California residents and individuals located in the European Economic Area (EEA), the United Kingdom (UK) and Switzerland can exercise their privacy rights, including the right to request access to or deletion of their personal information, subject to the exceptions under applicable law, by clicking here and then completing the form to submit their request.
BY USING THIS WEBSITE OR ANY FASTSPRING OPERATED ECOMMERCE SOLUTION OR SUBMITTING PERSONAL INFORMATION TO FASTSPRING THROUGH THIS WEBSITE OR ANY FASTSPRING POWERED ECOMMERCE SOLUTION, YOU ARE CONSENTING TO THE COLLECTION, USE, TRANSFER, AND DISCLOSURE OF INFORMATION AS DESCRIBED IN THIS PRIVACY STATEMENT. IF YOU DO NOT AGREE TO ABIDE BY THIS PRIVACY STATEMENT, DO NOT USE THIS WEBSITE. YOUR CONTINUED USE OF THE WEBSITE FOLLOWING THE POSTING OF ANY CHANGES TO THIS STATEMENT CONSTITUTES ACCEPTANCE OF SUCH CHANGES.
1. Scope and Purpose of This Privacy Statement.
Introduction. This Bright Market, LLC d/b/a FastSpring (“FastSpring”, “we”, “our” or “us”) Privacy Statement (“Privacy Statement”) applies to each ecommerce solution, which may be but is not limited to, a website, portion of a website or a software application branded with the look and feel of a software publisher or entity operated by FastSpring for the purpose of buying or selling such software publisher’s products and/or services (“Ecommerce Engine” or “Website”) where this Privacy Statement can be accessed from a hyperlink on, or otherwise appears on, that Ecommerce Engine. If you are purchasing products through a software Seller (“Vendor”), a FastSpring subsidiary and not FastSpring directly, please note that this Ecommerce Engine is hosted and/or operated by FastSpring under an agreement with the Vendor or subsidiary of FastSpring who is listed as the seller of products in the terms of sale on this Ecommerce Engine.
Controller Responsible for Your Information. Depending upon your relationship to us, FastSpring operates as either a joint controller or processor of the Personal Information we maintain about you. For additional information on the distinction between the two roles, please see our Terms of Service. Any Personal Information collected by visiting this Website is controlled by Bright Market, LLC d/b/a FastSpring, 801 Garden Street, #201, Santa Barbara, CA 93101, United States of America.
Purpose. FastSpring respects the privacy of its customers, partners and suppliers of products or services. The purpose of this Privacy Statement is to provide you with information concerning how FastSpring collects, uses, maintains, and shares your Personal Information in accordance with applicable data protection laws.
2. Information We Collect and Process.
FastSpring collects the Personal Information of our purchasers, Vendors, and other individuals who visit our Website for specified, explicit purposes only and will not process this Personal Information in a manner that is incompatible with those purposes. Personal Information will be processed only if such processing is based on any of the legal grounds listed in section 6(1) of the General Data Protection Regulation (“GDPR) (unless an exemption applies) as outlined below:
When you visit, buy, or sell via our Website, we may capture the following information about you:
|Categories of Personal Information Collected||Specific Personal Information||Source of Personal Information||Purpose of Collection||Legal Grounds for Collection|
|Identifiers||Name (First/Last), Signature/E-Signature, Mailing Address, Email Address, Telephone Number(s), IP Address, Driver’s License Number/Other Government Number (GST/VAT), Tax Exemption Status, Bank Account Numbers, Debit/Credit Card Number & Information, Customer Identification.||Purchase/Sale Information, Account/Mailing List Registration, Cookie, Web Beacon, Other Technologies, Transaction Details You Provide to Our Customer Service Teams, Information We Receive from Vendors.||Complete Purchase/Sales Transactions, Customer Service Issues, Marketing, Legal and Regulatory Obligations||Consent, Necessary for Performance of Contract, Compliance with Legal Obligation, Legitimate Interest.|
|Internet or Other Similar Network Activity||Browsing History, Search History, Other Information Related to Our Consumer’s Interactions with Our Website, Application, and/or Advertisements, including (1) Buyer Usage Activities (adding/removing products from checkout; currency used for purchase) and Analytics, (2) Vendor Platform Usage Activities (submissions, clicks on navigation links, video usage and duration, page views, search requests, time spent on page, clicks on any “get support” or “sign up” buttons) and Analytics.||Purchase/Sale Information, Cookie, Web Beacon, Other Technologies, Third Party Sources.||Complete Purchase/Sale Transactions, Marketing, Understand Our Customers, Improve Our Products/Usage and Data Analytics.||Consent, Necessary for Performance of Contract, Compliance with Legal Obligation, Legitimate Interest.|
