Effective date: March 1st 2017
'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy
law and information security, is information that can be used on its own or with other information
to identify, contact, or locate a single person, or to identify an individual in context. Please
otherwise handle your Personally Identifiable Information.
use the Services. SmithX receives your information through our Website, Platforms and
the privacy of all individuals who:
In order to make SmithX policy easier to read, we call the Website, the Applications and the
Platforms together the "Services". When we talk about “Personal Data”, we mean information relating
to you or other identifiable individuals.
- visit any websites or mobile sites offered by SmithX, including without limitation
and including all subdomains, present and future (the “Website”);
- use the desktop software/mobile applications that SmithX makes available (the
- use the Services including: Free, Personal Brand Package, Business Owner Package, Social
Marketing Agency Package and other SmithX products and services (the "Platforms"); and
- when we talk about “Personal Data”, we mean information relating to you or other
It is SmithX' policy to respect your privacy and the privacy of all users of the Services
regarding any information we may collect while you are operating our Website or using our Services.
your privacy and personal data, and the steps we take to ensure it. By visiting and/or using any of
SmithX depending on the context.
SmithX reserves the right, at our sole discretion, at any time, to modify or replace the Privacy
electronic communication method of any changes that, in our sole discretion, materially impact your
use of the Services or the treatment of your Personal Data. By continuing to access or use our
Service after those revisions become effective, you agree to be bound by the revised terms. If you
do not agree to the new terms, in whole or in part, please stop using the website and the Service.
Data and Customer Content
We collect Personal Data (such as account information and registration) from our customers and users
of the Services for our own purposes. We use the Personal Data to provide and manage the Services
(“SmithX Data”). We’re the data controller in respect of this information.
Data we receive or collect
When you first register for a SmithX account, and when you use the Services, we collect some
Personal Data about you such as:
- your full name, and email address and other contact details
- the geographic area where you use your computer and mobile devices
- a unique SmithX user ID (an alphanumeric string) which is assigned to you upon
- other optional information as part of your account profile
- your IP Address and, when applicable, timestamp related to your ansent and confirmation of
- other information submitted by you or your organizational representatives via various
(phone, email, online forms, surveys, in-person meetings, etc)
- your billing address and any necessary other information to complete any financial
and when making purchases through the Services, we may also collect your credit card or
- images or other files that you may publish via our Services
- information we may receive relating to communications you send us, such as queries or
concerning our Services
- information relating to an individual’s real time location.
SmithX also automatically collects and receives certain information from your computer or mobile
device, including the activities you perform on our Website, the Platforms, and the Applications,
the type of hardware and software you are using (for example, your operating system or browser), and
information obtained from cookies (see “Cookies and Related Technologies” below). For example, each
time you visit the Website or otherwise use the Services, we automatically collect your IP address,
browser and device type, access times, the web page from which you came, the regions from which you
navigate the web page, and the web page(s) you access (as applicable).
How we use SmithX Data
SmithX uses SmithX Data for the following general purposes:
- to identify you when you login to your account
- to enable us to operate the Services and provide them to you
- to verify your transactions and for purchase confirmation, billing, security, and
- to analyze the Website or the other Services and information about our visitors and users,
including research into our user demographics and user behaviour in order to improve our
- to contact you about your account and provide customer service support, including responding
your comments and questions
- to share aggregate (non-identifiable) statistics about users of the Services to prospective
advertisers and partners
- to keep you informed about the Services, features, surveys, newsletters, offers, contests
events we think you may find useful or which you have requested from us
- to sell or market SmithX products and services to you
- to better understand your needs and the needs of users in the aggregate, diagnose problems,
analyze trends, improve the features and usability of the Services, and better understand
to our customers and users
- to keep the Services safe and secure.
We use non-identifiable information collected for statistical purposes to keep track of the number
of visits to the Services and in order to introduce improvements and improve usability of the
Services. We may share this type of statistical data with our partners in order to help them
understanding how often people use the Services, and so that they could provide you with the best
By visiting our Website and providing information to, or by using any of the Services, or submitting
or collecting any Personal Data via the Services, you assent to the collection, transfer, storage
not assent to the use of your Personal Data in these ways, please stop using the Services.
