Last Updated Date: [January 13th2020]
Residents of the European Economic Area (“EEA”), which includes the member states of the European Union (“EU”), should consult the sections of this policy relating to the “Rights of EEA Residents” and “International Data Transfers” for provisions that may apply to them.
California residents should consult the section titled “Your California Privacy Rights” for rights that apply to them.
Subscription fees for StoryPlace Studio are processed by Stripe. Your data is stored through Stripe securely.
For further information about Stripe please see their privacy statement https://stripe.com/privacy.
Personal Information That We Collect and How We Use It
StoryPlace collects Personal Information about you when you use our Services. “Personal Information” is information that may be used to directly or indirectly identify you, including your name, Pen Name, e-mail address, physical address, phone number or other information about you. The majority of such Personal Information is collected when you register to use our applications, website or StoryPlace Studio, use our Services, including subscribing, request information or updates or otherwise provide us with your contact information. You may also add details to your profile, such as a profile photo, biographical information and other Personal Information. Some of this Personal Information will be required if you wish to partake in the Services that we provide, including using the application or StoryPlace Studio.
In general, the type of Personal Information we collect includes, but is not limited to:
We and our e-commerce provider use that data to: (i) enable you to log in to use the Services; (ii) allow you to subscribe to our Services; (iii) guard against potential fraud; (iv) contact you if there is a problem with your account; (v) provide answers to your inquiries or questions; and (vi) maintain regular communication with you as may be necessary to inform you of offers, updates and other information regarding StoryPlace and our Services.
Non-Identifiable Data and Aggregated Personal Information
StoryPlace or our service providers, including FireBase, Google Analytics and Apple Develop App Analytics, may also collect web surfing data related to your use of our website. Such information may include: your Internet Protocol (IP) address, browser type, and internet service provider (ISP); your operating system; which of our web pages you access and how frequently you access them; referral or exit pages; click stream data; and the dates and times that you visit the websites. This data may be collected using cookies, web beacons, page tags or similar tools. As with cookies, the web surfing information is anonymous, "click stream" transactional data that is not associated with any users as individuals.
Web surfing data and similar information may be aggregated or anonymized for administrative purposes. StoryPlace may, for example, use this aggregated information in the administration of our website to improve its usability and to evaluate the success of particular marketing and advertising campaigns, search engine optimization strategies, and other marketing activities. We also use it to help optimize the website based on the needs of our users.
How and When Your Information Is Shared With Other Parties
StoryPlace does not sell, trade or license Personal Information about its users for marketing purposes. We do, however, work with a number of trusted partners who perform vital functions as part of our operations, including processing payments for subscriptions. We do not share your Personal Information unless it is necessary to fulfill our responsibilities, including providing information or Services.
Additional Sharing of Information
We may engage third parties to help us carry out certain other internal functions such as subscription processing, client services, or other data collection relevant to our business. Personal Information is shared with these third parties only to the extent necessary for us to process the transactions you initiate or perform other specific services. Our partners are legally required to keep your Personal Information private and secure.
We may share your Personal Information with law enforcement or other government agencies as required by law or for the purposes of limiting fraud. We reserve the right to disclose your Personal Information when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order or legal process. We further reserve the right to disclose any of your Personal Information that we believe, in good faith, appropriate or necessary to take precautions against liability, to investigate and defend against any third-party claims or allegations, to assist government enforcement agencies, to protect the security or integrity of the Site or our services, or to protect the rights, property or personal safety of StoryPlace, its users, issuers, or others.
We will not share your Personal Information if such sharing is prohibited by applicable privacy and data protection law, including, without limitation, the EEA’s General Data Protection Regulation effective May 25, 2018.
From May 25, 2018, all processing of Personal Information of EEA Residents is performed by StoryPlace in accordance with the General Data Protection Regulation (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Information and on the free movement of such data (“GDPR”).
Under the GDPR, StoryPlace is both the controller and a co-processor of the Personal Information of EEA Residents. StoryPlace’s purpose for collecting and processing Personal Information from EEA Residents is to authenticate subscription to our mailing lists and our Services. The legal basis for collecting Personal Information for subscribing to our e-mail lists and Services is your consent, including during the subscription process. You may withdraw consent for obtaining such communications by following the “Unsubscribe” instructions on any communication or by contacting us at email@example.com.
We use Stripe to process subscriptions, including for EEA Residents.
EEA Residents may obtain information about the Personal Information that StoryPlace holds about them by contacting StoryPlace at firstname.lastname@example.org.
International Data Transfers
If you are resident outside the United States, including in the EEA, we transfer Personal Information provided by you for processing in the United States. Under the GDPR, StoryPlace is considered a “controller” and a “co-processor” of the Personal Information of EEA Residents. By providing Personal Information to StoryPlace for the purpose of obtaining Services, you consent to the processing of such data in the United States. The transfer of your Personal Information to the United States is necessary for the performance of a contract between you and StoryPlace for obtaining Services.
