Date of Last Revision and Effective Date: 6.5.2023
What This Policy Contains
I. Entity Responsible for the Processing of your Personal Information
II. Personal Information Collected and Used, Processing Purposes and Legal Bases
III. Information Sharing and Disclosure
IV. How Long We Store Your Information
V. Your Rights
VII. International Transfer
VIII. Our Policy Toward Children
X. Links to Other Sites
XI. Your Responsibilities for Protecting Your Data
XIII. Contacting Us
- Entity Responsible for the Processing of your Personal Information
Super Basic LLC at 1510 Fashion Island Blvd Suite 300 San Mateo, CA 94404 is responsible for the processing of your personal information in connection with the use of our Services. You can find our contact information in Section XIII below.
- Personal Information Collected and Used, Processing Purposes and Legal Bases
As you use the Services, we may collect or you may provide us with information relating to an identified or identifiable natural person (“Personal Information”). An identifiable natural person is a person who can be identified, directly or indirectly. Personal Information includes data such as your name and email address, but is not limited to this information and may vary based on the Services you are using. Personal Information may also include data like your IP address, information about your usage of our Services, financial or transactional details, user identifiers, your location, or other application specific information When you contact our customer support services, this may include a record of that correspondence and associated contact information.
Personal Information That You Provide
Registering and Paying for the Services. Where applicable, you may sign up to use the Services directly via the Site or Application or via certain third party social networking sites (each, a “Social Networking Site”). If you decide to create an account to use the Services via a Social Networking Site, we may extract the Personal Information you have provided to such Social Networking Site (such as your “real” name, email address and other information you make available via the Social Networking Site) from the account you have with such Social Networking Site and use that Personal Information to create your We Heart It account, or an account for a We Heart It Service; the Personal Information we extract may depend on the privacy settings you have with the Social Networking Site. We use this Personal Information with your consent.
If you choose to purchase any Services or any virtual goods as part of your use of the Services, to the extent available, we or our third party service providers may collect Personal Information from you to facilitate your payment for such virtual goods. We use this Personal Information to perform our contract with you to provide the Services to you.
We use other Personal Information that you provide in connection with your registration and/or use of the Services (e.g., your name, user name, password, time of registration, birthday, gender, zip code (on its own) and individual preferences) in order to provide our Services and your user account to you. If you participate in a contest, we may use any Personal Information included in your submission. We may also use any Personal Information that you include in any inquiry that you send to us. We use the aforementioned Personal Information to perform our contract with you to provide the Services to you.
Optional Push Notifications. If you wish to receive push notifications on your cell phone, we may use your user ID, the content of the push notifications we send to you and your user preferences that trigger the push notification. We use this Personal Information with your consent. You can always opt-out for the future.
Email and Marketing Communications. If you wish to receive personalized email newsletters, we may use your name, email address and the content of the marketing communications we send to you. We send you our personalized email newsletters on the basis of your consent or our legitimate interests to send you information about similar Services to those that you have previously used or purchased. We may personalize our marketing communications based on the information you provide to us, your preferences, your interactions with the Services, information obtained from third parties, and your search and booking history. You can always opt out for the future. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your “user preferences” information. (See “Your Rights,” below.) Please note that where you opt-out of receiving email newsletters, we may still send you certain communications relating to your use of the Services, such as service announcements, notices regarding the Service and administrative messages.
Information from Your Device You Permit Us to Access as Part of the Services. With your consent, we may access Personal Information from your device, such as your specific or general location, calendar, or photo library in order to provide Services you have requested. For example, if you are using a weather app and would like to receive weather updates for your current location, you may need to enable access to your location. Similarly, if you are using a calendar app and would like to use the app to manage your calendar, you may need to enable access to your calendar for that purpose. Or if you are using a photo editing app, you may need to enable access to your photos if order for the app to modify your photos. We will not seek to access the category of information described in this paragraph without your consent, and we will not ask for your consent unless it is useful or necessary to provide the Services you have requested.
