Crowdfavors Privacy Policy
1. Introduction
Welcome to Crowdfavors!
The services offered on our website, www.crowdfavors.co or www.crowdfavors.net (the "Site") and on the Crowdfavors mobile application (the "App") (collectively the "Service") are owned and operated by CrowdFavors LLC ("CrowdFavors", "we", "us", "our", or the "Company"). Please read these Terms of Service (this "Agreement") and our Privacy Policy (the "Policy") carefully, as you are agreeing to be bound by both documents by using our Service.
This Agreement applies to all Users of the Service. If you do not agree with any part of this Agreement, you must not use the Service. Your continued use of the Service will constitute your acceptance of this Agreement. Any new features or tools which are added to the current Service shall also be subject to this Agreement. You can review the most recent version of this Agreement at any time here. We reserve the right to update, change, or replace any part of this Agreement by posting updates and/or changes. It is your responsibility to check the Service periodically for changes. Your continued use of the Service following the posting of any changes constitutes acceptance of those changes.
2. Definitions
Throughout this Agreement, we may use certain words or phrases, and it is important that you understand the meaning of them. The list is not all-encompassing, and no definition should be considered binding to the point that it renders this Agreement nonsensical:
- a."Agreement" means this Privacy Policy.
- b."CrowdFavors", "we", "us", or "our" refers to our company, known as "CrowdFavors LLC"; our App; our Site; our Service; or a combination of all or some of the preceding definitions, depending on the context of the word.
- c."Terms" refers to our Terms of Service, available here: Terms of Service.
- d."User" refers but is not limited to all users of the Service.
- e."You" refers to you, the person who is entering into this Agreement with CrowdFavors.
3. Glossary & Data Privacy Manager Contact
In addition to the definitions outlined in Section 2, please also use this Glossary to understand the meaning of the terms used in these User Privacy Terms.
Lawful Basis
- "Legitimate Interest" means the interest of our business in conducting and managing our business to enable us to give you the best Service and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our Legitimate Interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
- "Performance of Contract" means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- "Comply with a legal or regulatory obligation" means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Third Parties
- "Internal Third Parties" means other companies controlled by us acting as joint controllers or processors and who are based in the US.
- "External Third Parties" means (i) service providers who provide IT and system administration services; and/or (ii) professional advisers, including lawyers, bankers, auditors and insurers based in the US who provide consultancy, banking, legal, insurance and accounting services.
Controller
- "Controller" means us, CrowdFavors, who controls and is responsible for your personal data. We have appointed a data privacy manager (DPM) who is responsible for overseeing questions in relation to these User Privacy Terms. If you have any questions about these User Privacy Terms, including any requests to exercise your legal rights, please contact the DPM using the details set out below.
DPM Contact Details
- Data Privacy Manager
- Attn: Andrey Grigoryev
- CrowdFavors LLC
- Copyright Agent
- Crowdfavors LLC
- 343 Gold street, APT 914
- Brooklyn NY 11201
4. Information Collected
We use different methods to collect data from and about you including through:
- Direct interactions: You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you enquire about our products or services.
- Automated technologies or interactions: As you interact with our website, we may automatically collect Mobile Info (see below) about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
- Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources.
Identifying Information
We may collect certain personal information ("ID Info") from you when you sign up to our Service that can be used to identify you, such as your name, address, e-mail address, billing information, and/or other information that we deem relevant for the purpose of providing you with our Service, and any information that you provide to us voluntarily. The information we collect from you, to the extent that it is private, is disclosed only in accordance with this Agreement.
Non-Identifying Information
Whenever you use our Service, we may collect non-identifying information ("Non-ID Info") from you, such as your IP address, referring URL, operating system, cookie information, and Internet Service Provider. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, this information alone cannot usually be used to identify you.
Mobile
When you download or access the Services via a mobile device, we may receive information about your location (based on your IP address) and your mobile device, including various unique identifiers associated with your device, hardware type, and the version of your operating system ("Mobile Info"). We and may use this information to provide you with personalized advertising and other content, including advertising and content based on your location.
5. Use of Your Information
We may use your information to:
- Enhance or improve User experience or our Service.
- Send communications about our Service or respond to inquiries.
- Send communications and updates about the Company, including newsletters and notifications of amendments to legal documents such as this Agreement.
- Perform any other function that we believe in good faith is necessary to protect the security or proper functioning of our Service.
- As consented by you.
Additionally, we have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
| Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
| To register you as a new User | (a) ID Info | Performance of a contract with you |
| To manage our relationship with you which will include notifying you about changes to our terms or privacy policy | (a) ID Info | (a) Performance of a contract with you (b) Necessary to comply with a legal obligation |
| To administer and protect our business and this Service (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (a) ID Info (b) Non-ID Info (c) Mobile | (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) (b) Necessary to comply with a legal obligation (c) Your consent |
| To deliver relevant content to you | (a) ID Info (b) Non-ID Info (c) Mobile | (a) Necessary for our legitimate interests (to study how Users use our products/services, to develop them and to grow our business) (b) Your consent |
| To use data analytics to improve our website, Service, User relationships and experiences | (a) Non-ID Info (b) Mobile | (a) Necessary for our legitimate interests (to define types of clients for our products and services, to keep our website updated and relevant and to develop our business) (b) Your consent |
6. Accessing, Editing & Removing Your Information
Users may in some cases be able to review and edit the personal information they have provided to us by logging into their account and editing their information. Although most changes may occur immediately, information may still be stored in your web browser's cache or app's local memory. We take no responsibility for stored information in your cache, or in other devices that may store information, and disclaim all liability of such. In addition, we may, from time to time, retain residual information about you in our backup and/or database.
7. Cookies, Web Beacons, Browser Local Storage & Similar Technologies
Cookies are small data files that are placed on your computer or other devices by websites that you visit.
