Snappic
Privacy Policy

Updated: May 24, 2018

We at Snappic Incorporated (“we,” “us,” or “Snappic”) believe that protecting our customers’ and business partners’ privacy is crucial to our business and values. In the course of our business operations, we receive, collect, maintain, use and share personal data on customers and business partners. We are committed to protecting the privacy of individuals who visit our website (visitors) and individuals who register to use our services (customers) (collectively hereinafter “Data Subject(s)” or “User(s)”).

The purpose of this Privacy Policy is to demonstrate our robust commitment to the Data Subjects’ right to privacy and data protection. This Privacy Policy outlines how we handle information that can be used to directly or indirectly identify a Data Subject (the “Personal Data”) and describes our practices in relation to the use of our website(s) and the related applications and services offered by us (collectively, the “Services”), as well as Data Subjects’ choices regarding their rights such as use, access and rectification of Personal Data.

We act as a controller with respect to the information we process in connection with our business relationships. For example, we are the controller in relation to Data Subjects’ contact details and other commercial Personal Data. On the other hand, we may also act as a processor of Data Subjects’ Personal Data when our customer and business partners engage us to process Personal Data on their behalf, for example in connection with the provision of the Services. We may also act as a processor in certain circumstances when our customers use third party service providers in connection with our Services (e.g. Facebook). When we act as the processor, we process the data in accordance with applicable privacy laws and the data processing agreement entered into with the controller, where applicable. In such a case, please refer to the Privacy Policies of controllers for further information on the processing of Personal Data.

Unless otherwise expressly stated herein, the terms used in this Privacy Policy shall have the meaning set forth in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”).

  1. Processing of Personal Data

    We process Personal Data of Data Subjects to offer the Services, including the processing and execution of demo requests relating to the Services, and to contact and send marketing material to the visitors of our websites who submit their information in a form or otherwise with the intent to receive marketing or other information from Snappic. In this context, Personal Data may be processed for market and customer analysis, reporting and statistical purposes, marketing purposes such as customised marketing, administration notices, database management and maintenance, product suggestions and offers, interaction with external social networks or search engines, access to third party services' accounts and platforms, heat mapping and newsletters. Personal Data may be used for direct marketing, including, where applicable, by electronic means unless objected by the Data Subject.

    Further, Personal Data may be used for invoicing and to send important information to the Data Subject e.g. regarding changes of applicable fees, price list and conditions, or to contact the Data Subject and provide information customised Services according to the interests of the Data Subject.

    We processes Personal Data on the following basis:

    • for the performance of the contract between us and the Data Subject (Article 6.1(b) of the GDPR);
    • for the purposes of our legitimate interests related to the customer and business relationships between us and the Data Subjects (Article 6(f) of the GDPR);
    • to comply with legal obligations applicable to us (Article 6(c) of the GDPR, such as corporate and accounting).

    Any legitimate interests pursued by us, or third parties we use, include:

    • communicating with you about changes and revisions to our Services and Terms;
    • advertising our Services;
    • invoicing for our Services;
    • improving our Services; and
    • resolving User Issues through our ticketing system.

    We may ask for Data Subject’s consent for the processing of certain type of Personal Data (for example for a campaign). When collecting such consents, we inform the Data Subject of the respective purposes of processing and such processing is conducted only when appropriate consent is received.

    We may ask for certain Facebook permissions allowing us to perform actions with the Data Subject’s Facebook account and to retrieve information, including Personal Data, from it. This allows our Services to connect with the User's account on the Facebook social network, provided by Facebook Inc. In this context, the following permissions may be asked: About Me, Access Rights (including but not limited to Ad Account Access, Business Manager Access), App Notifications, Contact Email, Manage Advertisements, and Manage Pages. For more information about the Facebook permissions, refer to the Facebook permissions documentation and to the Facebook Data Policy.

  2. Personal Data we collect and use

    Personal Data processed by us is mainly obtained directly from the Data Subject. Provision of such Personal Data is necessary to use and purchase our Services and to accommodate European Union Data Subject’s request for information relating to our Services. We may not provide the Services to a Data Subject that refuses the processing of his/her Personal Data. We process also Personal Data accumulating from the use of our Services (including data collected under our cookie policy), and obtained from third party sources related to the Services. Personal Data may be updated and supplemented by collecting data from private and public registers.

    We collect the following Personal Data in conjunction with the Data Subject's (i) use of our Services, (ii) requests for information through our website and (iii) participation to our business events: name, phone number, e-mail address, password, store name, store url, credit card information, usage data and cookies or any other information the user can provide via form (in website). In addition, we may process various other types of Personal Data generated in connection with the Data Subject’s use of any third party services and applications as specified in the privacy policy of such third party service or application.

