PRIVACY POLICY

Thank you for your interest in the Redbubble marketplace www.redbubble.com (hereinafter “Marketplace”). We respect your privacy and will collect and process your Personal Data (as defined in Section 2 of this Policy) in compliance with the applicable legal requirements at all times. We will never rent or sell your Personal Data for marketing or other purposes.

This privacy policy (“Policy”) explains how we collect, use, and share information from users of our Marketplace and the Redbubble website and apps, (referred to herein as the “Website”). If you are located in the European Economic Area (“EEA”), this policy informs you of your choices and our practices in relation to your Personal Data. If you are a California Resident, our California Resident Privacy Notice contained in Section 10 of this Policy provides more information about your California privacy rights and explains how you can exercise those rights.

1. CONTACT INFORMATION AND DETAILS FOR DATA CONTROLLER, DATA PROTECTION OFFICER AND REPRESENTATIVE IN THE EUROPEAN UNION (EU)

1.1 The data controllers within the meaning of the European General Data Protection Regulation (GDPR) are Redbubble Inc., 111 Sutter St., 17th Floor, San Francisco, CA 94104, USA, and Redbubble Ltd., Level 3, 271 Collins St., Melbourne, Victoria 3000, Australia; phone +49 (0) 30 5683 7185, e-mail privacy@redbubble.com .

1.2 Our data protection officer can be contacted under Data Protection Officer, Redbubble Ltd., Level 3, 271 Collins St., Melbourne, Victoria 3000, Australia, e-mail dpo@redbubble.com.

1.3 Our representative in the European Union (EU) is Redbubble Europe GmbH at EnergieForum Berlin, Stralauer Pl. 33-34, 10243 Berlin, Germany, email privacy@redbubble.com.

2. WHAT IS PERSONAL DATA

For the purposes of this Policy, “Personal Data” means information relating to an identified or identifiable individual. This includes Personal Data collected and processed by us when you access our Website and the services related to it. Personal data does not include information of a general nature that does not identify you; for example, the number of users of the Marketplace.

3. WHAT TYPES OF PERSONAL DATA WE COLLECT

3.1 WEB SERVER PROTOCOLS (INCLUDING IP ADDRESS)

(a) When you visit and use the Website, our web server automatically collects your IP address, the date and time of your visit to the Website, the sites visited on the Marketplace, the referrer website, your browser type, your operating system, the domain name and the address of your internet access provider, to help us understand how you use our Website and to help us improve it.

(b) We and our third-party partners collect Personal Data using cookies, pixel tags, or similar technologies. Our third-party partners, such as analytics and advertising partners, may use these technologies to collect information about your online activities over time and across different services. We may use both session cookies (which are deleted from your device after you leave the Website) and persistent cookies (which remain on your device for longer or until you delete it manually). A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Website.

Please review your web browser’s “Help” file to learn the proper way to modify your cookie settings. Please note that if you delete or choose not to accept cookies from the Website, you may not be able to utilize the features of the Website to their fullest potential.

3.2 PERSONAL DATA SUBMITTED BY YOU

(a) We collect Personal Data that you provide to us on a voluntary basis to provide, operate and manage the Marketplace as well as to provide our services in accordance with our user agreement (redbubble.com/agreement).

  • For example, we collect (a) your user name and e-mail address when you create an user account and register for the Marketplace; (b) your name, delivery address, phone number, e-mail address, bank respectively payment information when you order a product via the Marketplace; (c) your name, address, phone number, e-mail address, bank account details and tax status respectively tax file number when you sell products via the Marketplace; and (d) your e-mail address when you complete a form or send us an e-mail. When we collect your Personal Data, we inform you whether the designation of certain Personal Data is compulsory or optional and of the possible consequences that arise in case of the absence of a designation.
  • In addition, we collect the data which you have provided to us through the visit and use of the Marketplace as well as our services, e.g. your purchases and sales history, favorited and earmarked items on the Marketplace, your movement and actions taken on the Marketplace as well as the content and details of messages send or received via our BubbleMail service. Provided that you log in via a social media single sign-on we collect your Personal Data from the respective social media platform which you have made publically available.

(b) We collect your e-mail address when you register for our newsletter and promotional messages. If we send you promotional messages, we may track whether you open them to learn how to deliver a better customer experience and improve our Website.