We may use cookies for various purposes including, but not limited to, remembering your preferences, maintaining user sessions, improving security of our services, collecting usage information, and targeting ads.
Since cookies are used to maintain user sessions, it is necessary that you enable cookies in your browser to be able to log into the Service, and you hereby acknowledge that we have informed you of our use of cookies and that you consent to our use of cookies in relation to the platform by which you are accessing our Service.
We may use the Web Storage API (a.k.a, local or session storage) provided by your browser or app to cache information related to your account, including your personal data.
We may use various third-party services that may use cookies, web beacons, and similar technologies to collect information. Such services include, but not limited to, web analytics services, advertisement services, and social media services.
This Agreement does not cover cookies practices used by third-party service providers. We will do our best to maintain links to privacy policies of the third-party service providers that we use in this document.
For more information about or cookie use, please see our Cookies Policy
8. Third-Party Websites
We may post links to third-party websites on our Service. Additionally, other materials made available through our Service may contain third-party website links or files. We do not screen third-party websites or files for privacy or security issues, and you release us from any liability for the conduct or content of these third parties.
Please be aware that this Agreement, and any other policies in place, in addition to any amendments, does not create rights enforceable by third parties or require disclosure of any personal information relating to members of the Service. We bear no responsibility for the information collected or used by any advertiser or third-party website. Please review the privacy policy and terms of service for each site you visit.
9. Third-Party Access to Your Information
Although you are entering into an agreement with us to disclose your information to us, we do use third-party individuals and organizations to assist us, including contractors, advertising partners, web hosting companies, and others.
Throughout the course of our provision of our Service to you, we may delegate our authority to collect, access, use, and disseminate your information. For example, our web host stores the information that you provide us, and we may hire outside contractors to perform maintenance or assist us in securing our Service.
It is therefore necessary that you grant the third parties we may use in the course of our business the same rights that you afford us under this Agreement. For this reason, you hereby agree that for every authorization which you grant to us in this Agreement, you also grant to any third party that we may hire, contract, or otherwise retain the services of for the purpose of operating, maintaining, repairing, or otherwise improving or preserving our Service or its underlying files or systems. You agree not to hold us liable for the actions of any of these third parties, even if we would normally be held vicariously liable for their actions, and that you must take legal action against them directly should they commit any tort or other actionable wrong against you.
Without limiting the generality of the foregoing, you authorize us to collect, share, store, exchange, and otherwise use your information in conjunction with the Service.
This Section 9 shall not apply to your PHI held by us which shall only be used in accordance with your consent.
10. Release of Your Information for Legal Purposes
At times, it may become necessary or desirable, for legal purposes, to release your information in response to a request from a government agency or a private litigant. You agree that we may disclose your information to a third party where we believe, in good faith, that it is desirable to do so for the purposes of a civil action, criminal investigation, or other legal matter. In the event that we receive a subpoena affecting your privacy, we may elect to notify you to give you an opportunity to file a motion to quash the subpoena, or we may attempt to quash it ourselves, but we are not obligated to do either. We may also proactively report you, and release your information to, third parties where we believe that it is prudent to do so for legal reasons, such as our belief that you have engaged in fraudulent activities. You release us from any damages that may arise from or relate to the release of your information to a request from law enforcement agencies or private litigants.
11. Commercial & Non-Commercial Communications
By providing information to the Service that forms the basis of communication with you, such as contact information, you waive all rights to file complaints concerning unsolicited email from us since, by providing such information, you agree to receive communication from us or anyone else covered under this Agreement. However, you may unsubscribe from certain communications by notifying us that you no longer wish to receive solicitations or information and we will endeavor to remove you from the database.
12. Security Measures
We take certain measures to enhance the security of our Service, specifically: (i) the Service is protected by multiple firewalls including AWS Web application Firewall (WAF) for secure access; (ii) WAF also functions as IDS/IPS capable of detecting and thwarting cyber-attacks such as DDoS, SQL Injection, Cross Site Scripting, etc.; (iii) the Service is protected by SSL certificates that encrypts all ingress and egress traffic; (iv) Network Security Groups (NSG) allow only the intended traffic to traverse between the servers hosting the application; and (v) periodic vulnerability assessment and penetration testing is carried out on the Service. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
13. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data: see Request erasure below for further information.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
14. Your Legal Rights
You have the right to:
Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (i) if you want us to establish the data's accuracy; (ii) where our use of the data is unlawful but you do not want us to erase it; (iii) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (iv) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide our Service to you. We will advise you if this is the case at the time you withdraw your consent.
No fee usually required so that you will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Time limit to respond to your legitimate requests will be one (1) month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you wish to exercise any of the rights set out above, please contact our DPM (see above).
15. Your California Online Privacy Rights
We permit residents of California to use our Service. Therefore, it is our intent to comply with the California Business and Professions Code §§ 22575-22579. If you are a California resident you may request certain information regarding our disclosure of personal information to any third parties for their direct marketing purposes. Various provisions throughout this Agreement address requirements of the Californian privacy statutes. In summary, you must presume that we collect electronic information from all visitors. You may contact us at info@crowdfavors.co with any questions.
16. International Transfer
We share your personal data within the company group. If you are located in the European Union, this will involve transferring your data outside the European Economic Area (EEA) because we are a US-based company. We ensure your personal data is protected by requiring all our group companies to follow the same rules when processing your personal data. These rules are called "binding corporate rules". Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact our DPM (see Section 3.4) if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
17. Amendments
We may amend this Agreement from time to time. When we amend this Agreement, we will post the changes here. Your continued use of our Service shall constitute your acceptance of such changes. Historic versions can be obtained by contacting our DPM.
Last Updated November 25, 2019.