Nutzungsbedingungen
Policy Summary
In order to provide you with goods and services and protect ourselves and others from malicious activity, DesignCrowd collects personal data from the users of its sites. This information includes information our users give to us, information we collect as you use our sites as well as some information that is supplemented from third parties. DesignCrowd has implemented a number of measures to ensure your personal data remains safe when stored by us and when being transferred. You may access your personal data, request a change or correction or request your data be deleted by contacting us via the channels described below. All requests will be facilitated to the amount reasonable and possible without breaching our data retention obligations. You can opt out of our direct marketing at any time by following the unsubscribe link from any of our marketing emails.
1 Introduction
DesignCrowd Pty Ltd ACN 127 272 315, and its related entities and brands, including BrandCrowd, ("DesignCrowd", "we", "us", "our") takes your privacy seriously. We are subject to the Privacy Act 1988 (Cth) and will protect your personal data in accordance with the Australian Privacy Principles ("APPs"). The APPs govern how we collect and otherwise handle your personal data. There are also international standards relating to personal data processing and use, such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), to which DesignCrowd adheres. Where DesignCrowd is referenced either by name or by "we", "us", "our" in this policy it is intended to be inclusive of both DesignCrowd and BrandCrowd. This Privacy Policy explains in general terms how we protect the privacy of your personal data and applies to any personal data that we collect from, or about, you. It should be read along with all other DesignCrowd terms of services found here.
2 The Information We Collect and Hold
Personal data is any information that could directly or indirectly identify you. Under the GDPR, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Information you provide
You may provide us with personal data when you:
· (a) create an account with DesignCrowd; or
· (b) edit or add to personal data attached to your account details after your account has been created; or
· (c) indirectly create an account with DesignCrowd via one our partners; or
· (d) request or purchase goods or services from us; or
· (e) contact us by any method, such as telephone, email, post, facsimile or in person; or
· (f) correspond via our site, either with one of our staff or with another site user
Personal data you provide that we store may include, but not be limited to; your email address, your name, your country, your address, other contact details, your business name, your Designer profile picture and description, the last four digits of your credit card and your credit card expiry date. There may be additional information deemed personal data provided by you in briefs, on blogs or in comments or in interactions with other site users or otherwise while using our site, which is stored in our databases. This data may be monitored by us for trouble-shooting or maintenance purposes or if any form of abuse is suspected.
Information we collect
DesignCrowd will collect your Internet Protocol (IP) address in order to perform certain fraud checks as well as ensuring you are served the correct tax information while using our site. Your IP address helps us identify the relevant tax jurisdiction. Technologies such as “cookies” are used to allow the website to function, to collect useful information about visitors and to help make your user experience better. Cookies enable us to monitor traffic patterns and to serve you more efficiently if you revisit the site. A cookie does not identify you personally, but it does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject each instance. We may allow some of our marketing or technology partners to utilise cookies on our website to collect non-personally identifying data to assist them, or DesignCrowd, in delivering services to you. We also collect information about your usage of the site when you are logged in. This will include which pages you visit, products or services that are ordered, payments that are made etc. This activity data is stored in our databases.
Additional information provided by third parties
DesignCrowd does receive some information from third parties, which is appended to the supplied and collected data. In order to use IP addresses effectively for fraud prevention purposes, location and other data related to the users IP address is received and stored. Further, in order to gain an additional data point for fraud checks as well as ensuring our marketing and customer service interactions are well received by our Clients, we use third parties to append names to email addresses. This allows us to match names for fraud and deliver appropriately addressed correspondence. When payments are processed by our payment processors, some information is provided back to DesignCrowd including a payment transaction reference number and any information relating to chargebacks and disputes. This information is critical to DesignCrowd being able to accurately record all financial data and deal with Client queries and disputes.
3 Data Security
We take reasonable steps to protect the personal data we hold from misuse, interference or loss, and from unauthorised access, modification and disclosure. The steps we take to protect personal data include:
· (a) encrypting information sent between you and us using Secure Sockets Layer protocol (SSL) and 128-bit encryption (the highest level of encryption commercially available). DesignCrowd's SSL certification is supplied by DigiCert (a US-based SSL Certificate Authority);
· (b) outsourcing transaction processing to reputable, secure, Payment Card Industry (PCI) compliant payment gateway providers (such as PayPal, Stripe, Skrill (Paysafe) and Payoneer). DesignCrowd does not store or handle complete credit card data. We only store the last four digits and expiry date;
· (c) utilising a fully secured technology stack on Amazon Web Services technologies. DesignCrowd's databases are only accessible to certain IP addresses, locations and servers. In addition, DesignCrowd has implemented parts of the SANS security guidelines for securing its database servers;
· (d) limiting access to users' personal data through secure login to the DesignCrowd website.
Any breach of personal data will be promptly notified to our users and to authorities where relevant.
4 Data Storage and Transfer
DesignCrowd stores your personal data on servers located in numerous countries including the United States and Australia. When you visit our site you are agreeing to the transfer of data from the country you are in to DesignCrowd’s sites across the world including the United States and Australia.
