PRIVACY POLICY

Welcome to Sprucedservices.com’s Privacy Policy!

Effective from our last updated September 26, 2020

Please read this privacy notice carefully as it will help you understand what we do with the information that we collect. 

Thank you for choosing to be part of our community at Spruced Services Ltd (“Company“, “we“, “us“, “our“). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us at info@sprucedservices.com.
 
When you visit our website http://www.sprucedservices.com (the “Website“), and more generally, use any of our services (the “Services“, which include the Website), we appreciate that you are trusting us with your personal information. We take your privacy very seriously. In this privacy notice, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.
 
This privacy notice applies to all information collected through our Services (which, as described above, includes our Website), as well as, any related services, sales, marketing or events.
 

TABLE OF CONTENTS
 
1. WHAT INFORMATION DO WE COLLECT?
2. HOW DO WE USE YOUR INFORMATION?
3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?
4. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
5. DO WE USE GOOGLE MAPS?
6. HOW LONG DO WE KEEP YOUR INFORMATION?
7. HOW DO WE KEEP YOUR INFORMATION SAFE?
8. DO WE COLLECT INFORMATION FROM MINORS?
9. WHAT ARE YOUR PRIVACY RIGHTS?
10. CONTROLS FOR DO-NOT-TRACK FEATURES
11. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
12. DO WE MAKE UPDATES TO THIS NOTICE?
13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
14. HOW CAN YOU REVIEW, UPDATE OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us
 
In Short:  We collect personal information that you provide to us.
 
We collect personal information that you voluntarily provide to us when you register on the Website, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Website or otherwise when you contact us.
 
The personal information that we collect depends on the context of your interactions with us and the Website, the choices you make and the products and features you use. The personal information we collect may include the following:
 
Personal Information Provided by You. We collect names; phone numbers; email addresses; usernames; passwords; contact preferences; billing addresses; debit/credit card numbers; and other similar information.
 
Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by Paypal and Stripe. You may find their privacy notice link(s) here: Privacy Statement Effective Date: July 24, 2020 Print Overview What Personal Data Do We Collect? Why Do We Retain Personal Data? How Do We Process Personal Data? Do We Share Personal Data? How Do We Work with Other Services and Platforms? International Transfers How Do We Use Cookies and Tracking Technologies? What Privacy Choices Are Available To You? What Are Your Rights? How Do We Protect Your Personal Data? Can Children Use Our Services? What Else Should You Know? Contact Us Definitions Additional Information (includes the Banking Regulations Notice for Customers in the EEA) 1. Overview PayPal has developed this Privacy Statement to explain how PayPal, as a Data Controller, may collect, retain, process, share and transfer your Personal Data when you visit our Sites or use our Services. This Privacy Statement applies to your Personal Data when you visit Sites or use Services, and does not apply to online websites or services that we do not own or control, including websites or services of other PayPal Users. As a European bank registered in Luxembourg, we comply with data protection and financial regulatory requirements. For the avoidance of doubt, this Privacy Statement does not constitute a “framework contract” for the purpose of the EU Payment Services Directive (2007/64/EC) or any implementation of that Directive in the European Economic Area. This Privacy Statement is designed to help you obtain information about our privacy practices and to help you understand your privacy choices when you use our Sites and Services. Please note that our Service offerings may vary by region. This Privacy Statement may be supplemented with additional notices depending on the Sites and Services concerned. Supplementary information can be found in the Statement on Cookies and Tracking Technologies and the Banking Regulations Notice. We have defined some terms that we use throughout the Privacy Statement. You can find the meaning of a capitalised term in the Definitions section. Please contact us if you have questions about our privacy practices that are not addressed in this Privacy Statement. 2. What Personal Data Do We Collect? We collect Personal Data about you when you visit our Sites or use our Services, including the following: Registration and use information – When you register to use our Services by establishing an Account, we will collect Personal Data as necessary to offer and fulfil the Services you request. Depending on the Services you choose, we may require you to provide us with your name, postal address, telephone number, email address and identification information to establish an Account. We may require you to provide us with additional Personal Data as you use our Services. Transaction and experience information – When you use our Services or access our Sites, for example, to make purchases from merchants, to receive money, to process payments, or to send money to friends and family, we collect information about the transaction, as well as other information associated with the transaction such as amount sent or requested, amount paid for products or services, merchant information, including information about any funding instruments used to complete the transaction, Device Information, Technical Usage Data, and Geolocation Information. Participant Personal Data – When you use our Services or access our Sites, we collect Personal Data you provide us about the other participants associated with the transaction. Send or request money: When you send or request money through the Services, we collect Personal Data such as name, postal address, telephone number, and financial account information about the participant who is receiving money from you or sending money to you. The extent of Personal Data required about a participant may vary depending on the Services you are using to send or request money. Pay or request someone else to pay a bill: If you use our Services to pay a bill for the benefit of someone else, or if you request a User to pay a bill for you, we collect Personal Data from you about the account holder such as name, postal address, telephone number, email address, and account number of the bill that you intend to pay or request to be paid. Add value to your accounts: If you use our Services to add value to your Account or any other account you may have, or if you ask a User to add value to any of these accounts, we may collect Personal Data from you about the other party, or from the other party about you to facilitate the request. For example, if you use our Services to reload a mobile phone, or to request value be added to your mobile account, we may collect Personal Data and other information including mobile account number from the other participant. Information about your public profile and your friends and contacts – It may be easier for us to help you transact with your friends and contacts if you choose to connect your contact list information with your Account or if your Account profile is publicly available. If you establish an account connection between your device or a social media platform and your Account, we will use your contact list information (such as name, address, email address) to improve your experience when you use the Services. When your Account profile is public, other users can find your profile to send you money by searching for you by name, username, email, or mobile number on PayPal and confirm it’s you by viewing your photo. You can make your Account profile private anytime in your PayPal.me settings. Personal data that you choose to provide us to obtain additional Services or specific online Services – If you request or participate in an optional Site feature, or request enhanced Services or other elective functionality, we may collect additional information from you. We will provide you with a separate notice at the time of collection, if the use of that Personal Data differs from the uses disclosed in this Privacy Statement. Personal Data about you if you use unbranded Services – certain Services are available without being required to log in to or establish an Account. We will collect Personal Data when you are interacting with and making payments to merchants using our card payment services that do not carry the PayPal brand and when you checkout with PayPal without logging into an account. For our unbranded payment services, your interaction is with the merchant, on their platform. If you are an Account holder, or create an Account at a later date, we may collect information about unbranded transactions and associate them with your Account to improve your customer experience as an Account holder and for compliance and analytics purposes. If you are not an Account holder, we will collect and store all information you provide and use such information in accordance with this Privacy Statement. Personal Data about you from third-party sources – We obtain information from third-party sources such as merchants, data providers, and credit bureaus, where permitted by law. Other information we collect related to your use of our Sites or Services – We may collect additional information from or about you when you communicate with us, contact our customer support teams or respond to a survey. 3. Why Do We Retain Personal Data? We retain Personal Data in an identifiable format for the least amount of time necessary to fulfill our legal or regulatory obligations and for our business purposes. We may retain Personal Data for longer periods than required by law if it is in our legitimate business interests and not prohibited by law. If your Account is closed, we may take steps to mask Personal Data and other information, but we reserve our ability to retain and access the data for so long as required to comply with applicable laws. We will continue to use and disclose such Personal data in accordance with this Privacy Statement. The cookies we use have defined expiration times; unless you visit our Sites or use our Services within that time, the cookies are automatically disabled and retained data is deleted. Please consult our Statement on Cookies and Tracking Technologies for more information. 4. How Do We Process Personal Data? We may Process your Personal Data for a variety of reasons that are justified under data protection laws in the European Economic Area (EEA) and Switzerland. To operate the Sites and provide the Services, including to: initiate a payment, send or request money, add value to an account, or pay a bill authenticate your access to an Account communicate with you about your Account, the Sites, the Services, or PayPal create an account connection between your Account and a third-party account or platform perform creditworthiness and other financial standing checks, evaluate applications, and compare information for accuracy and verification purposes, keep your Account and financial information up to date. To manage our business needs, such as monitoring, analysing, and improving the Services and the Sites’ performance and functionality. For example, we analyse User behaviour and perform research about the way you use our Services. To manage risk and protect the Sites, the Services and you from fraud by verifying your identity. PayPal’s risk and fraud tools use Personal Data, Device Information, Technical Usage Data, and Geolocation Information from our Sites and websites that offer PayPal Services to help detect and prevent fraud and abuse of the Services. To comply with our obligations and to enforce the terms of our Sites and Services, including to comply with all applicable laws and regulations. For our legitimate interests, including to: enforce the terms of our Sites and Services; manage our everyday business needs, such as monitoring, analysing; manage risk, fraud, and abuse of PayPal Services; anonymise Personal data in order to provide aggregated statistical data to third parties, including other businesses and members of the public, about how, when, and why Users visit our Sites and use our Services; and conduct business to business marketing; and provide personalised Services (also called interest-based marketing) offered by PayPal on third-party websites and online services. We may use your