We provide this document to let you know the kinds of personal and non-personal data we may gather, why we gather your data, what we use your data for, when we might disclose your data, and how you can manage your personal data.
We provide an opt-in Newsletter service to which you can subscribe from our website or through our apps. The newsletter service is used to send occasional information about our products, upgrade information, and special offers such as Black Friday.
Each newsletter email you receive will contain an unsubscribe link that will instantly remove you from our newsletter recipients list. You can also contact us at email@example.com to be removed from it at any time.
We also provide support by email, in which case we will contact you back to answer your feedback or questions.
We differentiate personal and non-personal data. Personal data is information that can be used to uniquely identify a specific individual. Non-personal data is information that cannot be used just by itself to uniquely identify a specific individual.
One of the basic principles we are following in our apps and website is that we only ask for the personal data we need to provide the service you have requested. We use pseudonymized & anonymized data wherever possible, and we have otherwise no business interest in personal data.
We do not share your data with anyone except for the data processors listed below, and to comply with the law or to protect our rights.
Here is the list of personal and non-personal data that we process and/or collect, who is actually collecting it, why it is collected, how it is used, and who it is shared with.
Contractual Information (personal data): for users who purchase our apps directly through Apple (App Store, Mac App Store, Volume Purchase Program), we do not collect and do not have access to your customer data (Apple manages it directly). For users who purchase one of our Mac apps from our website, they are then entering a license agreement with us to use the software (see Terms & Conditions). We do not collect nor have access to any payment information such as credit cards. We have an agreement with FastSpring, the reseller, that processes the payment, collects user information of this contract (email, address and possibly other data), and delivers an activation code by email. To unlock the software, the user activates the code with their email address and that association is stored encrypted on our server (contract fulfillment). We don’t establish contract with children under the age of majority. Data Processor: Apple, FastSpring
User-Generated Content (personal data): we do not collect user-generated content. Our apps process all kinds of user-generated content (photo, video, audio, text, geotag…) on users’ behalf, and, in that context, they may require or optionally need photo / microphone / geolocation / device sensors / access to user generated contents. This information is solely processed to provide standard photo capture, video capture (with sound), speech recognition, and photo/video geotagging or other editing features. These personal data remain private on the device at all times unless cloud storage, cloud processing, collaboration with other users are used, or a cloud syncing option (iCloud, Dropbox, or other explicitly mentioned solution) is knowingly initiated by the user. Our apps may explicitly require access to your Dropbox, Evernote, iCloud account or any other cloud storage account (at your request) to provide specific features. Our apps may access, process, update your cloud storage data on your behalf, but our apps do not use or access this data otherwise and we do not have any access to it. No sharing of personal data is performed without user consent other than through specific user-initiated actions. In cases where we need to store user-generated data on a server to provide a specific feature (such as multi-user collaboration), we design it so that we cannot access your data (data is stored encrypted, and the encryption key is not shared with us). Your data can be accessed/exported either directly from our apps, or directly with the service provider. Data Processors: Apple (iCloud / CloudKit), DropBox, Evernote, Microsoft (Azure).
Website & App Statistics (non-personal data): we collect anonymized data to determine general usage statistics of our website and our apps. On the website, we use Google Analytics to determine the effectiveness of communication campaigns, website referrals, as well as other macroscopic information. In apps, we use Google Analytics SDK to determine the popularity of proposed features (overall usage count) and other overall statistics (such as the OS version and device model) in order to better focus our development efforts on future versions of the apps. In all cases (website, apps), we use client-side IP address pseudonymization when using Google Analytics libraries, and on our website, as of July 1st 2018, we have disabled Google Analytics User ID storage (no cookie, no local storage). On our website, you can opt-out of analytics by using the “Do not track” feature of browsers or by using a content blocker. In our apps, you can opt-out of usage pattern collection through app Settings > Help & Support > Diagnosis & Usage > Send Usage Data (switch it off). Data Processors: Google Analytics, HockeyApp/Microsoft, Apple.
Crash Reports (non-personal data): when a crash occurs in our iOS apps, we automatically collect anonymized crash reports (function backtrace, OS version, device model) to help us debug crashes in our apps. You can opt out of crash report collection through app Settings > Help & Support > Diagnosis & Usage > Send Crash Reports (switch it off). In our Mac apps, crash sending is a manual process. A crash prompt is displayed on next launch of the app, where you can describe the issue, or decide not to send it. We use both Apple’s opt-in mechanism, and HockeyApp SDK from Microsoft to perform auto-collection (iOS) or manual sending (Mac). Data Processors: Apple, HockeyApp/Microsoft.
Support Mails (personal data): we provide support by email. Users can contact us through our support email addresses (firstname.lastname@example.org or <appname>@creaceed.com) to request support about our apps. Our ticket system, Freshdesk, is operated by Freshworks, and tickets are archived indefinitely in our internal knowledge base (see user’s rights below). Our email software is operated by Google. We don’t accept support request from children under the age of majority unless the request is verifiably supervised by an adult. Data Processors: Freshworks (Freshdesk), Google.
IP Address (personal data): IP address of users visiting our website may appear in the standard logs of our web server software. These logs are automatically deleted after maximum 14 days. When a user activates a Mac app purchased from our website, IP addresses are also recorded in the activation journal database on our web server for fraud protection purpose
Email Address (personal data): email addresses, as part of Contractual Information and Support Mails, are detailed above. We also operate an opt-in newsletter to let users know about news and special offers (see Contacting You section above). Our newsletter is operated by Mailchimp, which stores the email list and distributes the newsletter on our behalf. Users accepting to beta-test our software are added to beta-testing lists that we maintain on Apple’s App Store Connect platform. We don’t accept newsletter subscription from children under the age of majority. Data Processors: Mailchimp, Apple.
Bright Market LLC (FastSpring)
Freshworks, Inc. (Freshdesk)
The Rocket Science Group LLC (Mailchimp)
Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”).
Protecting the privacy of children is especially important.
Our Website is neither directed at nor targeted to children. If you have not reached the age of majority or are not able to enter into legally binding agreements in your country, you may not use our Website unless supervised/accepted by an adult, as applicable. If we learn that personally identifiable information has been provided to us and/or collected on our Website from persons under the age of majority and without verifiable parental consent, such as through a support request, we take the appropriate steps to delete this information in a secure manner. If you are a parent and discover that your child has provided Personal Information through to our Services, then you may alert us at email@example.com and request that we delete that child’s personally identifiable information from our systems.
Our Apps are directed at users of all ages, including children. We encourage parents and teachers to supervise their child or student’s use of the Apps. Simply downloading any Creaceed App to your iOS / Mac device does not trigger the collection of any personally identifiable information.
We take security seriously, and use several measures to protect your data. Communications with our website and APIs only use secure connections (TLS). Activation data (email / activation code association) for apps purchased directly through us, as opposed to App Store, are stored encrypted on our server. All our backups are encrypted.
Belgian law shall govern in any and all disputes, including privacy or defamation issues or otherwise.
The responsible body for user privacy is:
Boulevard Initialis 1,
7000 Mons, BELGIUM
This policy was last modified on December 7, 2018.