Secure Data. Some services are encrypted and collect data that we are not capable of decrypting under any circumstances. For these services, this includes all or select information stored in your accounts and is associated with your login credentials and your device. We have no way of accessing or providing decrypted Secure data, and we never receive copies of unencrypted Secure data. Your secure data is your property. We claim no rights to it beyond those necessary to deliver services to you. You may add, modify, and delete secure data at your discretion. You are responsible for maintaining your credentials and managing access to your secure data, as outlined in Section XI.
Personal Information We Collect Automatically
Our Services may require additional information or permissions from your device in order to function effectively.
Log Data. When you use the Services, whether as a registered user or a non-registered user, for example in accessing our Services through a Social Networking Site, (any of these, a “We Heart It User”), our servers automatically record information that your browser sends whenever you visit a website or application (“Log Data”). This Log Data may include information such as:
This Log Data may include Personal Information such as your computer’s Internet Protocol (“IP”) address, browser type or the website or application you were visiting before you came to the Service, pages of the websites or application involved in the Service that you visit, the time spent on those pages, information you search for, access times and dates, operating system, software version, and statistical information related to your use of the Services. We use the Log Data to monitor and analyze use of the Services, to technically administer and maintain the Services, to provide the Services to you, to improve and increase the functionality and user-friendliness of our Services, and for security purposes. For example, some of the Log Data is collected so that when you use our Services again, it will recognize you and will make your continued use of the Services easier (e.g. by storing your game progress or remembering that you are logged into the Services). We also use the Log Data to verify that visitors to the Service meet the criteria required to process their requests. We use the Log Data to perform our contract with you to provide the functioning Services to you.
How We Use Your Personal Information
Provide, Improve, and Develop the Services.
- Provide the Services to you
- To set up your user account
- Recognize you when you return to our Services, keep your game progress, save your registration ID and login password for future logins, and store information about your use of the Services
- Display your achievements on leader boards within the relevant Application (which will include your basic social media profile information if you choose to link your social media accounts with the Services)
- To enable you to purchase any Services or make purchases within our Services
- Provide customer service and to respond to any inquiry that you send to us
- Operate, protect, improve, and optimize the Services and the user experience, such as by performing analytics and conducting research
- Communicate with you and to send you information by personalized email, postal mail, telephone, text message, or other means about our Services, contests, support messages, updates, security alerts, and account notifications.
- Make your user experience easier, more personalized, more enjoyable and more efficient
- Address problems with and improve our Services and technologies, as well as to develop new Services
- Enable certain features of the Services in order to better understand how you interact with the Services and to monitor aggregate usage.
- Facilitate your ability to share Personal Information (e.g., game scores or photos you have edited) to social media
- Administer and fulfill our contests and other promotions. We may provide further information on the use of your Personal Information in connection with contests when you sign-up for the contest and submit your entry
- Help us learn more about your product preferences
- Send you push notifications with app-related information when you give us your consent
- Fulfill your purchase requests and process purchase payments and refunds
- Operate, protect, improve, and optimize the Services and experience, and personalize and customize your experience. We use your Personal Information on the basis of our legitimate interests in improving our Services and your experience. With your consent, we conduct profiling based on your interactions with the Services.
Create and Maintain a Trusted and Safe Environment.
- Prevent, detect, mitigate and investigate fraud, security breaches and activities that are or potentially may be prohibited or illegal
- Conduct security investigations and risk assessments
- Verify or authenticate information
- As we believe to be required or appropriate to protect the rights, property, safety and security of our Services and our employees, customers and others
- As we believe to be required or appropriate under applicable law, to respond to requests from government authorities and to comply with legal process, investigations, regulatory or governmental enquiries or for other legal or regulatory purposes
- Comply with our legal obligations
- Resolve any disputes with any of our users and enforce our agreements with third parties
- Enforce our Terms of Service or other policies
We use your Personal Information for these purposes given our legitimate interest in protecting the Services and to comply with applicable laws.
Marketing, Surveys, Sweepstakes, and Contests
- Personalize, measure, and improve our advertising
- Administer referral programs, rewards, surveys, sweepstakes, contests, or
other promotional activities or events sponsored or managed by We Heart It or its third party
We use your Personal Information for these purposes with your consent, where required, or to perform our contract with you to provide the Services to you.