Personal Data and other information collected in accordance with this Privacy Statement to provide a targeted display, feature or offer to you on third-party websites. make it easier for you to find and connect with others. For instance, if you let us access your contacts or when your Account profile is public, we can suggest connections with people you may know and help others connect with you to send you money by letting them find your profile when they search for you by name, username, email, or mobile number on PayPal. We may also associate information that we learn about you through your and your contacts’ use of the Services, and information you and others provide, to suggest people you may know or may want to transact with through our Services. Social functionality and features designed to simplify your use of the Services with others vary by Service. With your consent, including to: To market to you about PayPal products and Services and the products and services of unaffiliated businesses. We may also Process your Personal Data to tailor the marketing content and certain Services or Site experiences to better match your interests on PayPal and other third-party websites. To use cookies and other tracking technologies to provide a targeted display, feature, Service or offer to you and/or to work with other third-parties such as merchants, advertising or analytics companies to provide these personalised services (also called interest-based marketing). To provide you with location-specific options, functionality or offers if you elect to share your Geolocation Information through the Services. We will use this information to enhance the security of the Sites and Services and provide you with location-based Services, such as advertising, search results, and other personalised (also called interest-based marketing) content. To respond to your requests, for example to contact you about a question you submitted to our customer service team. You can withdraw your consent at any time and free of charge. Please refer to the section on “Your Privacy Choices” for more information on how to do that. 5. Do We Share Personal Data? We may share your Personal Data or other information about you with others in a variety of ways as described in this section of the Privacy Statement. We may share your Personal Data or other information for the following reasons: With other members of the PayPal corporate family: We may share your Personal Data with members of the PayPal family of entities to, among other things, provide the Services you have requested or authorised; to manage risk; to help detect and prevent potentially illegal and fraudulent acts and other violations of our policies and agreements and to help us manage the availability and connectivity of PayPal products, Services, and communications. With other companies that provide services to us: We share Personal Data with third-party service providers that perform services and functions at our direction and on our behalf. These third-party service providers may, for example, provide you with Services, verify your identity, assist in processing transactions, send you advertisements for our products and services, or provide customer support. With other financial institutions: We share Personal Data with other financial institutions that we have partnered with to jointly create and offer a product. These financial institutions may only use this information to market and offer PayPal-related products, unless you have given consent for other uses. We may also share Personal Data to process transactions, provide you with benefits associated with your eligible cards, and keep your financial information up to date. With the other parties to transactions when you use the Services, such as other Users, merchants, and their service providers: We may share information about you and your Account with the other parties involved in processing your transactions. This includes other Users you are sending or receiving funds from and merchants, and their service providers. The information might include: Personal Data and Account information necessary to facilitate the transaction; Personal Data to help other participant(s) resolve disputes and detect and prevent fraud; and Anonymous data and performance analytics to help merchants better understand the uses of our Services and to help merchants enhance Users’ experiences. With other third parties for our business purposes or as permitted or required by law: We may share information about you with other parties for PayPal’s business purposes or as permitted or required by law, including: if we need to do so to comply with a law, legal process or regulations; to law enforcement authorities or other government officials, or other third parties pursuant to a subpoena, a court order or other legal process or requirement applicable to PayPal or PayPal’s corporate family; if we believe, in our sole discretion, that the disclosure of Personal Data is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity; to protect the vital interests of a person; with credit agencies and data processors for credit reference checks and anti-fraud and compliance purposes; to investigate violations of or enforce a user agreement or other legal terms applicable to any Service; to protect our property, Services and legal rights; to facilitate a purchase or sale of all or part of PayPal’s business; in connection with shipping and related services for purchases made using a Service; to help assess and manage risk and prevent fraud against us, our Users and fraud involving our Sites or use of our Services, including fraud that occurs at or involves our business partners, strategic ventures, or other individuals, and merchants, such as eBay, Inc.; to banking partners as required by card association rules for inclusion on their list of terminated merchants; to credit reporting and collection agencies; to companies that we plan to merge with or be acquired by; and to support our audit, compliance, and corporate governance functions. With your consent: We also will share your Personal Data and other information with your consent or direction, including if you authorise an account connection with a third-party account or platform. In addition, PayPal may provide aggregated statistical data to third-parties, including other businesses and members of the public, about how, when, and why Users visit our Sites and use our Services. This data will not personally identify you or provide information about your use of the Sites or Services. We do not share your Personal Data with third parties for their marketing purposes without your consent. 6. How Do We Work with Other Services and Platforms? A significant benefit and innovation of PayPal’s Services is that you can connect your Account with a third-party account or platform. For the purposes of this Privacy Statement, an “account connection” with such a third-party is a connection you authorise or enable between your Account and a non-PayPal account, payment instrument, or platform that you lawfully control or own. When you authorise such a connection, PayPal and the third-party will exchange your Personal Data and other information directly. Examples of account connections include: linking your Account to a social media account or social messaging service; connecting your Account to a third-party data aggregation or financial services company, if you provide such company with your Account log-in credentials; or using your Account to make payments to a merchant or allowing a merchant to charge your Account. If you choose to create an account connection, we may receive information from the third-party about you and your use of the third-party’s service. For example, if you connect your Account to a social media account, we will receive Personal Data from the social media provider via the account connection. If you connect your Account to other financial accounts, directly or through a third-party service provider, we may have access to your account balance and transactional information, such as purchases and funds transfers. We will use all such information that we receive from a third-party via an account connection in a manner consistent with this Privacy Statement. Information that we share with a third-party based on an account connection will be used and disclosed in accordance with the third-party’s privacy practices. Before authorising an account connection, you should review the privacy notice of any third-party that you authorised to have an account connection that will gain access to your Personal Data as part of the account connection. For example, Personal Data that PayPal shares with a third-party account or platform such as a social media account may in turn be shared with certain other parties, including the general public, depending on the account’s or platform’s privacy practices. 7. International transfers Our operations are supported by a network of computers, cloud-based servers, and other infrastructure and information technology, including, but not limited to, third-party service providers. The parties mentioned above may be established in jurisdictions other than your own and outside the European Economic Area and Switzerland. These countries do not always afford an equivalent level of privacy protection. We have taken specific steps, in accordance with EEA data protection law, to protect your Personal Data. In particular, for transfers of your Personal Data within PayPal related companies, we rely on Binding Corporate Rules approved by competent Supervisory Authorities (available here). Other transfers may be based on contractual protections. Please contact us for more information about this. If you make transactions with parties outside the EEA or Switzerland or connect our Service with platforms, such as social media, outside the EEA or Switzerland, we are required to transfer your Personal Data with those parties in order to provide the requested Service to you. 8. How Do We Use Cookies and Tracking Technologies? When you visit our Sites, use our Services, or visit a third-party website for which we provide online services, we and our business partners and vendors may use cookies and other tracking technologies (collectively, “Cookies”) to recognise you as a User and to customise your online experiences, the Services you use, and other online content and advertising; measure the effectiveness of promotions and perform analytics; and to mitigate risk, prevent potential fraud, and promote trust and safety across our Sites and Services. Certain aspects and features of our Services and Sites are only available through the use of Cookies, so if you choose to disable or decline Cookies, your use of the Sites and Services may be limited or not possible. Do Not Track (DNT) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third-parties. We do not respond to DNT signals. Please review our Statement on Cookies and Tracking Technologies to learn more about how we use Cookies. 