SmithX uses tracking technology (“cookies”) on the Website, in the Applications, and in the
Platforms, including desktop software and mobile application identifiers and a unique SmithX user
ID to help us understand your preferences based on previous or current Website and Services
activity, compile aggregate data about Website and Services traffic and interaction so that we can
offer better Website and Services experiences and tools in the future, recognize you across
different Services, to monitor usage and web traffic routing for the Services. By visiting the
Cookies are small files that a site or its service provider transfers to your computer's hard drive
through your Web browser (if you allow) that enables the site's or service provider's systems to
recognize your browser and capture and remember certain information.
The Services use “session cookies”, which improve your user experience by storing certain
information from your current visit on your device, such as log-in information. These enable us to
remember your log-in session so you can move easily within the Website or the other Services.
Without these session cookies, we wouldn’t be able to provide the Services to you. These session
cookies have limited functionalities and expirations, and you will be required to re-enter your
SmithX log-in information after a certain period of time has elapsed to protect you against others
accidentally accessing your account contents and related Personal Data. Other examples of our use of
session cookies include to track the number of visits by a particular visitor to a page and to store
items in an online shopping cart for the Shop.
Performance and Remarketing Cookies
Partners who help us serve advertising on and off the Website and analytics companies may also put
cookies on your device. We may share with third-party ad partners a cryptographic hash of a common
account identifier (such as an email address), to help us measure and tailor ads and services
SmithX uses a specific cookie in order to facilitate the use of Google Universal Analytics for
users logged-in to the Applications or the Platforms (“Logged-In User). If you are a Logged-In User,
SmithX may use your SmithX user ID in combination with Google Universal Analytics and Google
Analytics to track and analyze the pages of the Services you visit. We do this only to better
understand how you use the Website and the other Services, with a view to offering improvements for
all SmithX users; and to tailor our business and marketing activities accordingly, both generally
and specifically to you. Google Analytics cookies do not provide SmithX with any Personal
Learn more about privacy at Google and
to opt-out of this feature by installing the Google Analytics
Opt-out Browser Add-on.
SmithX uses other third-party performance and remarketing cookies, and further information on
those third-party cookies can be obtained by contacting us.
SmithX may also use related technologies including web beacons, pixels, and software tokens in
order to facilitate your use of the Services. Most notably, the Services use software tokens (stored
securely on SmithX-controlled servers) in order to facilitate the logging in to and the
functioning of both the Supported Platforms and Third-Party Apps.
Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can
change your browser to prevent that or to notify you each time a cookie is set. Further information
can be found at http://www.networkadvertising.org/managing/opt_out.asp.
Please note that if you turn
cookies off, some of the features that make your Website and Services experience more efficient may
not function properly and you may not be able to take full advantage of the Website, Applications
When we may share Personal Data
gathered via the Services (including Customer Content) to third parties.
collected about you or Customer Content:
(1) where we are legally required to do so,
(2) if we believe it is necessary to investigate, prevent, or take action regarding illegal
activities, fraud, or situations involving potential threats to the rights, property, or personal
safety of any person;
(3) if we believe it is necessary to investigate, prevent, or take action regarding situations that
involve abuse of the Services infrastructure or the Internet in general;
(4) to a parent company, subsidiaries, joint ventures, or other companies under common control with
(5) if we are acquired by or merged with another entity (in which case we will require such entity
(6) if this information is not private, is aggregated or is otherwise non-Personal Data, such as
your public user profile information and related public data (such as Instagram posts, likes, etc.)
or the number of users who clicked on a particular link (even if only one did so).
affiliates, agents, contractors, and service providers in order to facilitate the functioning of the
Services or to perform tasks that are integral to the Services, such as processing transactions,
fulfilling requests for information, or providing support services or other tasks, from time to
time. Information may also be transferred from SmithX to the third parties, but only to the extent
required in order for the Services to function properly.
Our Services should only be accessed by individuals of Minimum Age. “Minimum Age” depends on where
the individual accesses the services. “Minimum Age” shall mean (a) 14 years old for the United
States, Canada, Germany, Spain, Australia, and South Korea; and (b) 13 years old for all other
countries. However, if applicable law requires that you must be older than such ages in order for
SmithX to lawfully provide the Services to you (including the collection, storage, and use of your
The Services are not designed nor intended for use by children or anyone else under the age of 13.
We use industry best practices to keep any information collected and/or transmitted to the
Third-Party Apps secure. This includes the use of HTTPS with SSL (Secure Sockets Layer), which
encrypts all transmitted data, and OAuth 2.0 protocols for authentication and data transfer to
Supported Platforms and Third-Party Apps.