(c) When you make a purchase through our Website, your credit card information, billing information, and any other financial information necessary to complete your purchase (“Payment Information”) is processed by our third-party payment processor, and we do not collect, store, or process your Payment Information. For more information, please see Section 4.2 below.

4. HOW WE PROCESS YOUR PERSONAL DATA

4.1 We process your Personal Data in order to provide and operate the Marketplace and render our services to you in accordance with our user agreement (redbubble.com/agreement). Specifically, we may use your Personal Data to: (a) facilitate and coordinate sales and purchases via the Marketplace; (b) attempt to provide you with a smoothly and accurately functioning Website by monitoring and maintaining its performance; and (c) enable and process your communication with our support service in case of queries via e-mail, web forum, or phone.

This processing is necessary for the performance of our contract.

With respect to your communication with other users via our message boards, chatrooms or other interactive online forums as set out under item 4.1 above please be aware that if you post a comment on a message board or in a chatroom, this information will be made available to the public in an online environment. Each user is solely responsible for its posted comments. If you choose to use any such interactive area, please be aware that this environment and all Personal Data posted there is publicly accessible. We cannot control how other visitors of the Marketplace will use this information. In particular, we are unable to prevent you from receiving unsolicited messages from third parties.

4.2 When you make a purchase through our Website, your payment is processed by a third-party payment processor (“Payment Processor”). This Payment Processor may collect Personal Data from you, including your name, email address, billing address, and Payment Information in connection with your payment. The use of your Personal Data by the Payment Processor is governed by the Payment Processor’s terms and conditions and privacy policy, and Personal Data we receive about you from our Payment Processor is governed by this Policy.

This processing is necessary for the performance of our contract.

4.3 Further we may process your Personal Data for the purpose of preventing fraud on the Marketplace.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests in this context are the protection of the integrity of the Marketplace, our services, our system as well as our users.

4.4 We process your Personal Data (a) to provide you with an optimal and meaningful user experience on the Marketplace and within our services; and (b) to improve and optimize the Marketplace and our services, the layout and content of the Marketplace.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests are to provide an optimal and meaningful user experience on the Marketplace which fulfils your expectations and needs as well as our commercial interests.

4.5 Provided that you have given us your consent, we will further use the Personal Data collected for the provision and optimisation of our marketing measures via e-mail, in particular, the provision of our newsletter and other promotional messages on Redbubble events, services, products and/or special offers. You may withdraw your consent at any time with future effect.

You may, at any time, opt out from receiving such communications by following the instructions included in each e-mail or contacting Redbubble customer service e.g. by sending us an e-mail to the contact details set out under item 1 above or by visiting the Redbubble Help Centre at https://help.redbubble.com/hc (which can also be reached by clicking “Help” on the bottom of the homepage of the Marketplace). If you have consented to it, we will also use your e-mail address to send you useful information about using the Redbubble services from time to time. You may at any time opt out from such use by deactivating the receipt of specific kinds of messages in your user account settings.

This processing is based on consent given by you.

4.6 Further, we may process your web server information (cf. item 3.1 above) in cooperation with your internet service provider and/or local authorities in cases of a system misuse in order to investigate and identify the originator of such system misuse.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests in this context are the protection of the integrity of the Marketplace, our services, our system as well as our users.

4.7 For other purposes for which we process Personal Data, we provide specific notice at the time such Personal Data is collected.

5. TRANSFER OF PERSONAL DATA

Your Personal Data is important and helpful for us to provide and optimize our services and the Marketplace. We do not share Personal Data with any third party, unless this (a) is necessary to fulfil our services and/or the provision of the Marketplace; (b) is permitted by applicable law; or (c) has been agreed by you. We share Personal Data with third parties as described below:

5.1 To properly render our services - for example for facilitating sales and purchases made between users via the Marketplace, we will to share your name, delivery address and phone number on behalf of the selling user with third-party service providers (e.g. fulfillers for manufacturing, printing, logistics or processing services).

This processing is necessary for the performance of our contract.

5.2 In case third-parties address Redbubble with the allegation that content submitted by you onto the Marketplace infringes applicable law, intellectual property rights of the third party (including without limitation, copyrights and ancillary copyrights, patents, trademarks, company symbols, work titles, or designs) or any other rights of the third party (including without limitation, the general right of privacy and the right of one’s own image), we are entitled pursuant to our user agreement (cf. under https://www.redbubble.com/agreement) to provide the third party with your name, address and/or information relating to the content which has been objected, in order to enable the third party to claim such rights vis-à-vis you directly.