|Commercial Information||Records of Products or Services Purchased, Obtained, or Considered.||Purchase/Sale Information.||Complete Purchase/Sale Transactions.||Consent, Necessary for Performance of Contract, Compliance with Legal Obligation, Legitimate Interest.|
|Geolocation Data||Location of the Individual and Device Used to Access Our Website.||Purchase/Sale Information, Account/Mailing List Registration, Cookie, Web Beacon, Other Technologies.||Complete Purchase/Sale Transactions, Marketing, Legal and Regulatory Obligations.||Consent, Necessary for Performance of Contract, Compliance with Legal Obligation, Legitimate Interest.|
Marketing Communications. We may send you email marketing communication about FastSpring products and services, invite you to participate in our events or surveys, or otherwise communicate with you for marketing purposes, provided that we do so in accordance with the consent requirements that are imposed by applicable law. You may opt out of receiving marketing communication at any time.
Our Use of Anonymous Information. We may use anonymous information (i.e. information that does not allow direct or indirect identification of the individual to whom such information relates) collected by us:
In addition, we may anonymize Personal Information by removing any information that identifies you specifically, and use the rest for the purposes set forth above.
3. Cookies and Other Tracking Technologies.
There are several different kinds of cookies, and should we be deploying cookies we (or a third party provider be deploying them in connection with our ecommerce activities) would be using one of the following common types of cookies, which may be persistent cookies or session cookies:
If the Website includes a cookie management tool, you will typically find a hover button at the bottom of your screen. If in the future you do not wish to receive cookies, you may be able to refuse them by adjusting your browser settings to reject cookies. If you do so, we may be unable to offer you some of our functionalities, services or support. If you have previously visited our Websites, you may also have to delete any existing cookies from your browser.
Do-Not-Track. There are different ways you can prevent tracking of your online activity. One of them is setting a preference in your browser that alerts websites you visit that you do not want them to collect certain information about you. This is referred to as a Do-Not-Track (“DNT”) signal. Please note that our Websites may not recognize or take action in response to DNT signals from web browsers. At this time, there is no universally accepted standard for what a company should do when a DNT signal is detected. In the event a final standard is established, we will assess how to appropriately respond to these signals. For more detailed information about cookies, Do-Not-Track and other tracking technologies, please visit http://www.youronlinechoices.com.
Third Party Data Collection. This may also include cookies placed by third parties, to deliver tailored information and content which may be of interest to you, such as promotions or offerings, when you visit third party websites after you have left our Websites. We do not permit these third parties to collect Personal Information about you (such as email address) on our Website, nor do we share with them any Personal Information about you.
When you access one of our Websites, which contains a Plugin, your browser establishes a direct connection with the servers of Facebook, Google, Twitter, and LinkedIn. The content of the Plugin is transferred by the respective Provider directly to your browser, which then integrates it into the Website. Integration of the Plugin allows the Provider to receive the information that you have accessed the respective Website even if you do not maintain a profile with that Provider or if you are not logged in at the moment. This information (including your IP address) will be transferred by your browser directly to the Provider in the U.S. and stored there. If you are logged in with one of the Providers’ services, they will be able to assign your visit on our Website to your profile with the respective Provider. If you interact with any of the Plugins, e.g. by pressing the ‟Like” or the ‟+1” button, this information will also be sent directly to the server of the Provider and stored there. The information will also be published in the social network on your respective account, e.g. Twitter, and displayed to your contacts there.