9. What Privacy Choices Are Available To You? You have choices when it comes to the privacy practices and communications described in this Privacy Statement. Many of your choices may be explained at the time you sign up for or use a Service or in the context of your use of a Site. You may be provided with instructions and prompts within the experiences as you navigate the Services. Choices Relating to the Personal Data We Collect Personal Data. You may decline to provide Personal Data when it is requested by PayPal, but certain Services or all of the Services may be unavailable to you. Location and other device-level information. The device you use to access the Sites or Services may collect information about you, including Geolocation Information and User usage data that PayPal may then collect and use. For information about your ability to restrict the collection and use of such information, please use the settings available in the device. Choices Relating to Our Use of Your Personal Data Online Tracking and Interest-Based Marketing. We work with partners and third-party service providers to serve you advertising using ad-related cookies and web beacons. You can opt-out of third-party advertising-related cookies and web beacons, in which case our advertising should not be targeted to you. You will continue to see our advertising on third party websites. For more information on third-party advertising-related cookies and interest-based marketing, and to learn how to opt-out of these practices with companies participating in industry self-regulation, please visit Your Online Choices. Finding and connecting with others. If available, you may manage your preferences for finding and connecting with others from your account of the Service you use. Choices Relating to Account Connections If you authorise an account connection to a third-party account or platform, such as a social media account, you may be able to manage your connection preferences from your Account or the third-party account or platform. Please refer to the privacy notice that governs the third-party platform for more information on the choices you may have. Choices Relating to Cookies You may have options available to manage your cookies preferences. For example, your browser or internet device may allow you delete, disable, or block certain cookies and other tracking technologies. You can learn more by visiting AboutCookies.org. You may choose to enable these options, but doing so may prevent you from using many of the core features and functions available on a Service or Site. You may have an option regarding the use of cookies and other tracking technologies when you use a Service or visit parts of a Site. For example, you may be asked if you want the Service or Site to “remember” certain things about you, and we will use cookies and other tracking technologies to the extent that you permit them. You can learn more about our cookies and tracking technologies by visiting the Statement on Cookies and Tracking Technologies page. Choices Relating to Your Registration and Account Information If you have an Account, you generally may review and edit Personal Data by logging in and updating the information directly or by contacting us. Contact us if you do not have an Account or if you have questions about your Account information or other Personal Data. Choices Relating to Communication Notices, Alerts and Updates from Us: Marketing: We may send you marketing content about our Sites, Services, products, products we jointly offer with financial institutions, as well as the products and services of unaffiliated third parties and members of the PayPal corporate family through various communication channels, for example, email, text, pop-ups, push notifications, and messaging applications. You may opt out of these marketing communications we send by following the instructions in the communications you receive. If you have an Account with us, you may also adjust your communication preferences in your Account settings. For messages sent via push notifications, you may manage your preferences in your device. Informational and Other: We will send communications to you that are required or necessary to send to Users of our Services, notifications that contain important information and other communications that you request from us. You may not opt out of receiving these communications. However, you may be able to adjust the media and format through which you receive these notices. 10. What Are Your Rights? Subject to limitations set out in EEA data protection laws, you have certain rights in respect of your Personal Data. In particular, you have a right of access, rectification, restriction, opposition, erasure and data portability. Please contact us if you wish to exercise these rights. If you wish to complete an access request to all personal data that PayPal holds on you, please note that photo identity will be required to prove your identity. If you have an Account with any of our Services, you generally can review and edit Personal Data in the Account by logging in and updating the information directly. We may use automated decision-making for decisions concerning credit with your consent or where necessary for the entry into or performance of a contract or authorised by Union or Member state law. Please contact us if you require more information on automated-decision making. 11. How Do We Protect Your Personal Data? We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorised access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centres, and information access authorisation controls. While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current. We are not responsible for protecting any Personal Data that we share with a third-party based on an account connection that you have authorised. 12. Can Children Use Our Services? The Sites and Services are not directed to children under the age of 16. We do not knowingly collect information, including Personal Data, from children or other individuals who are not legally able to use our Sites and Services. If we obtain actual knowledge that we have collected Personal Data from a child under the age of 16, we will promptly delete it, unless we are legally obligated to retain such data. Contact us if you believe that we have mistakenly or unintentionally collected information from a child under the age of 16. 13. What Else Should You Know? Changes to this Privacy Statement. We may revise this Privacy Statement from time to time to reflect changes to our business, the Sites or Services, or applicable laws. The revised Privacy Statement will be effective as of the published effective date. If the revised version includes a substantial change, we will provide you with 30 days prior notice by posting notice of the change on the “Policy Update” page of our website. We also may notify Users of the change using email or other means. 14. Contact Us You may contact us if you have general questions or concerns about this Privacy Statement and supplemental notices or the way in which we handle your Personal Data. We want to make sure your questions go to the right place: Click here to contact us about your PayPal account or transaction or a card payment made on a merchant website. Click here to contact us about your Xoom account If you are not satisfied by the way in which we address your concerns, you have the right to lodge a complaint with the Supervisory Authority for data protection in your country. Our Data Protection Officer can be contacted at dpo@paypal.com or PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg. 15. Definitions Account means a PayPal or Xoom member account. Data Controller means that PayPal determines the purposes and means of the processing of Personal Data. Device Information means data that can be automatically collected from any device used to access the Site or Services. Such information may include, but is not limited to, your device type; your device’s network connections; your device’s name; your device IP address; information about your device’s web browser and internet connection you use to access the Site or Services; Geolocation Information; information about apps downloaded to your device; and biometric data. Geolocation Information means information that identifies, with reasonable specificity, your location by using, for instance, longitude and latitude coordinates obtained through GPS or Wi-Fi or cell site triangulation. PayPal means PayPal (Europe) S.a.r.l. et Cie, S.C.A. and subsidiaries or affiliates. In this Privacy Statement, PayPal is sometimes referred to as “we,” “us,” or “our,” depending on the context. Personal Data means information that can be associated with an identified or directly or indirectly identifiable natural person. “Personal Data” can include, but is not limited to, name, postal address (including billing and shipping addresses), telephone number, email address, payment card number, other financial account information, account number, date of birth, and government-issued credentials (e.g., driver’s license number, national ID, passport number). Process means any method or way that we handle Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, and consultation, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data. Services means any products, services, content, features, technologies, or functions, and all related websites, applications and services offered to you by PayPal. Sites means the websites, mobile apps, official social media platforms, or other online properties through which PayPal offers the Services and which has posted or linked to this Privacy Statement. Technical Usage Data means information we collect from your phone, computer or other device that you use to access the Sites or Services. Technical Usage Data tells us how you use the Sites and Services, such as what you have searched for and viewed on the Sites and the way you use our Services, including your IP address, statistics regarding how pages are loaded or viewed, the websites you visited before coming to the Sites and other usage and browsing information collected through Cookies. User means an individual who uses the Services or accesses the Sites. 