Please note that the United States does not have data protection laws equivalent to those in the EEA and other jurisdictions.
Notifications and Communications from Our Site
Communications Regarding Our Services
We will send you email notifications and free newsletters from time to time with offers, suggestions and other information. Some notifications are communications relating to us and our Services. You may “opt-out” from receiving such communications by following the “Unsubscribe” instructions provided in the e-mail.
Legal or Security Communications
Account and Order Communications
If you subscribe to our Services, we may send you communications regarding such Services. We may also send communications providing customer support or responses to questions regarding the operation of the Services. Generally, you may not opt out of such emails.
Deleting Your Information
If you want us to delete your Personal Information and your account, please contact us at email@example.com with your request. We will take steps to delete your information as soon as we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.
Accessing Your Personal Information
Registered users of our Services can access their profile information in their settings and update such information.
Personal Information Retention
Links to Other Sites
Privacy in Submitted Materials and User Content
We take commercially reasonable steps to protect our customers’ Personal Information against unauthorized disclosure or loss. However, no data transmission over the Internet can be guaranteed to be 100% secure. Therefore, while we strive to protect user information we cannot ensure or warrant the security of any information you transmit to us or from the Site. You engage in such transmissions at your risk.
If you believe your Personal Information is being improperly used by us or any third party, please immediately notify us via email at firstname.lastname@example.org.
Children Under 13
This Site is restricted to the use of individuals at least 16 years old and of legal age to form a binding contract in their place of residence. No portion of the Site is directed to children under the age of 13. Consequently, we do not knowingly collect personal identifying information from any person we know is a child under the age of 13. If we learn that we have collected personal information from a child under age 13 we will delete that information as quickly as possible. If you are a parent or guardian of a child under 13 years of age and you believe your child has provided us with Personal Information, please contact us at email@example.com.
Your California Privacy Rights
The following section pertains to the rights of individuals or households in California (“California consumers”).
Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California consumer, a business may be required to provide detailed information regarding how that business has shared that customer’s Personal Information with third parties for direct marking purposes. However, the foregoing does not apply to businesses like ours that do not disclose Personal Information to third parties for direct marketing purposes without prior approval or give customers a free mechanism to opt out of having their Personal Information disclosed to third parties for their direct marketing purposes.
As of January 1, 2020, the CCPA (California Civil Code Section 1798.100 et seq.) will provide California consumers with additional rights regarding Personal Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. The categories of Personal Information we collect are generally described above but differ for individual consumers depending on the Services used by such consumers.
Under the CCPA, qualifying California consumers may have the following rights:
Right to Know and Right to Delete.
A California consumer has the right to request that we disclose what Personal Information we collect, use, disclose and sell. A California consumer also has the right to submit requests to delete Personal Information.
When we receive a request to know or delete from a California consumer, we will confirm receipt of the request within 10 days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.
Right for Disclosure of Information.
A California consumer may also submit requests that we disclose specific types or categories of Personal Information that we collect.
Under certain circumstances, we will not provide such information, including where the disclosure creates a substantial, articulable and unreasonable risk to the security of that Personal Information, customers’ account with us, or the security of our systems or networks. We also will not disclose California consumers’ social security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, or account passwords and security questions and answers.
If you are a California consumer and would like to make any requests under the CCPA, please direct them as follows:
StoryPlace, Inc., attention: StoryPlace HQ, Privacy Compliance
407 N Maple Dr.
Beverly Hills, CA 90210
If we receive any request we will use a two-step process for online requests where the California consumer must first, clearly submit the request and then second, separately confirm the request. We will use other appropriate measures to verify requests received by mail or telephone.
In submitting a request, a California consumer must provide sufficient information to identify the consumer, such as name, e-mail address, home or work address, or other such information that is on record with us so that we can match such information to the Personal Information that we maintain. Do not provide social security numbers, driver’s license numbers, account numbers, credit or debit card numbers, medical information or health information with requests. If requests are unclear or submitted through means other than outline above, we will provide the California consumer with specific directions on how to submit the request or remedy any deficiencies. If we cannot verify the identity of the requestor, we may deny the request.
Although some browsers currently offer a “do not track (‘DNT’) option,” no common industry standard for DNT exists. We therefore do not currently commit to responding to browsers’ DNT signals.
Your Rights and Obligations
We ask that you keep the Personal Information that you provide to us current and that you correct any information you have provided us by contacting us at firstname.lastname@example.org. You represent and warrant that all Personal Information you provide us is true and correct and relates to you and not to any other person.
If you are a resident of the EEA and wish to access or correct the Personal Information that StoryPlace has about you or have any questions relating to the processing of your Personal Information, please contact us at email@example.com with the subject line “GDPR Data.”
If you use the Site, you are responsible for maintaining the confidentiality of your account and for restricting access to your computer or device, and you agree to accept responsibility for all activities that occur under your account.