Effective Date: October 23, 2023
Information We Collect and How We Collect It
We collect information from and about users of VlogBox and/or the Site:
- Directly from you when you provide it to us;
- Automatically when you use VlogBox and/or the Site; and
- Data we collect from our partners.
Data we collect for our analytics:
- Device info including, but not limited to the device model and IP address;
- UI activity events (e.g. clicked on active buttons/ elements of the Site).
Information You Provide to Us
When you register with, access, or use VlogBox and/or the Site, we may ask you to provide information (a) by which you may be personally identified, such as name, email address, or any other personal or personally identifiable information under applicable law (“personal information“), and/or (b) that is about you but individually does not identify you.
This information includes, without limitation:
- Information that you provide by filling in forms on VlogBox and/or the Site. This includes information provided
at the time of registering to use or access VlogBox and/or the Site. We may also ask you for information when
you interact with us (such as when responding to notices and announcements from us), and when you report a
problem with VlogBox and/or the Site or otherwise correspond with us;
- Records and copies of your correspondence (including email addresses), if you contact us;
- Your responses to surveys that we might ask you to complete for research purposes;
- Details of transactions you carry out through VlogBox and/or the Site and of the fulfillment of your orders.
Information Collection and Tracking Technologies
The technologies we use for automatic information collection may include:
Data We Collect From Our Partners
We also collect the following data from our partners:
- Location data (such as to determine the coarse location of your IP address);
- Data for analytics purposes, so we can provide you with better services.
Third-Party Information Collection
When you use or access VlogBox Site or its/their content, certain third parties may use automatic information collection technologies to collect information about you or your Device, or you may otherwise be accessing and using third-party platforms, software, and applications.
Why Do We Collect Your Data
1) To make VlogBox and/or the Site work.
2) To perform the contract, we process data necessary to:
- Create Accounts and allow you to use VlogBox, access its contents, features, functionality, and services, and to access or use the Site;
- Operate our services;
- At our discretion, provide and deliver products, services, and any other information you reasonably request;
- Send you VlogBox- and/or Site-related communications, such as when updates are available, and of changes to any products or services we offer or provide through VlogBox and/or the Site;
- Fulfill any other purpose for which you provide the information;
- Give you notices about your Account; and
- Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- To make VlogBox and/or the Site more suitable for our users.
To provide a great application and/or Site to our users, we have a legitimate interest to collect and process
necessary data to:
- Update and develop user profiles;
- Develop and improve VlogBox and/or the Site and user experience;
- Manage our relationship with you;
- Provide social features as part of VlogBox and/or the Site;
- Customize VlogBox and/or the Site experience according to your individual interests, such as through storing information about your preferences and recognizing you when you use or access VlogBox and/or the Site;
- Respond to your comments and questions and provide user support;
- Provide you offers in VlogBox and/or the Site as well as in other websites and services, and by email;
- Send you related information, such as updates, security alerts, and support messages;
- Speed up your searches.
- To analyze, profile, and segment.
In all of the above cases and purposes, we may analyze, profile, and segment all collected data, including for the purpose of estimating our audience size and usage patterns.
Children’s Personal Information in Our Mobile Applications
All creatives or video-advertising published on child-directed applications includes human review and will be monitored and checked manually by VlogBox, Inc. before publishing.
We do not collect any personal information from children through our Apps, except persistent identifiers as described below. If we find out that we have collected personal information from children, we will take all reasonable steps to remove this information as soon as possible. If you know your child has provided us with their personal information without your consent, please contact us at firstname.lastname@example.org .
When you download our mobile applications and use them, we do not record any personal data about you, except persistent identifiers and non-personalized data related to the duration of your use of the application, the mode of using the application, e.g., your progress, what sections are viewed and what actions are performed when using our mobile applications.
1. Data we collect and process
- persistent identifiers: device id, IDFA, Android Device ID; AAID
- code of the country
When you use Apps, we can collect additional information using persistent identifiers that identify your device. This information can be used for providing contextual advertising and analysis.
This information includes:
- served ads and the depth of their viewing
- duration of the ads;
- usage information (frequency and duration, events and actions occurring in the application, screen visits, use of functions, purchases, performance data, crash data, progress and activities (e.g. remembering the level of progress at a certain stage of use).
To ensure the privacy and protection of our younger users, features that have the potential to collect and share your personal data (except for persistent identifiers) will be disabled for device identifiers of users who have not passed the age filter. We do not store the year of birth of users who have indicated an age below 13 years in our Apps – only information that this device did not pass the age filter.
The only personal information we collect from users below the age of 13 is the persistent identifiers (such as device id, IDFA, Android Device ID; AAID). Such persistent identifiers are used and disclosed to third parties solely to support internal operations aimed at providing contextual advertising (including limiting the frequency of shows), to authenticate users, or to personalize content in Apps (for example, to send push notifications), to maintain or analyze the functioning of Apps, to carry out network communications in order to protect the security and integrity of Apps users, as well as to comply with security standards or regulations.
