social media channel names. Personally identifiable information amounts to ‘personal data’ for the purposes of and as defined in the GDPR. All references to personally identifiable information shall be deemed to include ‘personal data’ as defined and used in the GDPR.

Non-Personally Identifiable Information

Non-personally identifiable information is information, any single item of which, by itself, cannot be used to identify or contact you, including your birthday, ethnicity, gender, IP addresses, browser types, unique device identifiers, device types, requested URL, referring URL, browser language, the date and time of your visit, and statistical data involving the use of the Service. Certain non-personally identifiable information may be considered a part of your personally identifiable information if it were combined with other identifiers.

WHERE AND WHEN IS INFORMATION COLLECTED (INCLUDING THROUGH THE USE OF COOKIES AND ACTION TAGS)?

We will collect personally identifiable information that you submit to us. We may also collect personally identifiable information about you that is available on public websites.

Registering to Use the Service and in the Course of Using the Service.

You will be required to provide certain personally identifiable information in order to participate in the Collectively community. In addition, we may obtain your personally identifiable information from you if you identify yourself to us by sending us an e-mail with questions or comments.

Cookies

We may collect non-personally identifiable information passively using “cookies”.

“Cookies” are small text files that can be placed on your computer or mobile device in order to identify your web browser and the activities of your computer on the Service. We will use cookies to identify your web browser and to keep you signed in during page navigation.

You do not have to accept cookies to use the Service. Although most browsers are initially set to accept cookies, you may reset your browser to notify you when you receive a cookie or to reject cookies generally. Most browsers offer instructions on how to do so in the "Help" section of the toolbar. However, if you reject cookies, certain features or resources of the Service may not work properly or at all and you may experience some loss of convenience.

Log Files.

We also collect non-personally identifiable information through our Internet log files, which record data such as user search queries, IP addresses, browser types, domain names, and other anonymous statistical data involving the use of the Service. This information may be used to analyze trends, to administer the Service, to monitor the use of the Service, and to gather general demographic information. We may link this information to personally identifiable information for these and other purposes such as personalizing your experience on the Service and evaluating the Service in general.

DOES COLLECTIVELY COLLECT INFORMATION FROM CHILDREN UNDER 13 YEARS OF AGE?

We are committed to protecting the privacy of children. The Service is not designed for or directed to children under the age of 13. We do not collect personally identifiable information from any person we actually know is under the age of 13 without verifiable parental consent. If you are under the age of 13 you may not apply online; your parent or legal guardian must email us at community@collectivelyinc.com.

WHAT DOES COLLECTIVELY DO WITH THE INFORMATION IT COLLECTS?

We will only use your personally identifiable information to the extent that the law allows us to do so. Pursuant to the GDPR we rely on the following legal bases for processing your personally identifiable information:

  1. where you have given consent to the processing;

  2. where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Service or otherwise); and/or

  3. where it is necessary for the purposes of our legitimate interests (or those of a third party) and your interests or fundamental rights and freedoms do not override those legitimate interests.

Unless you opt out, we may subsequently send you electronic newsletters, contact you about the Service and products, services, information and news that may be of interest to you, provide you with marketing materials, and provide you with targeted feedback. If you no longer desire to receive these communications, we will provide you with the option to change your preferences in each communication we send to you. You may also inform us by email to: community@collectivelyinc.com. However, you will not be able to unsubscribe from important Service announcements and updates as they contain important information relevant to your use of the Service and are necessary for the performance of our contract with you.

If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personally identifiable information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.

WHEN DOES COLLECTIVELY DISCLOSE INFORMATION TO THIRD PARTIES?

Except as set forth in this Privacy Policy or as specifically authorized by you, we will not disclose any information we gather from you through the Service.

Laws and Legal Rights.

We may disclose your information (including personally identifiable information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. We may disclose personally identifiable information in special circumstances when we have reason to believe that disclosing this information is necessary to detect fraud, or to protect the safety and/or security of our users, the Service or the general public.

Sale of Business.

We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of Collectively or any of its Corporate Affiliates (as defined below), or that portion of Collectively or any of its Corporate Affiliates to which the Service relates, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Policy.

Affiliates.

We may disclose information (including personally identifiable information) about you to our Corporate Affiliates. For purposes of this Privacy Policy: "Corporate Affiliate" means any person or entity which directly or indirectly controls, is controlled by or is under common control with Collectively, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Privacy Policy.

Brand Clients.

We may share your personally identifiable information with our brand clients in connection with a potential or actual influencer marketing campaign.

Fulfillment Partners.

We may share your personally identifiable information with our fulfillment partners in order to send you products in connection with a campaign.

IS THE INFORMATION COLLECTED THROUGH THE SERVICE SECURE?