16. Additional Information The information provided in this section may be specific to customers depending on your region or how you use the Services. This information is provided to PayPal from third parties whom you may interact when using the Services. Banking Regulations Notice for Customers in the EEA Credit Reference Agencies Information Notice Google ReCaptcha Banking Regulations Notice for Customers in the EEA In general, the Luxembourg laws to which PayPal’s handling of user data is subject (data protection and bank secrecy) require a higher degree of transparency than most other EU laws. This is why, unlike the vast majority of providers of internet-based services or financial services in the EU, PayPal has listed in this Privacy Statement the third party service providers and business partners to whom we may disclose your data, together with the purpose of disclosure and type of information disclosed. You will find a link to those third parties here. By accepting this Privacy Statement and maintaining an account with PayPal, you expressly consent to the transfer of your data to those third parties for the purposes listed. PayPal may update the list of third parties referred to above every quarter (January 1st, April 1st, July 1st and October 1st). PayPal will only start transferring any data to any of the new entities or for the new purposes or data types indicated in each update after 30 days from the date when that list is made public through this Privacy Statement. You should review the list each quarter on the PayPal website on the dates stated above. If you do not object to the new data disclosure, within 30 days after the publication of the updated list of third parties, you are deemed to have accepted the changes to the list and to this Privacy Statement. If you do not agree with the changes, you may close your account and stop using our services. In order to provide the PayPal Services, certain of the information we collect (as set out in this Privacy Statement) may be required to be transferred to other PayPal related companies or other entities, including those referred to in this section in their capacity as payment providers, payment processors or account holders (or similar capacities). You acknowledge that according to their local legislation, such entities may be subject to laws, regulations, inquiries, investigations, or orders which may require the disclosure of information to the relevant authorities of the relevant country. Your use of the PayPal Services constitutes your consent to our transfer of such information to provide you the PayPal Services. Specifically, you consent to and direct PayPal to do any and all of the following with your information: Disclose necessary information to: the police and other law enforcement agencies; security forces; competent governmental, intergovernmental or supranational bodies; competent agencies, departments, regulatory authorities, self-regulatory authorities or organisations (including, without limitation, the Agencies referenced in the “Agencies” section of the Third Party Provider List here) and other third parties, including PayPal Group companies, that (i) we are legally compelled and permitted to comply with, including but without limitation the Luxembourg laws of 24 July 2015 on the US Foreign Account Tax Compliance Act (“FATCA Law”) and 18 December 2015 on the OECD common reporting standard (“CRS Law”); (ii) we have reason to believe it is appropriate for us to cooperate with in investigations of fraud or other illegal activity or potential illegal activity, or (iii) to conduct investigations of violations of our User Agreement (including without limitation, your funding source or credit or debit card provider). If you are covered by the FATCA or CRS Law, we are required to give you notice of the information about you that we may transfer to various authorities. Please read more about PayPal’s obligations under the FATCA and CRS Law and how they could affect you as well as take note of the information we may disclose as result. We and other organisations, including parties that accept PayPal, may also share, access and use (including from other countries) necessary information (including, without limitation the information recorded by fraud prevention agencies) to help us and them assess and to manage risk (including, without limitation, to prevent fraud, money laundering and terrorist financing). Please contact us if you want to receive further details of the relevant fraud prevention agencies. For more information on these Agencies, fraud prevention agencies and other third parties, click here. Disclose Account Information to intellectual property right owners if under the applicable national law of an EU member state they have a claim against PayPal for an out-of-court information disclosure due to an infringement of their intellectual property rights for which PayPal Services have been used (for example, but without limitation, Sec. 19, para 2, sub-section 3 of the German Trademark Act or Sec. 101, para 2, sub-section 3 of the German Copyright Act). Disclose necessary information in response to the requirements of the credit card associations or a civil or criminal legal process. Disclose your name and PayPal link in the PayPal user directory. Your details will be confirmed to other PayPal users in response to a user searching using your name, email address or telephone number, or part of these details. This is to ensure people make payments to the correct user. This feature can be turned off in the PayPal profile settings. If you as a merchant use a third party to access or integrate PayPal, we may disclose to any such partner necessary information for the purpose of facilitating and maintaining such an arrangement (including, without limitation, the status of your PayPal integration, whether you have an active PayPal account and whether you may already be working with a different PayPal integration partner). Disclose necessary information to the payment processors, auditors, customer services providers, credit reference and fraud agencies, financial products providers, commercial partners, marketing and public relations companies, operational services providers, group companies, agencies, marketplaces and other third parties listed here. The purpose of this disclosure is to allow us to provide PayPal Services to you. We also set out in the list of third parties, under each ” Category”, non-exclusive examples of the actual third parties (which may include their assigns and successors) to whom we currently disclose your Account Information or to whom we may consider disclosing your Account Information, together with the purpose of doing so, and the actual information we disclose (except as explicitly stated, these third parties are limited by law or by contract from using the information for secondary purposes beyond the purposes for which the information was shared). Disclose necessary information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you). Disclose aggregated statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our users live in Manchester. However, this aggregated information is not tied to personal information. Share necessary Account Information with unaffiliated third parties (listed here) for their use for the following purposes: Fraud Prevention and Risk Management: to help prevent fraud or assess and manage risk. For example, if you use the PayPal Services to buy or sell goods using eBay Inc, or its affiliates (“eBay”), we may share Account Information with eBay in order to help protect your accounts from fraudulent activity, alert you if we detect such fraudulent activity on your accounts, or evaluate credit risk. As part of our fraud prevention and risk management efforts, we also may share necessary Account Information with eBay in cases where PayPal has placed a hold or other restriction on your account based on disputes, claims, chargebacks or other scenarios regarding the sale or purchase of goods. Also, as part of our fraud prevention and risk management efforts, we may share Account Information with eBay to enable them to operate their programmes for evaluating buyers or sellers. Customer Service: for customer service purposes, including to help service your accounts or resolve disputes (e.g., billing or transactional). Shipping: in connection with shipping and related services for purchases made using PayPal. Legal Compliance: to help them comply with anti-money laundering and counter-terrorist financing verification requirements. Service Providers: to enable service providers under contract with us to support our business operations, such as fraud prevention, bill collection, marketing, customer service and technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and not for their own benefit. Credit Reference Agencies Information Notice If you choose to apply for PayPal Credit, in order to process your application, we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates. The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at: Transunion: http://www.transunion.co.uk/crain Equifax: http://www.equifax.co.uk/crain Experian: http://www.experian.co.uk/crain and Global Privacy Policy — Worldwide Last updated: April 28, 2020 Welcome to Stripe! Stripe, Inc. and its affiliates (collectively “Stripe”, “we” and “us”) respect your privacy. We offer services that enable platforms and merchants to run businesses, and to safely conduct online payment transactions. This Global Privacy Policy describes the types of Personal Data we collect through our payments products and services (“Services”) and via our online presence, which include our main website at stripe.com, as