- Information Sharing and Disclosure
We Heart It Registered Users.
If you register through the Services and submit your Personal Information to create a profile or login credentials for We Heart It, other registered users may be able to see your Username and other Personal Information you choose to include in your profile or otherwise post or share.
Aggregate Information and Non-Identifying Information; Advertisers. We may share aggregated information that does not include Personal Information and we may otherwise disclose Non-Identifying Information and Log Data with third parties for industry analysis, demographic profiling and other purposes.
In particular, we share Non-Identifying Information (including the advertising identifier currently associated with your device) and Log Data and other aggregated information with third party advertising and technology companies. The data we share with them may include data about your device, approximate location, and use of our Applications, including IP address, device identifiers and information, Application usage data, and purchase data as well as information you provide to us when using our Applications such as game progress and certain technical information. Such information may be used to send you targeted advertisements for products and services that are relevant to your interests. In some cases these third parties will also use the data that they collect for their own purposes, such as aggregating your data with other data they hold in order to inform advertising related services provided to other clients. These third parties may place a Cookie on your browser, or use a web beacon, to collect information about your use of our website so that they can provide advertising about products and services tailored to your interest. That advertising may appear across the Services, or on other websites, apps and services. You can instruct your browser, by changing its options, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. On your mobile device, you can manage your privacy preferences in app settings, and you may be able to reset some identifiers by taking the following steps (for iOS: https://support.apple.com/en-us/HT202074 and for Android: https://support.google.com/ads/answer/2662922?hl=en). If you do not accept Cookies, however, you may not be able to use all portions of the website or all functionality of our Services, and advertising will no longer be targeted to your interests.
A list of the third-party advertising and technology companies that we work with is set forth below:
We may employ third party companies and individuals to facilitate our Services, to provide our Services on our behalf, to perform services related to our Services (e.g., without limitation, analytics and reporting services, database & hosting services, distribution platforms, and other web or app services) or to assist us in analyzing how our Services are used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We have carefully selected these service providers and entered into data processing agreements, if required by applicable law. The service providers will use your Personal Information outside the EU/EEA (e.g. in the U.S.).
Service providers with whom we share your Personal Information may include:
- Web, App and Game Distribution, Payments and Operating System platforms, including, but not limited to, Apple Inc., Google LLC, Amazon.com, Inc., Facebook, Inc., Stripe, Inc.
- Analytics Service Providers, including, but not limited to, Sisense Ltd., Google LLC (operating as Firebase, Google Analytics, BigQuery, or Google Cloud Platform), Appsflyer;
- Web, App or Game Software, Hosting, Database & API Service Providers, including, but not limited to, Google LLC (Google Cloud Platform) and Amazon.com, LLC (Amazon Web Services)
- Customer Support Platforms, including, but not limited to, Zendesk, Inc.
Group Companies. We may share your Personal Information with our group companies where it in order to provide our Services or customer support to you or based on our legitimate interests for internal administrative and management purposes (for example, for corporate strategy, compliance, auditing and monitoring, research and development, and quality assurance).
Compliance with Laws and Law Enforcement. We Heart It cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose any Personal Information to government or law enforcement officials where necessary to respond to any government or law enforcement requests or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of We Heart It or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, any illegal, unethical or legally actionable activity.
Business Transfers. We Heart It may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
Other Disclosures. We may share your Personal Information with our legal, regulatory, audit, and other professional advisors. Those companies may use your Personal Information to assist us in our operations consistent with our legitimate business interests.
- How Long We Store Your Information
We keep your Personal Information for no longer than necessary for the purposes for which the Personal Information is processed. The length of time for which we retain Personal Information depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
- Your Rights
Your EU Privacy Rights
If you are a user located in the EU/EEA/UK, you have the following rights regarding your Personal Information:
- Right of access: You may ask us to confirm whether we process your Personal Information and, if so, to provide you with a copy of that Personal Information (along with certain other details).
- Right to rectification: If the Personal Information we hold about you is inaccurate or incomplete, you are entitled to ask for rectification or completion.