We want your information (including personally identifiable information) to remain secure. We strive to provide transmission of your information from your computer or mobile device to our servers through techniques that are consistent with industry standards and to employ administrative, physical, and electronic measures designed to protect your information from unauthorized access. We use Amazon Web Services (AWS) to host the Service and all information relating to your interaction with the Service. You can learn more about AWS’s data privacy policy here.

Notwithstanding the above, you should be aware that there is always some risk involved in transmitting information over the internet. There is also some risk that others could find a way to thwart our security systems. As a result, while we strive to protect your information, we cannot ensure or warrant the security or privacy of any information you transmit to us, and you do so at your own risk.

COULD MY INFORMATION BE TRANSFERRED TO OTHER COUNTRIES?

Personally identifiable information collected through the Service may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the Service may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. By using the Service and submitting information on or through the Service, you voluntarily consent to the trans-border transfer and hosting of such information. Without limitation of the foregoing, you hereby expressly grant consent to Collectively to:

(a) process and disclose such information in accordance with this Privacy Policy;

(b) transfer such information throughout the world, including to the United States or other countries that do not ensure adequate protection for personal information (as determined by the European Commission); and

(c) disclose such information to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you are a user accessing the Service from a jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from those of the United States, please be advised that all aspects of the Service are governed by the internal laws of the United States and the state of California, USA, regardless of your location. To the extent that we process personally identifiable information of individuals located in the European Economic Area or the United Kingdom we are bound by and act in compliance with the GDPR.

FOR HOW LONG WILL MY PERSONALLY IDENTIFIABLE INFORMATION BE KEPT?

We will only retain your personally identifiable information for as long as necessary to fulfil the purposes for which we collected it.

To determine the appropriate retention period for personally identifiable information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personally identifiable information and whether we can achieve those purposes through other means, and the applicable legal requirements.

WHAT CHOICES DO I HAVE REGARDING MY PERSONALLY IDENTIFIABLE INFORMATION?

Except as otherwise described in this Privacy Policy, we will only use personally identifiable information for the purposes described above or as otherwise disclosed at the time we request such information from you. You must "opt in" and give us permission to use your personally identifiable information for any other purpose. You may also change your preferences by contacting community@collectivelyinc.com.

Under certain circumstances and in compliance with the GDPR, you have the right to:

Request access to your personally identifiable information (commonly known as a ‘subject access request’). This enables you to receive a copy of the personally identifiable information we hold about you and to check that we are lawfully processing it;

Request correction of the personally identifiable information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;

Request erasure of your personally identifiable information. This enables you to ask us to delete or remove personally identifiable information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove all of your personally identifiable information in certain circumstances;

Object to processing of your personally identifiable information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;

Request the restriction of processing of your personally identifiable information. This enables you to ask us to suspend the processing of personally identifiable information, for example if you want us to establish its accuracy or the reason for processing it;

Request the transfer of your personally identifiable information to another party;

Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your personally identifiable information please do contact us. Alternatively you may lodge a complaint with the supervisory authority which is established in your country.

If you want to review, verify, correct or request erasure of your personally identifiable information, object to the processing of your personally identifiable information, or request that we transfer a copy of your personally identifiable information to another party, please contact community@collectivelyinc.com.

Such updates, corrections, changes and deletions will have no effect on other information that we maintain. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personally identifiable information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personally identifiable information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

DO NOT TRACK

The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to Do Not Track requests.

HOW WILL I KNOW IF THERE ARE ANY CHANGES TO THIS PRIVACY POLICY?

We may revise this Privacy Policy from time to time.  We will not make changes that result in significant additional uses or disclosures of your personally identifiable information without allowing you to “opt in” to such changes. We may also make non-significant changes to this Privacy Policy that generally will not significantly affect our use of your personally identifiable information, for which your opt-in is not required. We encourage you to check this page periodically for any changes. If any non-significant changes to this Privacy Policy are unacceptable to you, you must immediately stop using the Service. Your continued use of the Service following the posting of non-significant changes to this Privacy Policy constitutes your acceptance of those changes.

WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?

If you have any questions or comments about this Privacy Policy or feel that we are not abiding by the terms of this Privacy Policy, please contact us at community@collectivelyinc.com.

BY USING THE SERVICE YOU SIGNIFY YOUR ACCEPTANCE OF THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU SHOULD NOT USE THE SERVICE. CONTINUED USE OF THE SERVICE, FOLLOWING THE POSTING OF CHANGES TO THIS PRIVACY POLICY THAT DO NOT SIGNIFICANTLY AFFECT THE USE OR DISCLOSURE OF YOUR PERSONALLY IDENTIFIABLE INFORMATION, MEANS THAT YOU ACCEPT THOSE CHANGES.