Users and Customers from the EU/EEA
All EU-based individuals, irrespective of their nationality, have certain individual rights under the GDPR, these include:
- The right to be informed about the collection and use of their personal data.
- The right of access to find out that is stored about them.
- The right to rectification of their personal data if it is inaccurate or incomplete.
- The right to erasure to enable an individual to request the deletion or removal of personal data where there is no compelling reason for its continued processing.
- The right to restrict processing to 'block' or suppress processing of personal data.
- The right to data portability allowing individuals to obtain and reuse their personal data for their own purposes across different services.
- The right to object to the processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing and/or for purposes of scientific/historical research and statistics.
- Various rights in relation to automated decision making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate certain things about an individual).
Data Collection and Publishing
When you visit the Site or use the Services we may collect information from you such as your name, email address and phone number (from prospective and existing Customers) and information regarding your social media accounts, uploads and posts (from end users who upload user-generated content to Customer digital properties or use Customer hashtags on their social media posts). We collect this information in order to provide end users and Customers with access to our Services and our Platform, in order for prospective and existing Customers to download information such as whitepapers, and in order for anyone to contact us with questions regarding our Site or Services. You can connect your social media accounts, such as Facebook, to your Platform account. The social media services will authenticate your identity and provide you the option to (i) include Platform elements on Facebook Fan Pages, (ii) follow, like, or comment on others’ social profiles from within your Platform account.
As is true of most web sites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. Candid does not collect IP addresses of end users on behalf of Customers. We may combine automatically collected log information with other information we collect about end users.
Use of Personal Information
If you upload user-generated content to your social media accounts which you tag with our Customers’ brand hashtags, Candid may collect that content on behalf of our Customers, including your photo, social media username, caption information (if any) and location information (if any). If you upload user-generated content directly to a Candid Customer digital property, Candid may collect your email address, prior to the upload, as well as your photo. Generally, the information Candid collects from end users helps us and our Customers to communicate with end users regarding content that they have submitted through the Candid Services. For instance, we may use your email address to provide you with an email confirmation of your registration or to notify you of the status of the content you have submitted. Furthermore, our Customers to whom you have submitted content through the Candid Services or whose brand hashtags you have included in your social media posts may use your username or email address to communicate with you.
If you are a prospective or existing Candid Customer, we use the personal information we have collected from you to provide you with information about and access to our Services.
We use the information we collect automatically from end users of our Site and Services to improve the Services we offer to our Customers, and to improve marketing, analytics and the functionality of the Services.
Transfer of Personal Information
Candid may transfer personal information to those Customers on whose behalf we have collected it and to companies that help us provide our Services. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and our service agreements with our Customers.
Choice and Access to Personal Information
If your personally identifiable information changes, or if you no longer desire to receive communications from us, you may correct, update, delete or deactivate your information from our records by (for Customers) logging into your account and making the appropriate changes or (for non-Customers) contacting us at firstname.lastname@example.org. We will respond to your request to access within 30 days.
If you are an end user of a Customer site or have posted user-generated content with a Customer’s brand hashtags and would no longer like to be contacted by that Customer, please contact that Customer directly. If the Customer requests that Candid remove the information from our records, we will respond to its request within 30 business days.
We also use "cookie" technology and similar technologies in analyzing trends, administering the Candid Website and Services, tracking users’ movements around the Candid Website and Services, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
We use Local Storage (LS) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our Candid Website and Services or to display advertising based upon your web browsing activity use LS such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LS.
We partner with third parties to manage our advertising on other sites. Our third party partners may use technologies such as cookies to gather information about your activities on this Candid Website and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.
IP Address and Clickstream Data
Our server may collect the Internet Protocol address, or IP Address number that is automatically assigned to your computer by your Internet service provider. When you request pages from our Candid Website, our servers may log your IP Address and sometimes your domain name. Your IP Address is used to help identify you and to gather demographic information about our customers as a whole, but does not include personally identifiable information. Our server may also record the referring page that linked you to us (e.g., another Web site or a search engine); the pages you visit on this Candid Website; the Web site you visit after this Site; the ads you see and/or click on; other information about the type of Web browser, computer, platform, related software and settings you are using; any search terms you have entered on this Site or a referral site; and other Web usage activity and data logged by our Web servers. We use this information for internal system administration, to help diagnose problems with our server, and to administer the Candid Website. Such information may also be used to gather demographic information, such as country of origin and Internet Service Provider. We may link this information with your personal information.
Any or all of these activities with regard to Candid Website usage information may be performed on our behalf by our service providers, including, for example, our analytics vendor(s) and our e-mail management partner(s).
We may use "clear GIFs" (aka “Web beacons” or “pixel tags”) or similar technologies, in the Candid Website and/or in our communications with you to enable us to evaluate Candid Website usage information about visitors to the Site, target campaigns, upgrade visitor information, and know whether you have visited a Web page or received a message. A clear GIF is typically a one-pixel, transparent image (although it can be a visible image as well), located on a Web page or in an e-mail or other type of message, which is retrieved from a remote site on the Internet enabling the verification of an individual’s viewing or receipt of a Web page or message. A clear GIF may enable us to relate your viewing or receipt of a Web page or message to other information about you, including your personal information.
Data Release Policy
Our policy is to only release the data we collect in the following circumstances:
- To our customers to whose digital properties you have directly uploaded content or whose brand hashtags you have included in your social media.
- As required by law.
- To designated third parties to resolve or investigate abuse complaints.
- When the information is related to spiders or bots, usually when investigating technical issues.
- For abusive users, we may release information to assist in attempting to block the abusive user or to complain to that user's Internet Service Provider.
- If necessary to defend against legal claims.
- When we deem it necessary to protect the property or rights of the user community, or this Site
We may use third party partners to help operate the Site and deliver our features and Services, and may share your information with our affiliates, service providers and other third parties that provide products or Services for or through this Site or for our business (such as Web site or database hosting companies, address list hosting companies, e-mail service providers, analytics companies, distribution companies, fulfillment companies, and other similar service providers that use such information on our behalf).
No Selling of Information
Securing Your Information
Candid cannot guarantee the security of information provided over the Internet and will not be responsible for breaches of security beyond our reasonable control.
When you use some our Site or Services, or post on a Candid forum or social networking service, the personally identifiable information you share is visible to other users and can be read, collected, or used by them. You are responsible for the personally identifiable information you choose to submit in these instances.
If you contact us by e-mail or a “contact us” or similar feature on the Site, you should be aware that your transmission might not be secure. A third party could view information you send by these methods in transit.
We will make any legally-required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored personal data to you via email or conspicuous posting on this Site in the most expedient time possible and without unreasonable delay, consistent with (i) the needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
Do not provide any sensitive information (including your password or credit card information) via e-mail or to a Web site that does not seem to be affiliated with Candid, or that otherwise seems suspicious to you, without first reporting such request to us at email@example.com and confirming that it is a valid request from us.
Third Party Links
Our Site or Services may contain links to third party websites not operated or controlled by Candid. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data, including location data or your contact information, or solicit personally identifiable information from you. We advise that you learn about the privacy practices of these third parties.
Our Policy Towards Minors
We do not knowingly collect personal information from children under 18 unless they have obtained parental or guardian consent. If we learn that we have collected the personal information of a child under 18 without such consent, we will delete the information as soon as possible.
If a parent or guardian becomes aware that his/her child has provided us with personally identifiable information without their consent, he/she should contact us at firstname.lastname@example.org.