- Right to erasure: You may ask us to delete or remove your Personal Information in some circumstances, e.g., if you believe we no longer need it or if you withdraw your consent (where applicable). If you completely delete all such Personal Information, then your account may become deactivated.
- Right to restrict processing: You may ask us to restrict the processing of your Personal Information in some circumstances, e.g., if you object to us processing it.
- Right to data portability: You have the right to obtain Personal Information you have provided to us in a structured, commonly used and machine-readable format for reuse under certain circumstances.
- Right to object: You may ask us at any time to stop processing your Personal Information, and we will do so under appropriate circumstances, if we (1) rely on legitimate interests to process your Personal Information, except if we can demonstrate compelling legal grounds for the processing, or (2) process your Personal Information for direct marketing.
- Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision when it is based solely on automated processing, including profiling, and it produces a legal effect or similarly significantly affects you unless such profiling is necessary for entering into, or the performance of, a contract between you and us.
- Right to withdraw consent: If we rely on your consent as legal basis for processing your Personal Information, you have the right to withdraw that consent at any time.
You can learn more about these rights at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en.
If you want to get access to, correct, or request erasure of your Personal Information, restrict, or object to the processing of your Personal Information; or request to receive your Personal Information in a structured, commonly used and machine-readable format please contact us as described in Section XIII. To protect your privacy and security, we also will take reasonable steps to verify your identity before granting access, making corrections, or following such a request to correct or delete your Personal Information.
Notice of California Privacy Rights
California Civil Code Section 1798.83 permits customers of We Heart It who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please contact us as described in Section XIII.
At this time, we do not respond to Do Not Track browser settings or signals. For information about Do Not Track, please visit www.allaboutdnt.com.
Some browsers and browser extensions support the Global Privacy Control (“GPC”) (https://globalprivacycontrol.org/), which can send a signal to websites you visit that signals your intention to opt out of certain types of data processing. Where required by law, when we detect such a signal, we will make reasonable efforts to respect your choices indicated by a GPC setting.
Under California law, California residents have the right to request:
- the deletion or correction of the Personal Information we have about them
- additional information about whether and how we have collected, used, disclosed, and sold Personal Information about them
- the specific pieces of Personal Information we have about them
- that we opt them out of the “sale” or “sharing” of their Personal Information (“Right to Opt Out”), which can be done at the below “Do Not Sell or Share My Personal Information” link.
California residents also have the right not to receive discriminatory treatment if they exercise the rights list above. As noted above, we do not knowingly use or share sensitive categories of data about individual users (in California, “Sensitive Personal Information”) other than as needed to perform specific services you have requested. For example, if you want real-time weather data for a specific location, we may request that you give us access to your location for that purpose. We do not engage in profiling in furtherance of decisions that product legal or similarly significant effects concerning individual users (in California, “Automated Decision-Making”).
Your Nevada Privacy Rights
We do not sell consumers’ covered information for monetary consideration (as defined in Chapter 603A of the Nevada Revised Statutes). However, if you are a Nevada resident, you have the right to submit a request directing us not to sell certain information about you. To submit such a request, please contact us at email@example.com.
Submitting Privacy Rights Requests (Open to Eligible Residents of Some U.S. States)
Some U.S. states (such as California, Colorado and Virginia) have privacy laws that grant residents the right to make requests regarding how their personal information is collected, use, and shared and to request access to certain information collected about them. We seek to comply with applicable law and to respect the wishes of our users.
When you make a request, we may require that you provide information and follow procedures so that we can verify the request and your jurisdiction before responding to it. The verification steps we take may differ depending on the request you make and the requirements of state law. We will attempt to match the information that you provide in your request to information we already have on file to verify your identity. If we are able to verify your request, we will process it. If we cannot verify your request, we may ask you for additional information to help us verify your request.
Eligible users will be required to submit their first and last name and email address and may also be asked to provide other information so that we can verify the request. Please provide as much of the requested information as possible to help us verify the request. We will only use the information received in a request for the purposes of responding to the request.