5 Use of Your Personal Data
Personal data and information collected by us may be used for the following purposes:
· (a) to create an account for you on DesignCrowd;
· (b) to process your requests for goods or services;
· (c) to notify you about Projects, designs, files, messages from other users, deadlines and payments:
· (d) to notify you of changes to our goods or services;
· (e) to send email or SMS notifications for special promotions or offers conducted by us, our suppliers or distributors;
· (f) to conduct marketing activities and to conduct market research;
· (g) to respond to your questions or suggestions, including reviewing or auditing data when interacting with a customer;
· (h) to protect the security and integrity of the marketplace for all users and prevent fraudulent use of our services, including detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity;
· (i) to improve the quality of our goods or service and the quality of your visit to the website;
· (j) to diagnose problems with our sites and services, including debugging errors that impair functionality;
· (k) to provide informational materials to our communities, such as e-newsletters;
· (l) for data analytics, particularly supporting the purposes described above;
· (m) general performing of services such as maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, or providing similar services;
· (n) undertaking activities to verify or maintain the quality or safety of, or upgrade or enhance the DesignCrowd service
With regard to the list of uses above, where there is no legal or contractual need for using your personal data, it has been determined that they are legitimate interests pursued by DesignCrowd. Please note; to stop receiving our marketing emails, please click on the link found at the bottom of each marketing email to update your account preferences.
6 Disclosing Your Personal Data
We do not sell or rent your personal data to any other company, organisation or person. We may disclose your personal data to:
· (a) third party Designers or Clients in connection with any works (including without limitation artwork and designs) created or requested by you (as applicable) as part of the DesignCrowd Service pursuant to separate terms and conditions entered into between you and us;
· (b) third parties that provide services to us, or functions on our behalf. DesignCrowd uses third parties to provide various services that may involve storing or processing your personal data. These services include; data storage, payment processing, email distribution, email validation, SMS distribution, IP lookup, data enrichment and customer and relationship management systems;
· (c) related companies in our corporate group and business partners for the purpose of providing services which have been requested by you;
· (d) information technology service providers responsible for our communication networks, software and system development and maintenance.
In these situations, we prohibit the third-party from using personal data about you except for the specific purpose for which we supply it. In addition, we will not disclose your personal data without your consent unless legally required to do so, including but not limited to:
· (a) lessening or preventing a serious threat to life or health;
· (b) protecting the personal safety of users of this website or the public;
· (c) if we have reason to suspect that unlawful activity has been, is being or may be engaged in;
· (d) to enforce the law or necessary to investigate a suspected unlawful activity;
· (e) to exercise or defend legal claims; or
·
(ef)
otherwise if authorised or required by law;
In some circumstances, the entities to which we disclose personal data may be located outside Australia. For instance, we may disclose personal data to our wholly owned subsidiary DesignCrowd LLC, which is located in the United States.
7 Access and Correction of Your Personal Data
The easiest way to access most of your personal data is via your DesignCrowd account. We will, on request, provide you with access to the personal data we hold about you, unless there is an exception which applies under the APPs. If we refuse to provide you with access to the information, we will provide you with reasons for the refusal. You may request updates to your personal data, which we will endeavour to accommodate in ways that do not breach our legal record keeping requirements. The easiest and quickest way to add, edit or update most of your personal data is to log into your DesignCrowd account and make the changes yourself. If you wish to request a copy of your personal data, make edits to your personal data or request your personal data be deleted, please email your request to dataprotection@designcrowd.com. All requests via this channel will be responded to or actioned within one month of receipt. DesignCrowd will not discriminate against any customer who makes a request under the CCPA. DesignCrowd does not sell personal data so we do not currently provide a self-service option to opt-out of selling personal information. If DesignCrowd were ever to sell personal information we will notify existing customers and offer this functionality on-site. Please note; you may opt out of direct marketing at any time by using the unsubscribe link at the foot of all DesignCrowd marketing emails.
8 Change of Control
In future, DesignCrowd may sell, divest or otherwise change ownership of all or part of its business. The data collected and stored by DesignCrowd could be a part of the assets involved in that change of control. If any future change of ownership is likely to have a material impact on you, with regard to your personal data, then you will be notified of the impending change via email and/or a prominent notice on our site.
9 Changes to this Privacy Policy
We may modify or amend this Privacy Policy as our business requirements or the law changes. Any changes to this Privacy Policy will be updated on the website and become effective when published, so please visit the website periodically to ensure that you have our most current privacy policy.
10 Contact Details
If you have any questions about our Privacy Policy, have a complaint about a breach of your privacy or if you have any query on how your personal data is collected or used, please email your request to dataprotection@designcrowd.com. If you wish to request a copy of your personal data, make edits to your personal data or request your personal data be deleted, please email your request to dataprotection@designcrowd.com. All requests via this channel will be responded to or actioned within one month of receipt. We are not required to have a Data Protection Officer so any enquiries about our use of your personal data should be sent to the email address provided above. If you wish to make a complaint about an alleged breach of the Privacy Act or other privacy regulations and legislation, we will ask you to send us your complaint in writing to either of the email address provided above. We will respond to complaints within a reasonable period (usually 30 days). If you are not satisfied with our response, you may make a complaint to the Office of the Australian Information Commissioner by phoning 1300 363 992 or by email at enquiries@oaic.gov.au