This processing is necessary for the performance of our contract.

5.3 We may outsource the processing of Personal Data (completely or partially) to third-party service providers acting on our behalf as data processors in accordance with of Art. 28 GDPR. When such third-party service providers are located outside of the European Union (EU) or the European Economic Area (EEA), we will establish appropriate safeguards in accordance with the requirements set by law and data protection authorities to ensure that your Personal Data is duly protected.

In particular, we use external service providers to provide and operate the Marketplace and our respective services:

  • To host the Website and to store its back-end database.
  • To enable and provide communication via live chat.
  • To enable and provide the technical basis for user product reviews.
  • To detect, identify and prevent fraudulent use of the Marketplace.
  • To monitor the performance of the Marketplace as well as to detect and solve issues and errors on the Marketplace.
  • To provide customer relationship management, in particular, customer and product support services for the Marketplace as well as the identification and resolve of customer support issues via live chat, e-mail, web forum, social media or phone.
  • To provide data reporting and enable analysis for our internal business purposes.
  • To optimize the typography on the Marketplace.
  • To organize and manage internal business goals effectively and efficiently.
  • To optimize and enhance our budgeting, corporate performance, analysis and reporting.
  • To provide payment services for our users.
  • To provide marketing and marketing optimization services.

5.4 We use analytics services such as Google Analytics to collect and process certain analytics data. These services may also collect information about your use of other websites, apps, and online resources. You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/.

5.5 We work with third-party advertising partners to show you ads that we think may interest you. Some of our advertising partners are members of the Network Advertising Initiative or the Digital Advertising Alliance. If you do not wish to receive personalized ads, please visit their opt-out pages to learn about how you may opt out of receiving web-based personalized ads from member companies. You can access any settings offered by your mobile operating system to limit ad tracking, or you can install the AppChoices mobile app to learn more about how you may opt out of personalized ads in mobile apps.

5.6 We may access, preserve, and disclose your Personal Data if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety. For the avoidance of doubt, the disclosure of your Personal Data may occur if you post any objectionable content on or through the Website.

5.7 We do not rent, sell, or share Personal Data about you with non-affiliated companies for their direct marketing purposes unless we have your permission.

5.8 We may share Personal Data we receive with our affiliates for any purposes described in this Policy.

5.9 We may transfer your Personal Data to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.

6. INTERNATIONAL DATA TRANSFERS

The Website is hosted in the United States. If you choose to use the Website from regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Data outside of those regions to the United States for storage and processing, which does not have the same data protection laws as your jurisdiction. When we transfer your Personal Data to the United States, we take steps to comply with applicable data protection law, in particular legal requirements regarding adequate protection for data transfers (e.g. Standard Contractual Clauses). Also, we may transfer your Personal Data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services. You can obtain a copy of the data transfer mechanisms we use by contacting us below.

7. HOW WE KEEP PERSONAL DATA SECURE

We make reasonable efforts to protect your Personal Data by using physical and electronic safeguards designed to improve the security of the Personal Data we maintain. However, as no electronic transmission or storage of Personal Data can be entirely secure, we can make no guarantees as to the security or privacy of your Personal Data. Your payments are handled over an encrypted connection or via a secure third-party Payment Processor. Access to Personal Data on our databases is subject to reasonable technical safeguards and is restricted to authorized staff on a strict need-to-know basis. Further, we require our external service providers with access to Personal Data to sign data processing agreements (Art. 28 GDPR) that require them to take the necessary and reasonable steps to protect the Personal Data provided to them.

8. STORAGE TIME

We will only store your Personal Data as long as necessary to fulfil the purposes for which they were collected or – where the law provides for longer retention periods – for the duration of the retention period required by law. When determining the specific retention period, we take into account various criteria, such as the type of service provided to you, the nature and length of our relationship with you, and mandatory retention periods provided by law and the statute of limitations. After that your Personal Data will be deleted.