When using persistent identifiers, we will not show children behavioral ads, or use their data to track and profile.
2. Purposes of data processing
We use the collected information about you and your device to provide you with services and to conduct our business. Such use by us and our Partners may include:
- Provision of our services: development, providing, and improvement of our Apps, services, and content, adaptation of our Apps and services, providing updates and support, analysis of trends related to Apps use, administration, as well as user
- Co-promotion: co – promotion of our Apps and services, i.e. advertising one of our Apps while you are playing another.
- Analysis and research: understand and analyze trends associated with the use of the Apps. In addition, we can make reports and provide analysis for research or business intelligence purposes, g., track potential problems or trends in our Apps and services, as well as test new gaming functions and content.
Push Notifications: We use push notifications to send you notifications related to your activities in the Apps. We will send push notifications to your mobile device only with your consent. We try to make the content of notifications suitable for the whole family. Push notifications are contextual and are sent only within the Apps, not from the server, and not connected with other user information. At any time, you can manage your push notification preferences or deactivate these notifications at any time by turning off the notification settings in the App or in the Device Settings of your mobile device.
For iOS: After downloading the Apps, you will need to allow or reject receiving push notifications. If you reject, you will not receive push notifications. If you allow them, on some devices you can turn them off later in your device settings. You can manage push notifications on your device as follows: open your Settings, click Notifications, find the App, click the Apps icon. enable or disable notifications by moving the button to ON or OFF.
For Android: after downloading the Apps, you will automatically receive push notifications. To manage push notifications, you need to: open your Settings, click Apps (or Application manager), scroll down and select the desired app, tap to uncheck Show notifications to disable push notifications for that app. Push notifications can be disabled by clicking the checkmark on the corresponding option inside the Apps.
3. Transfer of personal information to third parties
We cannot independently provide all the services necessary for the successful operation of the Apps. Therefore, we must share the information we collect with third parties, including those providing analytics, advertising, or any other third-party services that help us to run the Apps (“Partners”).
We may share information that can be used to personally identify your device (for example, using persistent identifiers such as IDFA, AAID, advertising identifier) for the purpose of providing services, displaying ads, analyzing and researching, as well as measuring the effectiveness of our advertising campaigns, and campaigns of our Partners. We may share this information with the following partners:
- Analytics Providers :
Google analytics https://policies.google.com/privacy?hl=en-US
Firebase – Google https://firebase.google.com/support/privacy
They are necessary for the provision of our services, analysis, and research. The data we share with these providers is encrypted. The provider can assign a random number to such data, by which you cannot be identified. Third-party analytics providers have the right to process data in accordance with their privacy policies, and such data can be published in a generalized form in order to show trends in the use of their services, for advertising services, and for marketing purposes. We can summarize data for benchmarking purposes.
- Third-Party Advertising Partners: We have contracted with some third-party advertising networks that help us show you ads so that we can provide Apps for free or for a small fee.
We may cooperate with additional Partners or change the existing ones in order to provide any services related to services or Apps.
When you use our Apps, we can show you contextual Ads. To ensure that Ads are shown, we allow our partners to collect identificators (such as AAID and IDFA), which in some jurisdictions may be considered personal information. At the same time, our Partners should use such data exclusively for contextual advertising purposes. For other purposes, they must use anonymized and aggregated information. Also we can use tracking technology such as VAST tags, VAST is a Video Ad Serving Template for structuring ad tags that serve ads to video players. Using an XML schema, VAST transfers important metadata about an ad from the ad server to a video player.
6. Parents Control
We won’t require a child to disclose more information than is reasonably necessary to provide Services and use Apps.
You as a parent can review your child’s personal information, direct us to delete it, and refuse to allow any further collection or use of the child’s information; you can agree to the collection and use of your child’s information.
If you are a parent and has any questions or concerns about your child’s use of Apps, we encourage you to contact us at email@example.com
GENERAL DATA PROTECTION REGULATION (GDPR)
We maintain our commitment to protect the privacy of our users and abide by the legislation of all regions we operate. We are willing to deliver the best experience to our end-users.
Considering of the above, personal data (if any) of our users is processed under the “purposes of legitimate interests” as outlined in GDPR Article 6(1)(f). Such an approach also helps us to fight against fraud and reimburse our contractors and agents.
General Data Protection Regulation (EU) 2016/679, is a European Union law governing privacy and data protection for all residents of the EU. The provisions of GDPR can be also applied to how data is processed and verified (more on that later) outside the European Union.
