Privacy Policy

Protecting your information while using Snappr

Last updated 30 January, 2020.

Through our mobile application (the “App”) and website (the “Site”), Snappr, Inc. and Snappr Pty. Ltd. ABN 74 612 258 027 trading as Snappr (“Snappr,” “we,” “us,” or “our”) allows customers (“Customers”) and photographers (“Photographers”) to book photography engagements (the “Service”). This Privacy Policy describes the information that alone or in combination with other information could be used to identify you (“Personal Data”) that Snappr collects, how we use and share that data, and your choices concerning our data practices.

This Privacy Policy explains what Personal Data we collect, how we use and share that data, and your choices concerning our data practices.

Please read this Privacy Policy before using our Service or submitting any Personal Data to Snappr and contact us if you have any questions.

1. Information we collect

The Personal Data we collect varies based on who you are and what you choose to share with us. When you contact us or interact with our Service we collect categories of Personal Data as follows:

Account Data

When you create an account or start using the Service, we will generally collect your name, email, phone number, mailing address, your address book (if you are a Customer and you consent), and, if you are a Photographer, profile information (including a photograph and a description of your expertise).

Payment Data

We collect certain payment and billing information needed for us to (i) pay Photographers and (ii) accept payments from Customers. This information may include billing address, payment card or PayPal details, and, if you are a Photographer, your social security or tax identification number. We collect Payment Data via secure payment processing services.

Photograph Data

We collect details relating to shoots you book through the Service (i.e., the time and place of the shoot) and we collect and store the photographs that Photographers take for Customers. In addition, Customers in certain jurisdictions can make use of tools enabled by facial recognition. (Please note that facial recognition tools are only available in Australia and certain areas of the United States.) These tools will identify similar faces in the Customer’s photographs. The Customer can then tag someone, at which point the Service will identify the other photographs in which the tagged person appears and allow the Customer to easily share those photographs with the tagged person.

Communication Data

We may collect information when you contact us with questions or concerns and when you voluntarily respond to questionnaires, surveys or requests for market research seeking your opinion and feedback.  Providing this information is optional to you.

Social Media Data

We have pages on social media sites like Instagram, LinkedIn, Twitter, and LinkedIn (“Social Media Pages”). When you interact with our Social Media Pages, we will collect Personal Data that you elect to provide to us through your settings on the Social Media Site, such as your contact details. In addition, the companies that host our Social Media Pages may provide us with aggregate information and analytics regarding the use of our Social Media Pages.

Third Party Data

We may receive information about Customers from third parties based on their professional email address, including your job title, employer, and location of work.

Background Check Data

For Photographers, we may collect information from third-party service providers in connection with performing background checks.

Online Activity Data

When you visit, use and interact with the Site or App, we may automatically receive certain information about your visit, use or interactions. For example, we may monitor the number of people that visit our Site, peak hours of visits, which page(s) are visited on our Site, the domains our visitors come from (e.g., google.com, yahoo.com, etc.), and which browsers people use to access and visit our Site (e.g., Firefox, Microsoft Internet Explorer, etc.), broad geographical information, and Site-navigation pattern.

The following information is created and automatically logged in our systems when you use the Site:

  • Log Data: Information that your browser automatically sends whenever you visit the Site (“log data”). Log data includes your Internet Protocol (“IP”) address (so we understand which country you are connecting from when you visit the Site), browser type and settings, the date and time of your request, and how you interacted with the Site.
  • Cookies: We and our partners use cookies to operate and administer our Site, make it easier for you to use the Site during future visits, and gather usage data on our Site. For more information about the cookies used on our Site, please refer to our Cookie Policy, which forms part of this Privacy Policy.
  • Device Information: Includes name of the device, operating system, and browser you are using. Information collected may depend on the type of device you use and its settings.
  • Usage Information: We collect information about how you use our Site, such as the types of content that you view or engage with, the features you use, the actions you take, and the time, frequency and duration of your activities.

The following information is automatically logged in our systems when you use the App:

  • Device Information: we may collect information about your device including the IP address, the device type, non-permanent identifiers (i.e., advertising ID), the operating system version, data connection type (WiFi/mobile data), and name of your mobile service provider. Information collected may depend on the type of device you use and its settings.
  • Usage Information: we collect information related to the actions you take through the App, including how you navigate the App, the length of time you spend in the App, and diagnostics when errors are experienced (crash/error reporting).