9. WEB ANALYSES SERVICES, COOKIES AND OTHER TECHNOLOGIES

9.1 We want to provide you with an optimal and meaningful user experience. Therefore, we use cookies and other technologies on the Website and within our services (a) in order to better understand how our users use the Website and our services; (b) for the optimization of the Website and our services; (c) in order to provide and maintain, to the extent possible and reasonable, a smoothly and accurately functioning Website; as well as (d) for marketing purposes and market research.

Cookies and other technologies help us in many ways to make your visit of the Website more enjoyable and meaningful.

Cookies are text information files that our web server sends to and places on your computer when you visit the Website. Most browsers accept cookies automatically, but can be configured in their settings not to accept cookies or to indicate when a cookie is being sent. For more information please check the help menu of your browser. Some or all of our cookies may be disabled or deleted later. You can either disable our cookies via the browser settings or via the opt-out possibilities as set out in the table under item 8.3 below. Please note that you do not have to accept our cookies in order to use the Website. However, if you opt out of the cookie function, some areas and functions of the Website may be disabled.

9.2 We use the following types of cookies on the Website for the following purposes:

(a) Technical cookies

Cookies that allow the navigation through the Website and the use of different options or services that exist in it, such as allowing the communication of data, identifying your user account, accessing restricted access Website areas, storing products from orders, completing the purchase process of an order or storing content for the broadcast of videos and sound and share content.

This processing is necessary for the performance of our contract.

(b) Customization cookies

Cookies that allow the access to the Website with some general predetermined characteristics according to several criteria out of the user’s device, such as the language, the web browser, the regional settings etc.

This processing is necessary for the performance of our contract.

(c) Advertising cookies

Cookies that allow Redbubble to analyse and manage the information related to the advertisements displayed to each user on the Website. Those cookies allow to manage, in the most efficient way, the advertising spaces of the Website pursuant to different information such as the edited content or the frequency in which such advertisements are displayed.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests are to provide a user-friendly and meaningful Website which fulfils your expectations and needs as well as our commercial interests.

(d) Conduct or behavior advertising cookies

These cookies store information on the behavior of users obtained through the continuous observation of their browsing habits, which allows the development of a specific profile in order to display different advertisements based on such profiling process.

It is also possible that by visiting a website or by opening an e-mail where an advertisement or promotion about our services is displayed, a cookie will be installed in your browser that will be useful to show to the user some other advertisements related to the searches that it has carried out, to develop a control of our advertising in connection, for example, with the number of times each advertisement is displayed, where or at what time it is displayed etc.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests are to provide a user-friendly and meaningful Website which fulfils your expectations and needs as well as our commercial interests.

(e) Third-party analytics cookies

Together with our server logs and other web analysis programs, analytical cookies enable Redbubble to ascertain the total number of users visiting the website and the most popular areas. Thanks to them, Redbubble can obtain information to improve browsing and offer a better service to users.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests are to provide a user-friendly and meaningful Website which fulfils your expectations and needs as well as our commercial interests.

(f) Third-party social networks cookies

If you interact with the content of the Website, third-party cookies may also be installed (for example, by clicking on social media buttons or viewing videos housed on other websites). Third-party cookies are those established by a domain different to the Website and subject to the relevant social network’s policies.

This processing is necessary for the purpose of our legitimate interests. Our legitimate interests are to provide a user-friendly and meaningful Website which fulfils your expectations and needs as well as our commercial interests.

9.3 In particular, we use the following third-party services which use cookies and other technologies. If you do not agree to this use, you may deactivate these services by refusing to accept the cookies in your browser. You may also deactivate the service by clicking on the opt-out link or using other opt-out possibilities. For the opt-out links and other opt-out possibilities, please see the column “Opt-out” in the table below. You will find further information about the services in the related privacy policies, accessible via the links provided in the section “Privacy and/or security policy” in the table below. The table further displays under “Countries where data is transferred and appropriate safeguards” to which country the data is transferred and if appropriate safeguards are fulfilled.