GDPR is a new set of rules intended to empower the citizens of the European Union to control their personal information. In accordance with the applicable laws, users are authorized to access and modify their own data held by the companies, which includes data collection, ad tracking, surveys, cookies, location data, and every other bit of a user’s “digital footprint”. Users are also entitled to transmit their personal details to other organizations. The GDPR also enforces companies to determine their in-house data security policies.
We have assigned a Data Protection Officer (you may reach him via firstname.lastname@example.org)
EU Representative – according to Art. 27 GDPR:
represented by Prof. Dr. Christoph Bauer
Große Bleichen 21
Requests and removal of the data
You (data subject) may send official requests to us via email at the following address: email@example.com
At any time, you have the right:
- To access your personal information that we hold;
- To request the rectification of your personal information that we hold;
- To request the erasure of your personal information that we hold;
- To request to restrict processing of your personal information;
- To object to processing of your personal information by us;
- To request to transfer your personal information that we hold (e.g. data portability);
- To file a complaint to a supervisory authority in your jurisdiction; and
- To withdraw any consent related to your personal information given by you.
Your request will be observed within a 30-day period from the initial request receipt. We will also notify a relevant supervisory authority within 72 hours from a breach in a case of such breach related to your personal information that we hold.
Disclosure of Your Information
We may disclose aggregated information about our users, and information that does not identify any individual or device, without restriction.
In addition, we may disclose personal information that we collect or you provide:
- to our parent company VlogBox Holding Inc. which is a Delaware corporation;
- To a buyer, investor, or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of VlogBox’s assets or stock, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by VlogBox, Inc. about the VlogBox and/or the Site users is among the assets transferred;
- To fulfill the purpose for which you provide it;
- For any other purpose disclosed by us when you provide the information;
- With your consent;
- To comply with any court order, law, or legal process, including to respond to any government or regulatory request, including in order to combat fraud and illegal activity;
- To enforce our rights arising from any contracts entered into between you and us; and
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of VlogBox, Inc., our customers, users, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Unfortunately, the transmission of information via the internet and mobile platforms is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted through VlogBox and/or the Site. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures we provide.
International Data Transfers
See our Data Privacy Framework disclosure (notice), below, for information on VlogBox’s transfer of personal information from the EU and Switzerland to the United States.
Your Rights And Options
You have the right to opt-out of marketing emails and other direct marketing (if any);
Access the personal data we hold about you. If you request, we will provide you a copy of your personal data in an electronic format; and
You also have the right to correct your data, have your data deleted, object to how we use or share your data, and restrict how we use or share your data. You can withdraw your consent, for example by turning off cookies in your browser settings. We will respond to all requests within a reasonable timeframe. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please let us know. You may also contact your local data protection authority within the European Economic Area for unresolved complaints.
All these rights may be fulfilled by you simply via sending us an email with the relevant request to firstname.lastname@example.org
Please note that the World Wide Web Consortium (W3C) is attempting to develop a Do Not Track (DNT) standard. Currently, the standards regarding the DNT signals and appropriate responses are not defined. Accordingly, we do not assign a meaning to DNT signals.
We retain your data for as long as your Account is active or unless you request us to delete your data. Note that if you ask us to remove your personal data, we may retain your data as necessary to comply with our legal obligations.
We process and for about 6 months store the pseudonymized data on the cloud servers with all necessary means and measures of data protection, let alone special requirement provided by GDPR (fraud, legal claim, etc.). Other than that, all personal data is deleted once the 6-month period is over.
For EU and Swiss Individuals: Data Privacy Framework
With respect to personal data received or transferred pursuant to the Data Privacy Framework, VlogBox is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Data Privacy Framework, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Data Privacy Framework, should direct their query to email@example.com. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
VlogBox’s accountability for personal data that it receives in the United States under the Data Privacy Framework and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, VlogBox remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless VlogBox proves that it is not responsible for the event giving rise to the damage.
In compliance with the Data Privacy Framework Principles, VlogBox commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Data Privacy Framework. European Union and Swiss individuals with Data Privacy Framework inquiries or complaints should first contact VlogBox by email at email@example.com.
VlogBox has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism, the BBB EU Data Privacy Framework. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2
We do not knowingly collect or solicit personal data about or direct or target interest-based advertising to anyone
under the age of 18 or knowingly allow such persons to use or access VlogBox and/or the Site except as specified in the section Children’s Personal Information in Our Mobile Applications. If you are under 18, please do not send any data about yourself to us, including your name, address, or email address. No one under the age of 18 may provide any personal data. If we learn that we have collected personal data about a child under age 18, we will delete that data as quickly as possible. If you believe that we might have any data from or about a child under the age of 18, please contact us.
Data Privacy Framework (DPF) Notice
If you have any requests for resolving issues (other than issues related to data protection) we encourage you to contact us through firstname.lastname@example.org