well as services and websites that we enable Internet users to access, such as Stripe Checkout and the Stripe Shop (collectively, our “Sites”). This policy also describes how we use Personal Data, with whom we share it, your rights and choices, and how you can contact us about our privacy practices. This policy does not apply to third-party websites, products, or services, even if they link to our Services or Sites, and you should consider the privacy practices of those third-parties carefully. This Privacy Policy is provided in a layered format. Click through to jump to a specific section. Overview Personal Data We Collect How We Use Personal Data How We Disclose Personal Data Your Rights and Choices Security and Retention International Data Transfers Use by Minors Updates To this Privacy Policy Links To Other Websites Jurisdiction-specific Provisions Contact Us 1. Overview Stripe obtains Personal Data about you from various sources to provide our Services and to manage our Sites. “You” may be a visitor to one of our websites, a user of one or more of our Services (“User” or “Stripe User”), or a customer of a User (“Customer”). If you are a Customer, Stripe will generally not collect your Personal Data directly from you. Your agreement with the relevant Stripe User should explain how the Stripe User shares your Personal Data with Stripe, and if you have questions about this sharing, then you should direct those questions to the Stripe User. Learn more 2. Personal Data We Collect a. Personal Data that we collect about you. Personal Data is any information that relates to an identified or identifiable individual. The Personal Data that you provide directly to us through our Sites and Services will be apparent from the context in which you provide the data. In particular: When you register for a Stripe account we collect your full name, email address, and account log-in credentials. When you fill-in our online form to contact our sales team, we collect your full name, work email, country, and anything else you tell us about your project, needs and timeline. When you use the “Remember Me” feature of Stripe Checkout, we collect your email address, payment card number, CVC code and expiration date. When you respond to Stripe emails or surveys we collect your email address, name and any other information you choose to include in the body of your email or responses. If you contact us by phone, we will collect the phone number you use to call Stripe. If you contact us by phone as a Stripe User, we may collect additional information in order to verify your identity. If you are a Stripe User, you will provide your contact details, such as name, postal address, telephone number, and email address. As part of your business relationship with us, we may also receive financial and personal information about you, such as your date of birth and government identifiers associated with you and your organization (such as your social security number, tax number, or Employer Identification Number). If you are a Customer of a Stripe User, when you make payments or conduct transactions through a Stripe User’s website or application or device we provide, we will receive your transaction information. Depending on how the Stripe User implements our Services, we may receive this information directly from you, or from the Stripe User or third parties. The information that we collect will include payment method information (such as credit or debit card number, or bank account information), purchase amount, date of purchase, and payment method. Different payment methods may require the collection of different categories of information. The Stripe User will determine the payment methods that it enables you to use, and the payment method information that we collect will depend upon the payment method that you choose to use from the list of available payment methods that are offered to you by the Stripe User. When you make a transaction, we may also receive your name, email, billing or shipping address and in some cases your transaction history to authenticate you. When we conduct fraud monitoring, prevention, detection, and financial compliance activities or provide such services to our Users, we will receive Personal Data from you (and your device) and about you through our Service and from our business partners, financial service providers, identity verification services, and publicly available sources (e.g., name, address, phone number, country), as necessary to confirm your identity and prevent fraud. Our fraud monitoring, detection and prevention services may collect Personal Data about you and use technology to help us assess the risk associated with an attempted transaction by you with a Stripe User. You may also choose to submit information to us via other methods, including: (i) in response to marketing or other communications, (ii) through social media or online forums, (iii) through participation in an offer, program or promotion, (iv) in connection with an actual or potential business relationship with us, or (v) by giving us your business card or contact details at trade shows or other events. b. Information that we collect automatically on our Sites. Our Sites use cookies and other technologies to function effectively. These technologies record information about your use of our Sites, including: Browser and device data, such as IP address, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons and the language version of the Sites you are visiting; Usage data, such as time spent on the Sites, pages visited, links clicked, language preferences, and the pages that led or referred you to our Sites. We also collect information about your online activities on websites and connected devices over time and across third-party websites, devices, apps and other online features and services. We use Google Analytics on our Sites to help us analyze Your use of our Sites and diagnose technical issues. To learn more about the cookies that may be served through our Sites and how You can control our use of cookies and third-party analytics, please see our Cookie Policy. 3. How We Use Personal Data a. Our products and services. We rely upon a number of legal grounds to ensure that our use of your Personal Data is compliant with applicable law. We use Personal Data to facilitate the business relationships we have with our Users, to comply with our financial regulatory and other legal obligations, and to pursue our legitimate business interests. We also use Personal Data to complete payment transactions and to provide payment-related services to our Users. Learn more b. Marketing and events-related communications. We may send you email marketing communications about Stripe products and services, invite you to participate in our events or surveys, or otherwise communicate with you for marketing purposes, provided that we do so in accordance with the consent requirements that are imposed by applicable law. For example, when we collect your business contact details through our participation at trade shows or other events, we may use the information to follow-up with you regarding an event, send you information that you have requested on our products and services and, with your permission, include you on our marketing information campaigns. c. Advertising. When you visit our Sites, we (and our service providers) may use Personal Data collected from you and your device to target advertisements for Stripe Services to you on our Sites and other sites you visit (“interest-based advertising”), where allowed by applicable law. For example, when you visit our Site, we will use cookies to identify your device and direct ads for our Services to you. You have choices and control over our cookies (or similar technologies) we use to advertise to you. Please see our Cookie Policy for more information. At present, there is no industry standard for recognizing Do Not Track browser signals, so we do not respond to them. We do not use, share, rent or sell the Personal Data of our Users’ Customers for interest-based advertising. We do not sell or rent the Personal Data of our Users, their Customers or our Site visitors. 4. How We Disclose Personal Data. Stripe does not sell or rent Personal Data to marketers or unaffiliated third parties. We share your Personal Data with trusted entities, as outlined below. a. Stripe. We share Personal Data with other Stripe entities in order to provide our Services and for internal administration purposes. b. Service providers. We share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, and auditing services. These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. Our service providers are predominantly located in the European Union and the United States of America. c. Business partners. We share Personal Data with third party business partners when this is necessary to provide our Services to our Users. Examples of third parties to whom we may disclose Personal Data for this purpose are banks and payment method providers (such as credit card networks) when we provide payment processing services, and the professional services firms that we partner with to deliver Stripe Atlas. d. Our Users and third parties authorized by our Users. We share Personal Data with Users as necessary to maintain a User account and provide the Services. We share data with parties directly authorized by a User to receive Personal Data, such as when a User authorizes a third party application provider to access the User’s Stripe account using Stripe Connect. The use of Personal Data by an authorized third party is subject to the third party’s privacy policy. e. Corporate transactions. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share Personal Data with third parties in connection with such transaction. Any other entity which buys us or part of our business will have the right to continue to use your Personal Data, but only in the manner set out in this Privacy Policy unless you agree otherwise. f. Compliance and harm prevention. We share Personal Data as we believe necessary: (i) to comply with applicable law, or payment method rules; (ii) to enforce our contractual rights; (iii) to protect the rights, privacy, safety and property of Stripe, you or others; and (iv) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence. 5. Your Rights and Choices. You have choices regarding our use and disclosure of your Personal Data: a. Opting out of receiving electronic communications from us. If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services. b. How you can see or change your account Personal Data. If You would like to review, correct, or update Personal Data that You have previously disclosed to us, You may do so by signing in to your Stripe account or by contacting us. c. Your data protection rights. Depending on your location and subject to applicable law, you may have the following rights with regard to the Personal Data we control about you: The right to request confirmation of whether Stripe processes Personal Data relating to you, and if so, to request a copy of that Personal Data; The right to request that Stripe rectifies or updates your Personal Data that is inaccurate, incomplete or outdated; The right to request that Stripe erase your Personal Data in certain circumstances provided by law; The right to request that Stripe restrict the use of your Personal Data in certain circumstances, such as while Stripe considers another request that you have submitted (including a request that Stripe make an update to your Personal Data); and The right to request that we export to another company, where technically feasible, your Personal Data that we hold in order to provide Services to you. Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time. You may also have the right to object to the processing of your Personal Data on grounds relating to your particular situation. d. Process for exercising data protection rights. In order to exercise your data protection rights, you may contact Stripe as described in the Contact Us section below. We take each request seriously. We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request. If you are a Customer of a Stripe User, please direct your requests directly to the User. For example, if you are making, or have made, a purchase from a merchant using Stripe as a payment processor, and you have a request that is related to the payment information that you provided as part of the purchase transaction, then you should address your request directly to the merchant. 6. Security and Retention. We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately. We retain your Personal Data as long as we are providing the Services to you. We retain Personal Data after we cease providing Services directly or indirectly to you, even if you close your Stripe account or complete a transaction with a Stripe User, to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention. We also retain Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our financial partners, and where data retention is mandated by the payment methods that we support. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law. 7. International Data Transfers. We are a global business. Personal Data may be stored and processed in any country where we have operations or where we engage service providers. We may transfer Personal Data that we maintain about you to recipients in countries other than the country in which the Personal Data was originally collected, including to the United States. Those countries may have data protection rules that are different from those of your country. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your Personal Data remains protected to the standards described in this Privacy Policy. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data. If you are located in the European Economic Area (“EEA”), the UK or Switzerland, we comply with applicable laws to provide an adequate level of data protection for the transfer of your Personal Data to the US. Stripe Inc. is certified under the EU-U.S. and the Swiss-U.S. Privacy Shield Framework and adheres to the Privacy Shield Principles in connection with personal data transfers from the EEA, the UK and Switzerland. For more, see Stripe’s Privacy Shield Policy. In addition, we have implemented intra-group data transfer agreements which you may view upon request. UPDATE September 15, 2020: While Stripe Inc. remains self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, it is not currently relying on these frameworks for the transfer of personal data to the U.S. For more information, please see Stripe Privacy Center. Where applicable law requires us to ensure that an international data transfer is governed by a data transfer mechanism, we use one or more of the following mechanisms: EU Standard Contractual Clauses with a data recipient outside the EEA or the UK, verification that the recipient has implemented Binding Corporate Rules, or verification that the recipient adheres to the EU-US and Swiss-US Privacy Shield Framework. 8. Use by Minors. The Services are not directed to individuals under the age of thirteen (13), and we request that they not provide Personal Data through the Services. 9. Updates To this Privacy Policy and Notifications. We may change this Privacy Policy from time to time to reflect new services, changes in our Personal Data practices or relevant laws. The “Last updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes are effective when we post the revised Privacy Policy on the Services. We may provide you with disclosures and alerts regarding the Privacy Policy or Personal Data collected by posting them on our website and, if you are a User, by contacting you through your Stripe Dashboard, email address and/or the physical address listed in your Stripe account. 10. Links To Other Websites. The Services may provide the ability to connect to other websites. These websites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website or the privacy practices of the operator of the website. 11. Jurisdiction-specific Provisions. Australian residents. The Stripe entity that provides Services in Australia is Stripe Payments Australia Pty. Ltd. If you are an Australian resident, and you are dissatisfied with our handling of any complaint you raise under this Privacy Policy, you may wish to contact the Office of the Australian Information Commissioner. Residents of the European Economic Area (EEA), the UK and Switzerland. The entity responsible for the collection and processing of Personal Data for residents of the EEA, the UK and Switzerland is Stripe Payments Europe, Ltd., a company incorporated in Ireland and with offices at 1 Grand Canal Street Lower, Grand Canal Dock, Dublin. To exercise your rights, the Data Protection Officer may be contacted via dpo@stripe.com. If you are a resident of the EEA and believe we process your information in scope of the General Data Protection Regulation (GDPR), you may direct your questions or complaints to the Office of the Data Protection Commissioner. If you are a resident of the UK and the UK is no longer a Member State of the EU, you may direct your questions or concerns to the UK Information Commissioner’s Office. Mexican residents. Mexican residents may exercise data protection rights to access, correction, deletion, opposition or revocation under applicable law. You may be provided with further information about the steps to exercise your privacy rights, including identity verification, timing, the way to get in touch with the organization responding to your request for further communications about your request, and how your request may be honored. If you are a Mexican resident and a Customer of a Stripe User, please direct your requests directly to the Stripe User with whom you shared your personal information. United States – California residents. This section provides additional details about the personal information we collect about California consumers as well as the rights of California consumers under the California Consumer Privacy Act (CCPA). a. How We Collect, Use, and Disclose your Personal Information. The Personal Data We Collect section describes the personal information we may have collected over the last 12 months, including the categories of sources of that information. We collect this information for the purposes described in the How We Use Personal Data section. We share this information as described in the How We Disclose Personal Data section. Stripe uses cookies, including advertising cookies, as described in our Cookie Policy. b. Your CCPA Rights and Choices. As a California consumer and subject to certain limitations under the CCPA, you have choices regarding our use and disclosure of your personal information: Exercising the right to know. You may request, up to twice in a 12-month period, the following information about the personal information we have collected about you during the past 12 months: the categories and specific pieces of personal information we have collected about you; the categories of sources from which we collected the personal information; the business or commercial purpose for which we collected the personal information; the categories of third parties with whom we shared the personal information; and the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose. Exercising the right to delete. You may request that we delete the personal information we have collected from you, subject to certain limitations under applicable law. Exercising the right to opt-out from a sale. You may request to opt out of any “sale” of your personal information that may take place. As described in Advertising, we do not use, share, rent or sell the Personal Data of our Users’ Customers for interest-based advertising. We do not sell or rent the Personal Data of our Users, their Customers or our Site visitors. Non-discrimination. The CCPA provides that you may not be discriminated against for exercising these rights. To submit a request to exercise any of the rights described above, you may contact Stripe at privacy@stripe.com. We may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. Authentication based on a government-issued and valid identification document may be required. If you are a Customer of a Stripe User, please direct your requests directly to the Stripe User with whom you shared your personal information. 12. Contact Us If You have any questions or complaints about this Privacy Policy, please contact us electronically or send physical mail to: Stripe 510 Townsend Street San Francisco, CA 94103, USA Attention: Stripe Legal.
 