2. How we use personal data

We use Personal Data to provide the Service, including to connect allow Customers to book photoshoots, to ensure Photographers are paid, and to facilitate the transmission of photographs from Photographers to Customers.  This processing is necessary to perform our contract with you.

We also use Personal Data as necessary for the following legitimate business interests:

  • To contact and communicate with you, including to respond to your inquiries, comments, feedback or questions;
  • To manage our relationship with you, which includes internal record keeping and sending administrative information to you relating to our Service and changes to our terms, conditions, and policies, and asking you to leave a review or take a survey;
  • To analyze how you interact with our Service and provide, maintain and improve the content and functionality of the Service and our customer relationships and experiences, develop our business and inform our marketing strategy;
  • To perform market research and business/website development;
  • To administer and protect our business and the Site, prevent fraud, criminal activity, or misuses of our Site, and to ensure the security of our IT systems, architecture and networks (including troubleshooting, testing, system maintenance, support and hosting of data); and
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties, and recover debts due to us.

For information about what we mean by legitimate interests and the rights of individuals in the European Union (“EU”), please see the “EU Users” section below.

Marketing

We may contact you to provide information we believe will be of interest to you. For instance, if you elect to provide your email address, we may use that information to send you promotional information about our products and services. If we do, where required by law, for example if you are in the EU, we will only send you such emails if you consent to us doing so at the time you provide us with your Personal Data. You may opt out of receiving emails by following the instructions contained in each promotional email we send you or by contacting us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding our Service and to respond to your requests.

3. How we share and disclose personal data

In certain circumstances we may share your Personal Data with third parties without further notice to you, unless required by the law, as set forth below:

Vendors

To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with vendors, including database, infrastructure, integration, and hosting providers; email communication providers; data and background check providers; customer support and customer relationship management services; payment processors; marketing partners; and analytics services.  Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.

Business Transfers

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.

Legal Requirements

If required to do so by law or in the good faith belief that such action is necessary to (i) comply with legal or regulatory obligations, including to respond to lawful requests from public authorities and to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Site, or the public, or (v) protect against legal liability.

4. Data retention

We keep Personal Data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

If you have elected to receive marketing communications from us, we retain information about your marketing preferences until you opt out of receiving these communications and in accordance with our policies.

To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we use your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

5. Update your information

If you need to change or correct your Personal Data you may contact us. We will address your request as required by applicable law.

6. California privacy rights disclosures

Online Tracking and Do Not Track Signals

We and our third party service providers, including Facebook, may use cookies, pixels, or other tracking technologies to collect information about your browsing activities over time and across different websites following your use of the Site and use that information to send targeted advertisements. Our Site currently does not respond to “Do Not Track” (“DNT”) signals and operates as described in this Privacy Policy whether or not a DNT signal is received. If we do respond to DNT signals in the future, we will describe how we do so in this Privacy Policy.

California Civil Code Section § 1798.83 permits users of our Site that are California residents to request the categories of Personal Data we disclosed to third parties for their direct marketing purposes in the year preceding the request, the names and addresses of such third parties, and, in certain circumstances, examples of the products or services marketed by such third parties. These requests may be made once per year. To make such a request, please email us at support@snappr.co or write us at:

101 California Street, Suite 2710, San Francisco CA 94111.

Personal Data Collection, Use, and Disclosure

The following disclosures are intended to provide additional information to California residents about (1) the categories of Personal Data we collect, (2) the sources of Personal Data we collect, (3) how we use each category of Personal Data, and (4) how we disclose Personal Data. Nothing in this Notice limits our ability to use or disclose information as described above.

Category of Personal Data Sources Of Personal Data Use of Personal Data Disclosure of Personal Data
Account Data We collect Account Data from you. We use Account Data to communicate with you, authenticate your identity, and make the Service available to you. We disclose Account Data to database and hosting providers, customer support and customer relationship management services, and marketing partners.
Payment Data We collect Payment Data from you. We use Payment Data to pay Photographers and to receive payments from Customers. We disclose Payment Data to payment processors.
Photograph Data We collect Photograph Data from you and, if you are a Customer, from your Photographer. We use Photograph Data to provide the Service. We disclose Photograph Data to hosting providers.
Communication Data We collect Communication Data from you. We use Communication Data to communicate with you and provide customer service. We disclose Communication Data to customer support services.
Social Media Data We collect Social Media Data from you and from Social Media Pages. We use Social Media Data to communicate with you and for analytics and marketing. We disclose Social Media Data to social media services and marketing partners.
Third Party Data We collect Third Party Data from third party data providers. We use Third Party Data to improve and target our customer service efforts. We disclose Third Party Data to customer service and customer relationship management services.
Background Check Data We collect Background Check Data from background check providers. We use Background Check Data to perform background checks on Photographers. We disclose Background Check Data to hosting providers.
Online Activity Data We collect Online Activity Data from you. We use Online Activity Data to conduct analytics and for marketing. We disclose Online Activity Data to analytics providers and marketing partners.