Third party services utilizing tracking on the Website

Service provider

Description of the purpose of the tracking and use of the tracking data

Privacy and/or security policy

Opt-out

Countries where data is transferred and appropriate safeguards

Google Analytics

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, e-mail data-protection-office@google.com, phone +1.650.253.0000, fax +1.650.618.1806

Google Analytics tracks and reports website traffic and user behaviour on our site (https://developers.google.com/analytics/resources/concepts/gaConceptsTrackingOverview#howAnalyticsGetsData)

Terms of use: http://www.google.com/analytics/terms/de.html

Privacy policy: http://www.google.com/intl/de/analytics/privacyoverview.html

http://tools.google.com/dlpage/gaoptout?hl=en

USA

Data Processing Agreement

Google AdWords

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, e-mail data-protection-office@google.com, phone +1.650.253.0000, fax +1.650.618.1806

Google AdWords provides audience building and targeting across Google marketing networks

https://services.google.com/sitestats/de.html

http://www.google.com/ads/preferences/html/opt-out.html

USA

Data Processing Agreement

Google DoubleClick

Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, e-mail data-protection-office@google.com, phone +1.650.253.0000, fax +1.650.618.1806

Google DoubleClick provides audience building and targeting across Google marketing networks

http://www.google.de/policies/technologies/ads

http://www.google.com/ads/preferences/html/opt-out.html

USA

Data Processing Agreement

Sift Science

Sift Science Inc., 123 Mission St., 20th Floor, San Francisco, CA 94105, USA

Sift Science provides fraud identification and prevention

https://siftscience.com/security-privacy

No opt-out due to the nature of the service provided for basic functioning of the Website

USA

Data Processing Agreement

TrackJS

TrackJS LLC

TrackJS provides JavaScript (code) error monitoring

https://trackjs.com/privacy

No opt-out due to the nature of the service provided for basic functioning of the Website

USA

Data Processing Agreement

Microsoft Bing Conversion

Microsoft Corp., One Microsoft Way, Redmond, WA 98052-6399, USA, e-mail brendonlynch@microsoft.com, phone +1.425.882.8080, fax +1.425.708.3135

Microsoft Bing Conversion provides customer conversion tracking

https://privacy.microsoft.com/de-de/privacystatement

http://www.aboutads.info/choices/

USA

Data Processing Agreement

Sailthru

Sailthru Inc., 160 Varick St., 12th Floor, 1 World Trade Suite 48a, New York, NY 10007, USA, e-mail legal@sailthru.com, phone +1.877.812.8689

Sailthru provides audience building and targeting with Sailthru marketing platform

https://www.sailthru.com/legal/#privacy

http://www.sailthru.com/legal/#cookies

http://www.sailthru.com/legal/#cookies

USA

Data Processing Agreement

Yahoo Analytics

Oath Inc.

Yahoo Analytics provides audience building and targeting across Oath marketing networks

https://policies.oath.com/us/en/oath/privacy/index.html

https://policies.yahoo.com/ie/de/yahoo/privacy/index.htm

https://aim.yahoo.com/aim/us/en/optout/

USA

Data Processing Agreement

Facebook Ads Manager

Facebook Inc., 1601 S. California Avenue., Palo Alto, CA 94304, USA

Audience building and targeting across Facebook marketing networks

https://www.facebook.com/privacy/explanation

https://www.facebook.com/help/568137493302217

USA

Data Processing Agreement

Criteo

Criteo SA, 32 Rue Blanche, 75009 Paris, France, EU

Criteo provides audience building and targeting across Google marketing networks

https://www.criteo.com/privacy/

https://www.criteo.com/privacy/

France

Criteo uses Amazon Web Services in the USA for storing the Criteo sponsored product data.

Data Processing Agreement

LeanPlum

Leanplum, Inc., 1550 Bryant St., Suite 545, San Francisco, CA 94103, USA, e-mail info@leanplum.com

LeanPlum provides audience building and targeting

https://www.leanplum.com/privacy/

Opt-out information under https://www.leanplum.com/privacy/

USA

Data Processing Agreement

Rollbar

Rollbar, 221 Main St. Suite 780, San Francisco, CA 94105, USA, e-mail brian@rollbar.com, phone +1.888.568.3350

Rollbar provides application monitoring

https://rollbar.com/privacy/

Opt-out information at: https://rollbar.com/privacy/

USA

Data Processing Agreement

Qualtrics

Qualtrics, LLC 333 W River Park Dr Provo, Utah 84604 markc@qualtrics.com Phone: (801) 374-6682

Qualtrics provides audience building for the purpose of research intercepts and surveys

Privacy policy: https://www.qualtrics.com/privacy-statement/

Security statement: https://www.qualtrics.com/security-statement/

A user may elect to opt-out of enabling cookies in the browser’s settings, usually by choosing between several options offered by the browser. Some browsers allow blocking cookies from a specific website.