All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information automatically collected
 
In Short:  Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Website.
 
We automatically collect certain information when you visit, use or navigate the Website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Website and other technical information. This information is primarily needed to maintain the security and operation of our Website, and for our internal analytics and reporting purposes.
 
Like many businesses, we also collect information through cookies and similar technologies.
 
The information we collect includes:
  • Log and Usage Data. Log and usage data is service-related, diagnostic, usage and performance information our servers automatically collect when you access or use our Website and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type and settings and information about your activity in the Website (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called ‘crash dumps’) and hardware settings).
 
  • Location Data. We collect location data such as information about your device’s location, which can be either precise or imprecise. How much information we collect depends on the type and settings of the device you use to access the Website. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. Note however, if you choose to opt out, you may not be able to use certain aspects of the Services.

2. HOW DO WE USE YOUR INFORMATION?
 
In Short:  We process your information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.
 
We use personal information collected via our Website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.
 
We use the information we collect or receive:
  • To facilitate account creation and logon process. If you choose to link your account with us to a third-party account (such as your Google or Facebook account), we use the information you allowed us to collect from those third parties to facilitate account creation and logon process for the performance of the contract.
 
  • To post testimonials. We post testimonials on our Website that may contain personal information. Prior to posting a testimonial, we will obtain your consent to use your name and the content of the testimonial. If you wish to update, or delete your testimonial, please contact us at nildo.lourenco@sprucedservices.com and be sure to include your name, testimonial location, and contact information.
 
  • Request feedback. We may use your information to request feedback and to contact you about your use of our Website.
 
  • To enable user-to-user communications. We may use your information in order to enable user-to-user communications with each user’s consent.
 
  • To manage user accounts. We may use your information for the purposes of managing our account and keeping it in working order.
 
  • To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
 
  • To protect our Services. We may use your information as part of our efforts to keep our Website safe and secure (for example, for fraud monitoring and prevention).
 
  • To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
 
  • To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
  • Fulfill and manage your orders. We may use your information to fulfill and manage your orders, payments, returns, and exchanges made through the Website
  • Administer prize draws and competitions. We may use your information to administer prize draws and competitions when you elect to participate in our competitions.
  • To deliver and facilitate delivery of services to the user. We may use your information to provide you with the requested service.
  • To respond to user inquiries/offer support to users. We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services.\
 

3. WILL YOUR INFORMATION BE SHARED WITH ANYONE?
 
In Short:  We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.
 
We may process or share your data that we hold based on the following legal basis:
  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
 
  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
 
  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
 
  • Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
 
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
More specifically, we may need to process your data or share your personal information in the following situations:
  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
 

4. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
 
In Short:  We may use cookies and other tracking technologies to collect and store your information.
 
We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.
 

5. DO WE USE GOOGLE MAPS?
 
In Short:  Yes, we use Google Maps for the purpose of providing better service.
 
This Website uses Google Maps APIs which is subject to Google’s Terms of Service. You may find the Google Maps APIs Terms of Service here. To find out more about Google’s Privacy Policy, please refer to this link.

6. HOW LONG DO WE KEEP YOUR INFORMATION?
 
In Short:  We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.
 
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.
 
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?
 
In Short:  We aim to protect your personal information through a system of organizational and technical security measures.
 
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Website is at your own risk. You should only access the Website within a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?
 
In Short:  We do not knowingly collect data from or market to children under 18 years of age.
 
We do not knowingly solicit data from or market to children under 18 years of age. By using the Website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Website. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at nildo.lourenco@sprucedservices.com.

9. WHAT ARE YOUR PRIVACY RIGHTS?
 
In Short:  You may review, change, or terminate your account at any time.
 
If you are a resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
 
If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.
 
If you have questions or comments about your privacy rights, you may email us at info@sprucedservices.com.

Account Information
 
If you would at any time like to review or change the information in your account or terminate your account, you can:
  • Log in to your account settings and update your user account.
 
  • Contact us using the contact information provided.
 
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with applicable legal requirements.
 
Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Website. To opt-out of interest-based advertising by advertisers on our Website visit http://www.aboutads.info/choices/.
 
Opting out of email marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us using the details provided below. You will then be removed from the marketing email list — however, we may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes. To otherwise opt-out, you may:
  • Access your account settings and update your preferences.
 
  • Contact us using the contact information provided.

10. CONTROLS FOR DO-NOT-TRACK FEATURES
 
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.

11. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
 
In Short:  Yes, if you are a resident of California, you are granted specific rights regarding access to your personal information.
 
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to us using the contact information provided below.
 
If you are under 18 years of age, reside in California, and have a registered account with the Website, you have the right to request removal of unwanted data that you publicly post on the Website. To request removal of such data, please contact us using the contact information provided below, and include the email address associated with your account and a statement that you reside in California. We will make sure the data is not publicly displayed on the Website, but please be aware that the data may not be completely or comprehensively removed from all our systems (e.g. backups, etc.).
 

12. DO WE MAKE UPDATES TO THIS NOTICE? 
 
In Short:  Yes, we will update this notice as necessary to stay compliant with relevant laws.
 
We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

13. HOW CAN YOU CONTACT US ABOUT THIS NOTICE? 
 
If you have questions or comments about this notice, you may email us at info@sprucedservices.com or by post to:
 
Spruced Services Ltd
20-22 Wenlock Road
Hoxton
London, UK N1 7GU
United Kingdom
 

14. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU? 
 
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please visit: https://sprucedservices.com/contact-us/. We will respond to your request within 30 days.