Certain Personal Data, most notably SmithX log-in details, is encrypted during transmission using
SSL. Once validated within our system, passwords are deleted from our system. In addition, SmithX
uses third-party vendors and hosting partners such as DigitalOcean to provide the necessary hardware,
software, networking, storage, and related technology required to run the Services. These vendors
have been selected for their high standards of both physical and technological security, including
SOC 1 Type II, SOC 2 Type II, SOC 2 Type II, SOC 3, PCI-DSS and ISO 27001 certifications.
When payments are processed via credit card, SmithX uses third-party vendors that are PCI-DSS
Compliant. At no point does SmithX have access to your credit card information.
You should bear in mind that submission of information over the Internet is never entirely secure.
We cannot guarantee the security of information you submit via the Services whilst it is in transit
over the Internet and any such submission is at your own risk, and this risk is specifically
disclaimed in our Terms.
If you are a Logged-in User, it is advisable that you log out of your account at the end of every
session and not leave a logged-in account unattended for any period of time, particularly if you use
a shared computer or device.
Information storage and international transfers
SmithX, the entity which provides the Services, is a Croatian company with its head-office
located in Zagreb. For the purposes of EU data protection law, Croatia is a part of the 28 EU
countries and three EEA member countries and the effect of this decision is that personal data can
flow to that third country without any further safeguard being necessary. Croatia is considered a
country which provides adequate protections for Personal Data, as confirmed by the European
The Services are mainly provided from our offices in Croatia. However, by the very nature of the
Services, the data that is viewed, collected, stored or posted on or through the Services also needs
to flow from wherever you are located in the world, to where our Supported Platforms are storing the
same data (i.e. in most cases, in the United States). In addition, SmithX uses third-party service
providers (such as managed hosting providers, card processors, CRM systems, sub-processors of
Customer Content and technology partners) to provide the necessary hardware, software, networking,
storage and other services that we use to operate the Services. These third party providers may
process, or store, the same Customer Content on servers outside of the EEA.
By using any of the Services, or submitting or collecting any Personal Data via the Services, you
authorize SmithX and its authorized service partners to use and process Customer Content and
SmithX Data (including any Personal Data) in these countries. Please be aware that the privacy
protections and the rights of authorities and Government agencies to access your Personal Data in
some of these countries may not be equivalent to those in your country.
For our customers with a principal location in the EU:
If you primarily use the Services within the EU, we will process Customer Content (which may include
Personal Data) as a data processor on your behalf. Under EU law, you are considered to be the data
controller of the Customer Content, and as such you are responsible for complying with applicable
data protection laws in respect of the processing of Customer Content and the lawful instructions
you give us.
To facilitate the lawful transfer by you of your Customer Content (as a data controller) through the
Services to outside the EEA, SmithX is offering its EU customers a data processing agreement as an
addendum to their existing SmithX agreement (“Data Processing Addendum”). This incorporates the
European Commission’s Standard Contractual Clauses (processors) of 2010 (also known as “model
processor clauses” or "SCC 2010”).
Please note that the Data Processing Addendum only applies to the extent there is not another legal
basis in place to validate the transfer of Personal Data to outside the EEA.
The Data Processing Addendum and some FAQs are available to all of our Customers. If you would like
to incorporate the Data Processing Addendum into your existing agreement with SmithX, please email
us and we will promptly send you SmithX' Data Processing Addendum for you to complete, sign and
return to us.
If you have any questions, please feel free to contact us.
You may opt out of marketing communications sent by SmithX by managing your email preferences on
our Preferences Management page, or by following the unsubscribe instructions included in each
You can contact us to obtain a copy of the Personal Data held about you by us. This may be subject
to a fee not exceeding any prescribed fee permitted by applicable law. You can also ask us to
correct and, where relevant, erase that information. Please note that certain Personal Data may need
to be retained by SmithX for a period of time following cancellation of your account where this is
necessary for our legitimate business purposes or required or authorized by applicable law. As
mentioned above you have a right to change your email preferences at any time.
You should be aware that SmithX acts as a conduit between our users and the various Supported
Platforms and Third-Party Apps. In several instances, the content published via SmithX will not be
in SmithX' custody or control, and any content that has been shared by you through any Supported
Platform or Third-Party Apps via the Services may continue to be available to third parties and the
public at large, as this content is now under the control of the operators of the Supported
Platforms and/or the Third-Party Apps.