Flokkr Privacy Statement
About this privacy notice
Flokkr is committed to protecting your privacy. We’ll always keep your personal information safe and will never sell it to third parties. We’ll be clear and open with you about why we collect your personal information and how we use it. Where you have choices or rights, we’ll explain them to you and respect your wishes. We hope you’ll find this privacy notice clear and simple but if you have any concerns or questions please feel free to contact us.
Who controls the data?
Flokkr Ltd (“we”, “us”, “our”) is the controller for the personal information we process in relation to the Flokkr website (flokkr.com and any sub-domains unless expressly excluded by their own privacy notice), together with its services (“Platform” or “Flokkr”). A data controller determines how and why personal data is processed.
What data we collect
The personal data we collect from you includes:
- questions, queries or feedback you leave, including your email address and any other information you provide, if you contact Flokkr;
- your email address and subscription preferences when you sign up for an account or subscribe to our email newsletter;
- data related to a payment when you initiate or complete a payment for a crowdfunding contribution or place an order, including order details, amount, delivery address (where applicable), the payment method, however we will not store credit, debit card or bank account numbers;
- if you complete a payment with a PayPal account, we store all payment confirmation data as provided by PayPal, which may include the email address and name of your PayPal account.
We use Google Analytics to collect anonymous information about how you use the Flokkr website. Google Analytics stores information about:
- the pages you visit on flokkr.com and how long you spend on each page;
- how long it takes your browser to load a page;
- how you got to the site;
- what you click on while you’re visiting the site;
- errors that occur during your visit;
- your anonymised (shortened) IP address, your estimated geographic region based on that IP address, which version of web browser you used and other anonymous information.
We do not collect or store your personal information through Google Analytics (for example your name or email address) so this information cannot be used to identify who you are.
Why we need your data
We collect information through Google Analytics to monitor how visitors of our site use it. We do this to help make sure the site is meeting the needs of its users and to improve it.
We also collect data in order to:
- allow you to access and use our services;
- collect payments;
- gather feedback to improve our services;
- respond to any feedback you send us, if you’ve asked us to;
- send email notifications to registered users;
- send email newsletters to users who requested them;
- monitor use of the site to identify security threats.
The legal basis for processing personal data in relation to site security is our legitimate interests, and the legitimate interests of our users, in ensuring the security and integrity of Flokkr.
The legal basis for processing all other personal data is that it’s necessary to perform a task in your interest.
What we do with your data
The data we collect may be shared with our technology suppliers, for example our hosting provider.
We will not:
- sell or rent your data to third parties;
- share your data with third parties for marketing purposes.
We will share your data if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.
How long we keep your data
We will only retain your personal data for as long as:
- it is needed for the purposes set out in this document;
- the law requires us to;
In case of a newsletter subscription, we will keep your email data until you unsubscribe.
You can request the deletion of your user account by contacting us. After confirmation we will deactivate your account as soon as possible. Content and personal data will finally be deleted from our servers 30 days later. This delay is to restore accounts from accidental or potentially unauthorised deletion requests or in case you change your mind.
We will delete access log data which includes personal data after 30 days.
Cancelled payment intentions will be deleted after 7 days.
Children’s privacy protection
Our services are designed and targeted at adults from the age of 18. Anyone under the age of 18 must not access or use our services. We do not intentionally collect or maintain data about anyone under the age of 18.
Where your data is processed and stored
We design, build and run our systems to make sure that your data is as safe as possible at all stages, both while it’s processed and when it’s stored.
Most data is stored and processed in the United Kingdom, but we may store and process your data also in other countries of the European Economic Area (EEA), countries which the EU has deemed to have adequate data protection laws in place, where that third party is certified on the EU-US Privacy Shield or where we have a data processing agreement in accordance with the EU General Data Protection Regulation (GDPR) in place, which stipulates the standards they must follow at all times.
For example, while we generally store your personal data centrally in the United Kingdom, we may send and receive emails or other messages through a server located in the United States, newsletters may be sent from Ireland and physical goods may be shipped from another country.
We only transfers your personal information to those third parties where we can be sure that we can protect your privacy and your rights.
How we protect your data and keep it secure
We are committed to doing all that we can to keep your data secure. We have set up systems and processes to prevent unauthorised access or disclosure of your data; for example, we protect your data using varying levels of encryption.
We also make sure that any third parties that we deal with keep all personal data they process on our behalf secure.
You have the right to request:
- information about how your personal data is processed;
- a copy of that personal data;
- that anything inaccurate in your personal data is corrected immediately.
You can also:
- raise an objection about how your personal data is processed;
- request that your personal data is erased if there is no longer a justification for it;
- ask that the processing of your personal data is restricted in certain circumstances.
If you have any of these requests, please contact us.
Links to other websites
Flokkr contains links to other websites. This privacy notice only applies to Flokkr and does not cover other websites and services that we link to.
Changes to this policy
We may modify or replace this privacy statement at any time. If we do this then the new privacy statement will be posted on our website and we will indicate the effective date at the top of the privacy statement.
If you are a registered user and we have your email address, we may occasionally notify you about changes to the privacy statement by email or, in some cases, ask you to confirm the acceptance of the latest privacy statement when you log in, even if you have already agreed to an earlier version of the privacy statement.
Where you do not agree to the changes, you must request the deletion of your account, if you have one, and stop using the Platform. Your continued use of Flokkr following any change of the privacy statement constitutes your acceptance and you will be legally bound by the new updated privacy statement.
Contact us or make a complaint if:
- have a question about anything in this privacy notice;
- think that your personal data has been misused or mishandled.
You can contact us by submitting a request at https://flokkr.com/help/contact.