For more information on the purpose and extent of the data acquisition and how data are processed and used by the respective Provider as well as regarding your rights and optional settings to protect your privacy, please refer to the privacy policies of the respective Provider:
If you do not want Google, Facebook, Twitter or LinkedIn to allocate data collected on our Websites to your profile in their service, you must log out of the respective service before visiting our Website. You can prevent the loading of the Plugins completely by using Add-Ons for your browser, e.g. the script-blocker ‟NoScript” (http://noscript.net/).
If you accept a session or persistent cookie, you can delete it at any time through your web browser (e.g., as soon as you leave our Ecommerce Engine). If you do not wish to receive cookies or wish to manage when you accept cookies in general, you may set your browser to reject cookies or to alert you when a cookie is placed on your computer. Although you are not required to accept our cookies, if you set your browser to reject cookies, you may not be able to use all of the features and functionality of this Ecommerce Engine.
In any case, if you want to manage, deactivate or authorize the cookies, you can use the below links:
Sharing Your Personal Information.
We may share your Personal Information in a limited number of circumstances, including with:
We do not sell your Personal Information.
5. Security of Your Personal Information
We are committed to keeping your Personal Information secure. We have implemented physical, technical and administrative safeguards reasonably designed to protect your Personal Information from unauthorized access and disclosure. When we collect or transmit sensitive information such as a financial account number, we use industry standard methods to protect that information. We encrypt Personal Information whenever possible and otherwise restrict access to Personal Information to those employees and individuals with a need to know that information. It is important that you understand, however, that no Ecommerce Engine, Website, database or system is completely secure or “hacker proof.” You are also responsible for taking reasonable steps to protect your Personal Information against unauthorized disclosure or misuse, for example, by protecting your password. Different countries have different privacy laws and requirements. Please know, however, that no matter where your Personal Information is collected, used, transferred or stored, if it was collected through this Ecommerce Engine, it will be protected by us in accordance with the terms of this Privacy Statement, any Supplemental Privacy Notices that apply to you, and applicable data protection laws.
Cross-Border Transfers of Your Data. As we operate internationally, and provide you with relevant services through our resources and servers around the globe, sharing your Personal Information across borders is essential. Your Personal Information will be processed on the computer servers (currently Amazon Web Services) in the United States of America on which our Ecommerce Engine is hosted. In some cases, we may transmit your Personal Information to (i) third party data processors or (ii) product manufacturers, licensors and/or suppliers for the purposes set forth in this Privacy Statement. To the extent required by applicable data protection laws, we have executed standard contractual clauses to effect the lawful cross-border transfer of personal information.
Privacy Shield Compliance. In addition, FastSpring has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
As explained here we sometimes provide Personal Information to third parties to perform services on our behalf. If we transfer Personal Information received under the Privacy Shield to a third party, the third party’s access, use, and disclosure of the Personal Information must also be in compliance with our Privacy Shield obligations. Therefore, third parties that use our products explicitly agree to abide by the EU-US Privacy Shield Framework or otherwise agree to execute the Standard Contractual Clauses issued by the European Commission for the purposes of transferring Personal Information from the EU to non-adequate countries outside the EU.
You can review our Privacy Shield registration here: https://www.privacyshield.gov/list.
Data Retention Policies. Pursuant to data protection laws, we retain your Personal Information only for the period necessary to achieve the purposes for which it has been collected as set out in this Privacy Statement. We therefore retain Personal Information as follows:
After these periods, we will delete the corresponding Personal Information.
6. Your Rights & Choices with Respect to Your Personal Information
Your Rights. Based upon where you reside, certain choices and rights with regards to your Personal Information may be available to you or your authorized agent under applicable data protection laws, such as the GDPR or California Consumer Privacy Act (“CCPA”).