    The personal data we collect will be used for the following purposes:

    • To allow Users to access the Snappic Admin;
    • To further improve our Services;
    • To charge Users for their periodic use of our services as agreed by us and each client; and
    • To contact designated representatives of our Users for administrative purposes.

    We do not collect sensitive information (Personal Data of special categories). We also do not collect Personal Data for anyone under the age of 16.

  3. Disclosure of Personal Data

    For the purposes stated in this Privacy Policy, Personal Data may be disclosed, when necessary, to authorities, other companies within the same group of companies as us, companies which the group cooperates with and to other third parties, such as third party service providers used in connection with our Services and services related thereto.

    Personal Data may be transferred outside the European Union and the European Economic Area (“EU/EEA”), including but not limited to, the United States of America as well as other locations and jurisdictions in which we conduct our business. Such transfers outside the EU/EEA are performed subject to appropriate safeguards such as standard data protection clauses adopted or otherwise approved by the EU Commission in accordance with the GDPR (“Standard Data Protection Clauses”).

    The applicable Standard Data Protection Clauses are made available for review to the Data Subject upon request.

    The following third parties will receive your personal data for the following purposes as part of the processing activities:

    International Organization Purpose
    Intercom Resolve client issues.
    Amazon Web Services Provide server and database services for our application.
    Stripe Billing services.
    Chargify Billing services.
    Hellosign To securely store signed consents and credit card authorization for our services.
    Facebook Advertising services.
    Fullstory Resolve client issues.
  4. Retention Period

    We retain Data Subject’s Personal Data for 1 year from Data Subject’s latest purchase or contact with us. Personal Data may be, wholly or in part, retained for longer or shorter term if required by applicable law or if there is other justified reason to retain or delete them. In such a case, Data Subject’s Personal Data shall be erased with no further delay after there is no longer any need for such a retention.

    We evaluate the necessity and accuracy of the Personal Data on a regular basis.

  5. European Union Data Subjects’ Rights

    If you are a European Union customer, you have additional rights. European Union customers have a right to request from us:

    • access to and rectification or erasure of Data Subject’s Personal Data;
    • for restriction of processing concerning the Data Subject or to object to processing;
    • to receive, under certain preconditions, Data Subject’s Personal Data in a structured, commonly used and machine-readable format and to transmit those data to another controller;
    • objection of certain types of processing such as direct marketing;
    • objection to automated processing, including profiling -- you also have the right to be subject to the legal effects of automated processing or profiling

    Data Subject may exercise the aforementioned rights by sending a written request to us. Where the processing is based on consent, Data Subject has a right to withdraw such consent at any time. Please note that withdrawal of consent will not affect the lawfulness of processing based on previous consent.

    In case the European Union Data Subject considers that its rights under the data protection laws are infringed, the Data Subject may lodge a complaint with the supervisory authority of the Data Subject’s residence in the EU.

  6. Security Safeguards

    Securing the integrity and confidentiality of Personal Data. We have taken adequate technical and organizational measures in order to keep Personal Data safe and to secure it against unauthorized access, loss, misuse or alteration by third parties, such as encryption, access controls, firefalls. Nevertheless, considering the cyber threats in modern day online environment, we cannot 100% guarantee that our security measures will prevent illegally and maliciously operating third parties from obtaining access to Personal Data and the absolute security of that information during its transmission or its storage on our systems.

  7. Other

    We may make changes to this Privacy Policy at any time. It is highly recommended that Data Subjects check this Privacy Policy and the website every now and then, referring to the date of the last modification listed at the top of this page. If a Data Subject objects to any of the changes to this Privacy Policy, the Data Subject should cease using the Services, where applicable, and can request that we remove the Personal Data, unless applicable laws require storage of the Personal Data. Unless stated otherwise, the then-current Privacy Policy applies to all Personal Data we have about Data Subjects.

  8. Contact information

    All contacts and inquiries related to this Privacy Policy should be addressed to support@snappic.io.

  9. Subject Access Request

    If you are a European Union customer, you may request access to Data Subject's Personal Data by filling out this Subject Access Request (PDF) and email it to support@snappic.io.

    Privacy Statement FAQs

    Will Snappic share my personal data with anyone else?

    We may pass your personal data on to third-party service providers contracted to us in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on our behalf. When they no longer need your data to fulfill this service, they will dispose of the details in line with our procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.