USA

Data Processing Agreement

Fullstory

FullStory, Inc., 120 Ottley Drive NE, Suite 100, Atlanta, GA30324, geoff@fullstory.com Phone: (678) 337-1868

FullStory provides visual playback of user sessions, for the purpose of identifying issues and improving experience

Privacy Policy: https://www.fullstory.com/legal/privacy/, Terms & conditions: https://www.fullstory.com/legal/terms-and-conditions/

https://www.fullstory.com/optout/

USA

Data Processing Agreement

Supermetrics

Supermetrics Oy (Finland)

Marketing / web analytics

https://supermetrics.com/privacy-policy-2018-5

https://supermetrics.com/privacy-policy-2018-5

Finland – EU member state

AppsFlyer

AppsFlyer, Ltd. (Israel)

A software development kit which allows the tracking of mobile application use, installations and downloads

https://www.appsflyer.com/product/gdpr??&utm_source=google&utm_medium=cpc&utm_term=appsflyer&utm_content=ad3&utm_campaign=brand_oceana

https://www.appsflyer.com/optout

Israel – on the EU approved list of countries for data transfers

Pagely

Pagely, Inc. (Wordpress hosting)

May collect user data when visitors come to wordpress webpages that Pagely hosts for RB

https://pagely.com/legal/privacy-policy/

https://pagely.com/legal/transparency-privacy-report/

USA

Data Processing Agreement

Talkable

Curebit, Inc dba Talkable

Quantifying and accelerating refer-a-friend programs

https://www.talkable.com/privacy

https://www.talkable.com/privacy section 6.4

USA

Data Processing Agreement

Connexity

Connexity, Inc.

Ecommerce marketing automation platform

https://connexity.com/privacy-policy/

https://connexity.com/opt-out/

USA

Data Processing Agreement

Affiliate Window

Awin AG

Affiliate partner tracking users that come from affiliate links to the site and makes a purchase. Mostly used to give correct commission to the correct affiliates.

https://www.awin.com/au/legal/privacy-policy

https://www.awin.com/au/legal/privacy-policy
Section 2.3

Germany – EU member state

ShareASale,

ShareASale,.com, Inc.

Affiliate partner tracking users that come from affiliate links to the site and makes a purchase. Mostly used to give correct commission to the correct affiliates.

Part of Awin group
https://www.awin.com/au/legal/privacy-policy

https://www.awin.com/au/legal/privacy-policy
Section 2.3

Germany – EU member state

Segment

Segment.io, Inc.

Customer data platform

https://segment.com/legal/privacy/

https://segment.com/legal/privacy/
and Website Data Collection Preference Center

USA

Data Processing Agreement

Iterable

Iterable, Inc.

Customer Engagement Platform

https://iterable.com/trust/privacy-policy/https://iterable.com/trust/anti-spam-policy/

https://iterable.com/trust/privacy-policy/

USA

Data Processing Agreement

9.4. We use a number of social plug-ins on the Marketplace. Plug-ins are small extension modules used by different social networks that allow you to inform other users in the social network that you are on the Website. Please note that we have only limited control over the data transmitted by these social plug-ins. Please read the following information to learn how the social plug-ins work:

When you visit a portion of our Website that contains a social plug-in, your browser will establish a direct connection to the servers of the social network. The social network is informed about the site that you are currently visiting on the Website and the social network stores this information in accordance with its privacy policy. The social network may also log your browser history or further information. If you interact with (click on) the social plug-in while you are logged onto the related social network, this information may be matched to your profile and shown on other sites of the internet. If you do not wish the social network to collect data on you through the Website, it may be helpful to log off from the social network before you visit our Website. For further information about the purpose and extent of the data collection and further use of your data by the social network, as well as your profile setting options to protect your privacy, please view the data privacy notices of the social networks:

Name of social plug-in

Name of social network

Privacy policy

Information on how to opt-out

Facebook

Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA

https://de-de.facebook.com/policy.php

https://www.facebook.com/help/cookies/?ref=sitefooter

Twitter

Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA

https://twitter.com/privacy?lang=de

https://support.twitter.com/articles/20170520-so-verwendet-twitter-cookies-und-ahnliche-technologien

