SmithX Privacy Policy

Effective date: March 1st 2017

Introduction

This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information.

This Privacy Policy describes how and when SmithX collects, uses and shares SmithX Data when you use the Services. SmithX receives your information through our Website, Platforms and Applications.

With this Privacy Policy SmithX are committed to protecting the privacy of all individuals who:

  • visit any websites or mobile sites offered by SmithX, including without limitation SmithX.com, and including all subdomains, present and future (the “Website”);
  • use the desktop software/mobile applications that SmithX makes available (the "Applications");
  • use the Services including: Free, Personal Brand Package, Business Owner Package, Social Media Marketing Agency Package and other SmithX products and services (the "Platforms"); and
  • when we talk about “Personal Data”, we mean information relating to you or other identifiable individuals.
In order to make SmithX policy easier to read, we call the Website, the Applications and the Platforms together the "Services". When we talk about “Personal Data”, we mean information relating to you or other identifiable individuals.

It is SmithX' policy to respect your privacy and the privacy of all users of the Services regarding any information we may collect while you are operating our Website or using our Services. We have established this Privacy Policy in order for you to understand our commitment to protecting your privacy and personal data, and the steps we take to ensure it. By visiting and/or using any of the Services, you agree to be bound by the terms of the present Privacy Policy (the “Privacy Policy”). Where the present Privacy Policy refers to “SmithX ”, it may refer to the Services or to SmithX depending on the context.

SmithX reserves the right, at our sole discretion, at any time, to modify or replace the Privacy Policy. The most recent version of the Privacy Policy is available at SmithX.com/legal/privacy. Please check the Privacy Policy periodically for changes. We will notify you of any material changes to our Privacy Policy by Posting the new Privacy Policy on our Site or via email or other direct electronic communication method of any changes that, in our sole discretion, materially impact your use of the Services or the treatment of your Personal Data. By continuing to access or use our Service after those revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, in whole or in part, please stop using the website and the Service.


Data and Customer Content

We collect Personal Data (such as account information and registration) from our customers and users of the Services for our own purposes. We use the Personal Data to provide and manage the Services (“SmithX Data”).  We’re the data controller in respect of this information.


Data we receive or collect 

When you first register for a SmithX account, and when you use the Services, we collect some Personal Data about you such as:

  • your full name, and email address and other contact details
  • the geographic area where you use your computer and mobile devices
  • a unique SmithX user ID (an alphanumeric string) which is assigned to you upon registration
  • other optional information as part of your account profile 
  • your IP Address and, when applicable, timestamp related to your ansent and confirmation of ansent
  • other information submitted by you or your organizational representatives via various methods (phone, email, online forms, surveys, in-person meetings, etc)
  • your billing address and any necessary other information to complete any financial transaction, and when making purchases through the Services, we may also collect your credit card or PayPal information
  • images or other files that you may publish via our Services
  • information we may receive relating to communications you send us, such as queries or comments concerning our Services
  • information relating to an individual’s real time location.

SmithX also automatically collects and receives certain information from your computer or mobile device, including the activities you perform on our Website, the Platforms, and the Applications, the type of hardware and software you are using (for example, your operating system or browser), and information obtained from cookies (see “Cookies and Related Technologies” below). For example, each time you visit the Website or otherwise use the Services, we automatically collect your IP address, browser and device type, access times, the web page from which you came, the regions from which you navigate the web page, and the web page(s) you access (as applicable).


How we use SmithX Data

SmithX uses SmithX Data for the following general purposes: 

  • to identify you when you login to your account
  • to enable us to operate the Services and provide them to you
  • to verify your transactions and for purchase confirmation, billing, security, and authentication
  • to analyze the Website or the other Services and information about our visitors and users, including research into our user demographics and user behaviour in order to improve our content and Services
  • to contact you about your account and provide customer service support, including responding to your comments and questions
  • to share aggregate (non-identifiable) statistics about users of the Services to prospective advertisers and partners
  • to keep you informed about the Services, features, surveys, newsletters, offers, contests and events we think you may find useful or which you have requested from us
  • to sell or market SmithX products and services to you
  • to better understand your needs and the needs of users in the aggregate, diagnose problems, analyze trends, improve the features and usability of the Services, and better understand and market to our customers and users
  • to keep the Services safe and secure.

We use non-identifiable information collected for statistical purposes to keep track of the number of visits to the Services and in order to introduce improvements and improve usability of the Services. We may share this type of statistical data with our partners in order to help them understanding how often people use the Services, and so that they could provide you with the best possible service.