Where permitted by law, eligible users may use an authorized agent to make privacy rights requests. We require the authorized agent to provide proof of the user’s written permission that shows the authorized agent has the authority to submit a request. An authorized agent must follow the process described below to make a request, and we will additionally require the authorized agent to verify his/her own identity.
You may submit a privacy rights request to us by:
- Using the privacy rights request options available in the Settings menu of your app (available to app users only) or in the cookie preferences center in your web browser (available to web users only on our sites)
- Completing this form
- Emailing us at firstname.lastname@example.org
To exercise the Right to Opt Out, in addition to contacting us using the above information, you may use the following link:
We Heart It is concerned with safeguarding your Personal Information. We employ reasonable administrative, physical and electronic measures designed to help protect your information from unauthorized access. No security, however, can eliminate the possibility that your Personal Information may be accessed by an unauthorized third party, and we cannot guarantee that your Personal Information will remain secure in all situations.
We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable state statutes on security breach notification) to you via email, mail, telephone, or conspicuous posting on our website in the most expedient time possible and without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system. We reserve the right to choose which method we use to contact you about such an event.
- International Transfer
We may transfer your Personal Information outside the European Union/European Economic Area. Whenever we transfer your Personal Information out of the EU/EEA, we ensure an adequate level of protection is afforded to it by ensuring, where required by law, at least one of the following safeguards is implemented:
- Transferring Personal Information to countries that have been deemed to provide an adequate level of protection for Personal Information by the EU Commission, or
- Using standard contractual clauses approved by the EU Commission which give Personal Information the same protection it has in Europe.
You may be entitled, in accordance with applicable law, to request a copy of the specific safeguard by contacting us as described in Section XIII.
- Our Policy Toward Children
The Services are not directed to children under 18. We do not knowingly collect Personal Information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at email@example.com. If we become aware that a child under 18 has provided us with Personal Information, we will delete such information from our files.
Where the General Data Protection Regulation applies, our Services are not intended for children and we do not knowingly process Personal Information relating to children under the age of 18.
Identity theft and the practice currently known as “phishing” are of great concern to We Heart It. Safeguarding information to help protect you from identity theft is a top priority. We do not and will not, at any time, request your credit card information, your account ID, login password, or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. For more information about phishing, visit the Federal Trade Commission’s website.
- Links to Other Sites
Our Services may provide links to other websites and applications. If you choose to visit an advertiser by “clicking on” a banner ad or other type of advertisement, or click on another third party link, you will be directed to that third party’s website. The fact that we link to a website or present a banner ad or other type of advertisement is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit Personal Information from you. Other websites follow different rules regarding the use or disclosure of the Personal Information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
- Your Responsibilities for Protecting Your Data
You are responsible for knowing your account credentials and password.
It may not be possible for to recover your password, or your data on your behalf, should you not be able to provide correct account credentials when they are requested.
We are not responsible for lost credentials and cannot guarantee access to our services if your credentials are lost.
You should also create a strong and secure password and take precautions to protect your account.
For some services, when you create your account, you will create a Master Password. You should create a unique, strong and secure Master Password that is not easily guessed. It may not be possible to access or recover your account or your data without your Master Password.
It’s important to understand that anyone with your account credentials, including your Master Password, may be able to access your data on the services.
It may not be possible for us to assist you with certain customer service requests, unless you are using your confirmed account credentials, in order to protect your account and data.
If you have any complaints concerning We Heart It’s processing of your Personal Information, please email us at firstname.lastname@example.org or write to us at 1510 Fashion Island Blvd Suite 300 San Mateo, CA 94404.
Please note that if you our Services from the EU/EEA, you may have the right to lodge a complaint with a European Union supervisory authority that is responsible for the protection of Personal Information in the country where you live or work, or in which you think a breach of data protection laws might have taken place.
Customers in the United Kingdom can contact the Information Commissioner’s Office by telephone on 0303 123 1113, or by using the live chat service that is available through the Information Commissioner’s website www.ico.org.uk
- Contacting Us
If you would like to submit a data request under CPRA or GDPR, please complete this form, or manage your preferences in the Privacy Center in your app or browser.