Pinterest

Pinterest Inc., 808 Brannan St., San Francisco, CA 94103, USA

https://policy.pinterest.com/en/privacy-policy

https://help.pinterest.com/en/articles/we-support-do-not-track

Tumblr

Tumblr Inc., 35 E 21st St., 10th Floor, New York, NY 10010, USA

https://www.tumblr.com/policy/en/privacy

https://www.tumblr.com/settings/account

SnapChat

Snap, Inc.

https://www.snap.com/en-US/privacy/privacy-policy/

https://www.snap.com/en-US/cookie-policy/

10. YOUR RIGHTS UNDER DATA PROTECTION LEGISLATION

Depending on your location, you may have the following rights under applicable data protection law:

(a) Right of access, rectification, erasure and restriction of processing: You have the right to obtain access to your Personal Data stored by us. If we process or use your Personal Data, we will use reasonable steps to ensure that your Personal Data is accurate and up-to-date for the purposes for which they were collected. If your Personal Data is inaccurate or incomplete, you have the right to obtain the rectification of such Personal Data. Furthermore, you may have the right to obtain the erasure or restriction of processing of your Personal Data, for example if no legitimate business purpose exists anymore for the data processing under this privacy policy or applicable law and the further storage is not necessary under statutory storage obligations.

Your user account essentially shows the Personal Data you have stored with us. You may view, change and/or erase the data as needed. Furthermore, to obtain access to or the rectification, erasure or restriction of processing of your Personal Data you may at any time contact us as provided in item 1 above.

(b) Right to data portability: You may have the right to receive the Personal Data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to transmit this data to another controller. To exercise this right you may at any time contact us as provided in item 1 above.

(c) Right to object: You may have the right to object, on grounds relating to your particular situation, to the processing of your Personal Data. To exercise this right you may at any time contact us as provided in item 1 above.

(d) Right to withdraw your consent: If you have given your consent to the collection or processing of your Personal Data, you have the right to withdraw your consent at any time on a prospective basis without affecting the lawfulness of processing based on the consent before its withdrawal. You may also object to use of your Personal Data for purposes of market research and public opinion polling as well as advertising and unsubscribe from our newsletter (please cf. under item 4.3 above). To exercise any of these rights you may at any time contact us as provided in item 1 above.

Before meeting your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so. In addition, you also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.

11. Consumer Privacy Act ("CCPA") – for California residents

This Section 11 applies only to users of our Marketplace who are California residents. As used in this Section, “Personal Information” in this Section 11 means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, or as otherwise defined by the California Consumer Privacy Act of 2018 (California Civil Code §§ 1798.100 to 1798.199) and its implementing regulations, as amended or superseded from time to time (“CCPA”).

11.1 CCPA Disclosure

The chart below provides the categories of Personal Information (as defined by the CCPA) we have collected, disclosed for a business purpose, sold, or used for business or commercial purposes in the preceding twelve (12) months since this California Resident Privacy Notice was last updated, as well as the categories of sources from which that Personal Information was collected, and the categories of third parties with whom we shared Personal Information. The examples of Personal Information provided for each category reflect each category’s statutory definition and may not reflect all of the specific types of Personal Information associated with each category.

Category

We Collect

We Disclose

We Sell

Categories of Third Parties with Whom We Share Personal Information

A. Identifiers

Examples: Name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.

Yes

Yes

No

All

B. Categories of Personal Information in Cal. Civ. Code Section 1798.80(e)

Examples: Name, signature, social security number, address, telephone number, passport number, driver’s license or state identification card number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Yes

Yes

No

All

C. Characteristics of Protected Classifications under California or Federal Law

Examples: Race or color, ancestry or national origin, religion or creed, age (over 40), mental or physical disability, sex (including gender and pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity or expression, medical condition, genetic information, marital status, military, and veteran status.

No

N/A

N/A

N/A

D. Commercial Information

Examples: Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Yes

Yes

No

All

E. Biometric Information

Examples: Physiological, biological, or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish individual identity, such as imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information.

No

N/A

N/A

N/A

F. Internet or Other Electronic Network Activity Information

Examples: Browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, or advertisement.

Yes

Yes

No

All

G. Geolocation Data

Examples: Precise physical location.

