Welcome to Crowdfavors!
This Agreement applies to all Users of the Service. If you do not agree with any part of this Agreement, you must not use the Service. Your continued use of the Service will constitute your acceptance of this Agreement. Any new features or tools which are added to the current Service shall also be subject to this Agreement. You can review the most recent version of this Agreement at any time here. We reserve the right to update, change, or replace any part of this Agreement by posting updates and/or changes. It is your responsibility to check the Service periodically for changes. Your continued use of the Service following the posting of any changes constitutes acceptance of those changes.
Throughout this Agreement, we may use certain words or phrases, and it is important that you understand the meaning of them. The list is not all-encompassing, and no definition should be considered binding to the point that it renders this Agreement nonsensical:
In addition to the definitions outlined in Section 2, please also use this Glossary to understand the meaning of the terms used in these User Privacy Terms.
DPM Contact Details
We use different methods to collect data from and about you including through:
We may collect certain personal information ("ID Info") from you when you sign up to our Service that can be used to identify you, such as your name, address, e-mail address, billing information, and/or other information that we deem relevant for the purpose of providing you with our Service, and any information that you provide to us voluntarily. The information we collect from you, to the extent that it is private, is disclosed only in accordance with this Agreement.
Whenever you use our Service, we may collect non-identifying information ("Non-ID Info") from you, such as your IP address, referring URL, operating system, cookie information, and Internet Service Provider. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, this information alone cannot usually be used to identify you.
When you download or access the Services via a mobile device, we may receive information about your location (based on your IP address) and your mobile device, including various unique identifiers associated with your device, hardware type, and the version of your operating system ("Mobile Info"). We and may use this information to provide you with personalized advertising and other content, including advertising and content based on your location.
We may use your information to:
Additionally, we have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
|Type of data
|Lawful basis for processing including basis of legitimate interest
|To register you as a new User
|(a) ID Info
|Performance of a contract with you
|(a) ID Info
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
|To administer and protect our business and this Service (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
(a) ID Info
(b) Non-ID Info
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
(b) Necessary to comply with a legal obligation
(c) Your consent
|To deliver relevant content to you
(a) ID Info
(b) Non-ID Info
(a) Necessary for our legitimate interests (to study how Users use our products/services, to develop them and to grow our business)
(b) Your consent
|To use data analytics to improve our website, Service, User relationships and experiences
(a) Non-ID Info
(a) Necessary for our legitimate interests (to define types of clients for our products and services, to keep our website updated and relevant and to develop our business)
(b) Your consent
Users may in some cases be able to review and edit the personal information they have provided to us by logging into their account and editing their information. Although most changes may occur immediately, information may still be stored in your web browser's cache or app's local memory. We take no responsibility for stored information in your cache, or in other devices that may store information, and disclaim all liability of such. In addition, we may, from time to time, retain residual information about you in our backup and/or database.
Cookies are small data files that are placed on your computer or other devices by websites that you visit.
We may use the Web Storage API (a.k.a, local or session storage) provided by your browser or app to cache information related to your account, including your personal data.
This Agreement does not cover cookies practices used by third-party service providers. We will do our best to maintain links to privacy policies of the third-party service providers that we use in this document.
For more information about or cookie use, please see our Cookies Policy
We may post links to third-party websites on our Service. Additionally, other materials made available through our Service may contain third-party website links or files. We do not screen third-party websites or files for privacy or security issues, and you release us from any liability for the conduct or content of these third parties.
Although you are entering into an agreement with us to disclose your information to us, we do use third-party individuals and organizations to assist us, including contractors, advertising partners, web hosting companies, and others.
Throughout the course of our provision of our Service to you, we may delegate our authority to collect, access, use, and disseminate your information. For example, our web host stores the information that you provide us, and we may hire outside contractors to perform maintenance or assist us in securing our Service.
It is therefore necessary that you grant the third parties we may use in the course of our business the same rights that you afford us under this Agreement. For this reason, you hereby agree that for every authorization which you grant to us in this Agreement, you also grant to any third party that we may hire, contract, or otherwise retain the services of for the purpose of operating, maintaining, repairing, or otherwise improving or preserving our Service or its underlying files or systems. You agree not to hold us liable for the actions of any of these third parties, even if we would normally be held vicariously liable for their actions, and that you must take legal action against them directly should they commit any tort or other actionable wrong against you.
Without limiting the generality of the foregoing, you authorize us to collect, share, store, exchange, and otherwise use your information in conjunction with the Service.
This Section 9 shall not apply to your PHI held by us which shall only be used in accordance with your consent.
At times, it may become necessary or desirable, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.
By providing information to the Service that forms the basis of communication with you, such as contact information, you waive all rights to file complaints concerning unsolicited email from us since, by providing such information, you agree to receive communication from us or anyone else covered under this Agreement. However, you may unsubscribe from certain communications by notifying us that you no longer wish to receive solicitations or information and we will endeavor to remove you from the database.
We take certain measures to enhance the security of our Service, specifically: (i) the Service is protected by multiple firewalls including AWS Web application Firewall (WAF) for secure access; (ii) WAF also functions as IDS/IPS capable of detecting and thwarting cyber-attacks such as DDoS, SQL Injection, Cross Site Scripting, etc.; (iii) the Service is protected by SSL certificates that encrypts all ingress and egress traffic; (iv) Network Security Groups (NSG) allow only the intended traffic to traverse between the servers hosting the application; and (v) periodic vulnerability assessment and penetration testing is carried out on the Service. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data: see Request erasure below for further information.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
You have the right to:
Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (i) if you want us to establish the data's accuracy; (ii) where our use of the data is unlawful but you do not want us to erase it; (iii) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide our Service to you. We will advise you if this is the case at the time you withdraw your consent.
No fee usually required so that you will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Time limit to respond to your legitimate requests will be one (1) month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you wish to exercise any of the rights set out above, please contact our DPM (see above).
We permit residents of California to use our Service. Therefore, it is our intent to comply with the California Business and Professions Code §§ 22575-22579. If you are a California resident you may request certain information regarding our disclosure of personal information to any third parties for their direct marketing purposes. Various provisions throughout this Agreement address requirements of the Californian privacy statutes. In summary, you must presume that we collect electronic information from all visitors. You may contact us at firstname.lastname@example.org with any questions.
We share your personal data within the company group. If you are located in the European Union, this will involve transferring your data outside the European Economic Area (EEA) because we are a US-based company. We ensure your personal data is protected by requiring all our group companies to follow the same rules when processing your personal data. These rules are called "binding corporate rules". Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact our DPM (see Section 3.4) if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We may amend this Agreement from time to time. When we amend this Agreement, we will post the changes here. Your continued use of our Service shall constitute your acceptance of such changes. Historic versions can be obtained by contacting our DPM.
Last Updated November 25, 2019.