Assent

By visiting our Website and providing information to, or by using any of the Services, or submitting or collecting any Personal Data via the Services, you assent to the collection, transfer, storage disclosure, and use of your Personal Data in the manner set out in this Privacy Policy. If you do not assent to the use of your Personal Data in these ways, please stop using the Services.


Tracking Technologies

SmithX uses tracking technology (“cookies”) on the Website, in the Applications, and in the Platforms, including desktop software and mobile application identifiers and a unique SmithX user ID to help us understand your preferences based on previous or current Website and Services activity, compile aggregate data about Website and Services traffic and interaction so that we can offer better Website and Services experiences and tools in the future, recognize you across different Services, to monitor usage and web traffic routing for the Services. By visiting the Website or using the Services you agree to the use of cookies in your browser and HTML-based emails. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information.

The Services use “session cookies”, which improve your user experience by storing certain information from your current visit on your device, such as log-in information. These enable us to remember your log-in session so you can move easily within the Website or the other Services. Without these session cookies, we wouldn’t be able to provide the Services to you. These session cookies have limited functionalities and expirations, and you will be required to re-enter your SmithX log-in information after a certain period of time has elapsed to protect you against others accidentally accessing your account contents and related Personal Data. Other examples of our use of session cookies include to track the number of visits by a particular visitor to a page and to store items in an online shopping cart for the Shop.


Performance and Remarketing Cookies

Partners who help us serve advertising on and off the Website and analytics companies may also put cookies on your device. We may share with third-party ad partners a cryptographic hash of a common account identifier (such as an email address), to help us measure and tailor ads and services provided to you. Below is information about one such vendor. Please note that this Privacy Policy covers only our use of cookies and does not include use of cookies by any third parties.

    i)                Google Analytics 
SmithX uses a specific cookie in order to facilitate the use of Google Universal Analytics for users logged-in to the Applications or the Platforms (“Logged-In User). If you are a Logged-In User, SmithX may use your SmithX user ID in combination with Google Universal Analytics and Google Analytics to track and analyze the pages of the Services you visit.  We do this only to better understand how you use the Website and the other Services, with a view to offering improvements for all SmithX users; and to tailor our business and marketing activities accordingly, both generally and specifically to you. Google Analytics cookies do not provide SmithX with any Personal Data.

Learn more about privacy at Google and to opt-out of this feature by installing the Google Analytics Opt-out Browser Add-on.

SmithX uses other third-party performance and remarketing cookies, and further information on those third-party cookies can be obtained by contacting us.

SmithX may also use related technologies including web beacons, pixels, and software tokens in order to facilitate your use of the Services. Most notably, the Services use software tokens (stored securely on SmithX-controlled servers) in order to facilitate the logging in to and the functioning of both the Supported Platforms and Third-Party Apps.

Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. Further information can be found at http://www.networkadvertising.org/managing/opt_out.asp. Please note that if you turn cookies off, some of the features that make your Website and Services experience more efficient may not function properly and you may not be able to take full advantage of the Website, Applications and Platforms.


When we may share Personal Data

Except as provided in this Privacy Policy, SmithX does not share or give any Personal Data gathered via the Services (including Customer Content) to third parties.

Notwithstanding anything in the Privacy Policy to the contrary, we may share any information we have collected about you or Customer Content:

(1) where we are legally required to do so,

(2) if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person;

(3) if we believe it is necessary to investigate, prevent, or take action regarding situations that involve abuse of the Services infrastructure or the Internet in general;

(4) to a parent company, subsidiaries, joint ventures, or other companies under common control with SmithX;

(5) if we are acquired by or merged with another entity (in which case we will require such entity to assume our obligations under this Privacy Policy or inform you that you are covered by a new privacy policy); and

(6) if this information is not private, is aggregated or is otherwise non-Personal Data, such as your public user profile information and related public data (such as Instagram posts, likes, etc.) or the number of users who clicked on a particular link (even if only one did so).

Subject to obligations consistent with this Privacy Policy, we may also disclose information to our affiliates, agents, contractors, and service providers in order to facilitate the functioning of the Services or to perform tasks that are integral to the Services, such as processing transactions, fulfilling requests for information, or providing support services or other tasks, from time to time. Information may also be transferred from SmithX to the third parties, but only to the extent required in order for the Services to function properly.


Minimum age

Our Services should only be accessed by individuals of Minimum Age. “Minimum Age” depends on where the individual accesses the services. “Minimum Age” shall mean (a) 14 years old for the United States, Canada, Germany, Spain, Australia, and South Korea; and (b) 13 years old for all other countries. However, if applicable law requires that you must be older than such ages in order for SmithX to lawfully provide the Services to you (including the collection, storage, and use of your information in accordance with this Privacy Policy), then the Minimum Age would be such older age. The Services are not designed nor intended for use by children or anyone else under the age of 13.