No

N/A

N/A

N/A

H. Sensory Information

Examples: Audio, electronic, visual, thermal, olfactory, or similar information.

No

N/A

N/A

N/A

I. Professional or employment-related information

Examples: Job application or resume information and past and current job history.

Yes

Yes

No

All

J. Non-Public Education Information (as defined in 20 U.S.C. 1232g; 34 C.F.R. Part 99)

Examples: Records that are directly related to a student maintained by an educational agency or institution or by a party acting for the agency or institution.

No

N/A

N/A

N/A

K. Inferences Drawn from Personal Information

Examples: Consumer profiles reflecting a consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

No

N/A

N/A

N/A

11.2 Use of Personal Information

We collect, use, and disclose your Personal Information in accordance with the specific business and commercial purposes as described in Sections 3-5 of this Policy.

11.3 Collection of Personal Information

In the preceding twelve months since this notice was last updated, we have collected Personal Information from the following categories of sources:

  1. You/Your Devices: You or your devices directly.
  2. Users: Other users of our services.
  3. Affiliates.
  4. Analytics Providers.
  5. OS/Platform Provider: Operating systems and platforms.
  6. Social Networks.
  7. Partners: Business partners.

11.4 Disclosure of Personal Information

As set forth in Section 5 of this Policy, we share your Personal Information with the following categories of third parties:

  1. Affiliates.
  2. Analytics Providers.
  3. Vendors: Vendors and service providers.
  4. Integrated Third Parties: Third parties integrated into our Services.
  5. Third Parties as Legally Required: Third parties as required by law and similar disclosures.
  6. Third Parties in Merger/Acquisition: Third parties in connection with a merger, sale, or asset transfer.
  7. Third Parties with Consent: Other third parties for whom we have obtained your permission to disclose your Personal Information.

11.5 Right to Know and Access

You may submit a verifiable request for information regarding the: (i) categories of Personal Information collected, sold, or disclosed by us; (ii) purposes for which categories of Personal Information are collected or sold by us; (iii) categories of sources from which we collect Personal Information; (iv) categories of third parties with whom we disclosed or sold Personal Information; and (v) specific pieces of Personal Information we have collected about you during the past twelve months.

11.6 Right to Delete

Subject to certain exceptions, you may submit a verifiable request that we delete Personal Information about you that we have collected from you.

11.7 Verification

Requests for access to or deletion of Personal Information are subject to our ability to reasonably verify your identity in light of the information requested and pursuant to relevant CCPA requirements, limitations, and regulations. To verify your access or deletion request, we may request that you provide us with personal information that matches the identifying information that you have already provided to us.

11.8 Authorizing an Agent

To authorize an agent to make a request to know or delete on your behalf, please email us at privacy@redbubble.com.

11.9 Submit Requests

To exercise your rights under the CCPA, click this the “Do not sell my Personal Information” link in the footer) or email datadeletions@redbubble.com. Only you or an agent duly authorized to act on your behalf may submit verifiable consumer request related to your Personal Information. A verifiable consumer request must:

  • provide sufficient information that allows Redbubble to reasonably verify the requester’s identity; and
  • describe the request with sufficient detail that allows Redbubble to properly understand, evaluate, and respond to it.

11.10 Right to Equal Service and Price

You have the right not to receive discriminatory treatment for the exercise of your CCPA privacy rights, subject to certain limitations. Redbubble may offer certain financial incentives to the extent permitted by the CCPA that result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive that is offered will reasonably relate to California consumers’ personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program would require prior opt in consent, which may be revoked at any time.

11.11 Shine the Light

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits California consumers to request certain information regarding Redbubble’s disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@redbubble.com.

12. COMPLAINTS

IIf you have any questions, concerns or complaints relating to this privacy policy or Redbubble’s privacy/data protection practices, you are welcome to contact the Redbubble Data Protection Officer at the contact details listed in Section 1.

You may also lodge complaints with the relevant supervisory authority, depending on your location.

13. CHANGES

Redbubble reserves the right to change this privacy policy from time to time in compliance with the legal requirements, for example to be compliant with new laws or to add new services.

Date: March 2021

desktop tablet-landscape content-width tablet-portrait workstream-4-across phone-landscape phone-portrait
desktop tablet-landscape content-width tablet-portrait workstream-4-across phone-landscape phone-portrait