We do not and will not sell your Personal Data.

California privacy rights

To the extent provided for by law and subject to applicable exceptions, California residents have the following privacy rights in relation to the Personal Data we collect:

• The right to know what Personal Data we have collected and how we have used and disclosed that Personal Data;

• The right to request deletion of your Personal Data;

• The right to be free from discrimination relating to the exercise of any of your privacy rights.

Exercising your rights

California residents can exercise the above privacy rights or request a different format of this Privacy Policy by contacting us using the details in the “Contact Us” section below.

Verification

In order to protect your Personal Data from unauthorized access or deletion, we may require you to verify your login credentials before you can submit a request to know or delete Personal Data. If you do not have an account with us, or if we suspect fraudulent or malicious activity, we may ask you to provide additional Personal Data for verification. If we cannot verify your identity, we will not provide or delete your Personal Data.

Authorized agents

You may submit a request to know or a request to delete your Personal Data through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity with us.

7. Children

Our Service is not directed to children who are under the age of 16. Snappr does not knowingly collect Personal Data from children under the age of 16. If you have reason to believe that a child under the age of 16 has provided Personal Data to Snappr through the Service please contact us using the details in the “Contact Us” section below and we will endeavor to delete that information from our databases.

8. EU Users

Scope

This section applies to individuals in the EU (for these purposes, reference to the EU also includes the European Economic Area countries of Iceland, Liechtenstein and Norway, the United Kingdom, and, to the extent applicable, Switzerland).

Data Controller

Snappr is the data controller for the processing of your Personal Data. You can find our contact information in the “Contact Us” section below.

Legal Bases for Processing

This Privacy Policy (the paragraph “How We Use Personal Data”) describes the legal bases we rely on for the processing of your Personal Data. Please contact us if you have any questions about the specific legal basis we are relying on to process your Personal Data using the details in the “Contact Us” section below.

As used in this Privacy Policy, “legitimate interests” means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Your Rights

Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:

  • Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
  • Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
  • Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
  • Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
  • Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so: (a) If we are relying on a legitimate interest to process your Personal Data -- unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims; (b) If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above).
  • Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
  • Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns (in the UK, the Information Commissioner’s Office (ICO), who can be contacted at https://ico.org.uk/concerns, and in other EU countries the data protection authority of the country in which you are located).

Please see the “Contact Us” section below for information on how to exercise your rights.

9. International transfer

Snappr is based in the United States. If you are accessing our Service from the EU or other regions with laws governing data collection and use, please note that your Personal Data will be transferred to and stored in the United States as necessary for the purposes described in this Privacy Policy, and the data may be transmitted to our service providers supporting our business operations (described above). The United States may have data protection laws less stringent than or otherwise different from the laws in effect in the country in which you are located.

Where we transfer your Personal Data out of the EU we will take steps to ensure that your Personal Data receives an adequate level of security protection where it is processed and your rights continue to be protected. Some of our service providers (such as Google, LLC, Freshworks, Inc., and SendGrid, Inc.) are certified to the Privacy Shield framework for data transfers (for more information visit https://www.privacyshield.gov/welcome). For more information, please contact us as described below.

10. Links to other websites

The Site may contain links to other websites not operated or controlled by Snappr, including social media services (“Third Party Sites”). The information that you share with Third Party Sites will be governed by the specific privacy policies and terms of service of the Third Party Sites and not by this Privacy Policy. By providing these links we do not imply that we endorse or have reviewed these sites. Please contact the Third Party Sites directly for information on their privacy practices and policies.

11. Security

You use the Service at your own risk. We comply with industry standards to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to Snappr via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.

12. Changes to the Privacy Policy

The Service, and our business may change from time to time. As a result we may change this Privacy Policy at any time. When we do we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you if applicable, you consent to the revised Privacy Policy and practices described in it.

13. Contact us

If you have any questions about our Privacy Policy or the information practices of the Site, please feel free to contact us at support@snappr.co with the subject “Attn: Privacy Officer.”