Access Request Rights
|You have the right to request that we provide to you the following information about our collection and use of your personal information : |
1. The categories of Personal Information we have collected about you.
3. Our business or commercial purpose for collecting that Personal Information.
4. The categories of third parties with whom we share or have shared that Personal Information.
5. The specific pieces of Personal Information we collected about you (also called a data portability request), and
6. Information regarding any disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
|Deletion, Rectification and Restriction Request Rights||You have the right to request that we delete, restrict or, if you believe that our processing of your Personal Information is incorrect or inaccurate, change any of the Personal Information collected from you and retained, subject to certain exceptions. Once your verifiable consumer request is confirmed, we will delete, restrict or change, as the case may be, and direct our service providers to delete, restrict or change your Personal Information. Your request to delete the Personal Information collected may be denied if it is necessary for us to retain your information under one or more of the exceptions listed in the GDPR or CCPA.|
|Data Portability Rights||In some cases, you may receive your Personal Information provided by yourself in a structured, commonly used and machine-readable format.|
|Right to Object||Where we process your Personal Information based on a "legitimate interest", you may have the legal right to object to the processing of your Personal Information.|
|Right to Revoke Consent||Where we process Personal Information based on your consent, you have the right to revoke such consent at any given time.|
|Post-mortem Right to Privacy||If you are located in EEA, you have the right to set instructions regarding the storage, deletion or communication of your Personal Information after your death.|
|Right to Complain||You have the legal right to lodge a complaint with the competent authority.|
If you contact us we may, for your protection, ask you for additional information to verify your identity. In most cases, we will provide the access you request, correct or delete any inaccurate Personal Information you discover, cease the processing of your Personal Information and implement your guidelines. We reserve the right, however, to limit or deny your request to the extent permitted by applicable law if the disclosure may lead to a breach of applicable law and regulation, e.g. in case of any legal obligation to retain certain data, or if you have failed to provide sufficient evidence to verify your identity.
Your Choices. FastSpring respects your right to make choices about the ways we collect, use and disclose information about you. We generally ask you to indicate your choices at the time, and on the page, where you provide your Personal Information. When you provide Personal Information, we may offer you a choice as to whether you would like to receive further communications from us and/or from our partners via a box to tick for example, such as communications related to updates, upgrades, special offers and pricing. You have the right to withdraw your consent at any time. If you decide you no longer want to receive promotional messages from us, you may let us know by e-mailing us at [email protected] or by following any unsubscribe link in our e-mails; please specify which consent you are revoking in your e-mail to us. Please note, however, if you give us permission to add your contact information to our partner’s mailing list and later withdraw your permission, you will have to contact our partner (or use the “opt-out” provided in the e-mails our partner sends you) to have your name removed from our partner’s mailing lists.
7. Links to Third Party Websites
FastSpring’s Website provides links to third-party web sites, which are not under the control of FastSpring. FastSpring makes no representations about third-party web sites. When you access a non-FastSpring website, you do so at your own risk. FastSpring is not responsible for the reliability of any data, opinions, advice, or statements made on third-party sites. FastSpring provides these links merely as a convenience. The inclusion of such links does not imply that FastSpring endorses, recommends, or accepts any responsibility for the content of such sites.
8. Children’s Privacy
This Ecommerce Engine and our services are not directed at nor targeted to children under the age of 13. If you have not reached the age of majority or are not able to enter into legally binding agreements in your country, you may not use this Ecommerce Engine unless supervised by an adult. Our goal is to comply with applicable laws and regulations relating to collection and use of information from children as such term is defined by applicable laws. If you believe that we have received information from a child or other person protected under such laws, please notify us immediately by postal mail addressed to FastSpring’s Privacy Department, 801 Garden Street #201, Santa Barbara, CA 93101, United States of America or by e-mail at [email protected], and we will take reasonable steps to remove that information from our databases.
9. Changes to This Privacy Statement
We may occasionally update this Privacy Statement. These updates may reflect, among other things, changes in applicable laws, rules or regulations, changes in our data collection practices, and/or changes to our business or services. If revisions to the Privacy Statement materially affect how we may use Personal Information collected from you prior to the date of the revised statement, then we will request that you opt-in to the revised Privacy Statement via a checkbox for each new order/purchase. We will post an updated version of this Privacy Statement on the Ecommerce Engine with a revised effective date, to let you know that we updated the Privacy Statement.
10. How to Contact Us.
If you have any questions, comments, or concerns regarding this Privacy Statement or our privacy practices, have privacy-related questions not answered online, or if you would like to exercise any of your rights outlined in this Privacy Statement you may contact us by any of the following means:
You may write to us in your own language.