Security

We use industry best practices to keep any information collected and/or transmitted to the Third-Party Apps secure. This includes the use of HTTPS with SSL (Secure Sockets Layer), which encrypts all transmitted data, and OAuth 2.0 protocols for authentication and data transfer to Supported Platforms and Third-Party Apps.

Certain Personal Data, most notably SmithX log-in details, is encrypted during transmission using SSL. Once validated within our system, passwords are deleted from our system. In addition, SmithX uses third-party vendors and hosting partners such as DigitalOcean to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. These vendors have been selected for their high standards of both physical and technological security, including SOC 1 Type II, SOC 2 Type II, SOC 2 Type II, SOC 3, PCI-DSS and ISO 27001 certifications.

When payments are processed via credit card, SmithX uses third-party vendors that are PCI-DSS Compliant. At no point does SmithX have access to your credit card information. You should bear in mind that submission of information over the Internet is never entirely secure.  We cannot guarantee the security of information you submit via the Services whilst it is in transit over the Internet and any such submission is at your own risk, and this risk is specifically disclaimed in our Terms.

If you are a Logged-in User, it is advisable that you log out of your account at the end of every session and not leave a logged-in account unattended for any period of time, particularly if you use a shared computer or device.


Information storage and international transfers

SmithX, the entity which provides the Services, is a Croatian company with its head-office located in Zagreb. For the purposes of EU data protection law, Croatia is a part of the 28 EU countries and three EEA member countries and the effect of this decision is that personal data can flow to that third country without any further safeguard being necessary. Croatia is considered a country which provides adequate protections for Personal Data, as confirmed by the European Commission.

The Services are mainly provided from our offices in Croatia. However, by the very nature of the Services, the data that is viewed, collected, stored or posted on or through the Services also needs to flow from wherever you are located in the world, to where our Supported Platforms are storing the same data (i.e. in most cases, in the United States). In addition, SmithX uses third-party service providers (such as managed hosting providers, card processors, CRM systems, sub-processors of Customer Content and technology partners) to provide the necessary hardware, software, networking, storage and other services that we use to operate the Services. These third party providers may process, or store, the same Customer Content on servers outside of the EEA.

By using any of the Services, or submitting or collecting any Personal Data via the Services, you authorize SmithX and its authorized service partners to use and process Customer Content and SmithX Data (including any Personal Data) in these countries. Please be aware that the privacy protections and the rights of authorities and Government agencies to access your Personal Data in some of these countries may not be equivalent to those in your country.


For our customers with a principal location in the EU:

If you primarily use the Services within the EU, we will process Customer Content (which may include Personal Data) as a data processor on your behalf. Under EU law, you are considered to be the data controller of the Customer Content, and as such you are responsible for complying with applicable data protection laws in respect of the processing of Customer Content and the lawful instructions you give us.

To facilitate the lawful transfer by you of your Customer Content (as a data controller) through the Services to outside the EEA, SmithX is offering its EU customers a data processing agreement as an addendum to their existing SmithX agreement (“Data Processing Addendum”). This incorporates the European Commission’s Standard Contractual Clauses (processors) of 2010 (also known as “model processor clauses” or "SCC 2010”).

Please note that the Data Processing Addendum only applies to the extent there is not another legal basis in place to validate the transfer of Personal Data to outside the EEA. The Data Processing Addendum and some FAQs are available to all of our Customers.  If you would like to incorporate the Data Processing Addendum into your existing agreement with SmithX, please email us and we will promptly send you SmithX' Data Processing Addendum for you to complete, sign and return to us.

If you have any questions, please feel free to contact us.


Email preferences

You may opt out of marketing communications sent by SmithX by managing your email preferences on our Preferences Management page, or by following the unsubscribe instructions included in each marketing email.


Your rights

You can contact us to obtain a copy of the Personal Data held about you by us. This may be subject to a fee not exceeding any prescribed fee permitted by applicable law. You can also ask us to correct and, where relevant, erase that information. Please note that certain Personal Data may need to be retained by SmithX for a period of time following cancellation of your account where this is necessary for our legitimate business purposes or required or authorized by applicable law. As mentioned above you have a right to change your email preferences at any time.

You should be aware that SmithX acts as a conduit between our users and the various Supported Platforms and Third-Party Apps. In several instances, the content published via SmithX will not be in SmithX' custody or control, and any content that has been shared by you through any Supported Platform or Third-Party Apps via the Services may continue to be available to third parties and the public at large, as this content is now under the control of the operators of the Supported Platforms and/or the Third-Party Apps.