Data Protection Statement for European Union Users

Effective date: May 22, 2019

Description of Processing Activity

We collect and store personal information about our users to customize their reading experience and enable personalized distribution of content. It shares minimal data with its service providers.

Purposes of Processing

  • Provide, test, promote, and improve the services
  • Gather usage statistics of services
  • Provide customized reading experience
  • Provide access to paid content
  • Fight spam, fraud, and other abuse of services

Legal Bases

In order to provide the services, we collects and store personal data about our users on the legal basis of consent given when you create an account and agree to the Privacy Policy.

We also pursue our legitimate interests by collecting minimal data of logged out users to provide the services, as outlined above.

We will consider related complaints in compliance with the General Data Protection Regulation’s rights of the data subject, as well as rights of expression and access to information.

Public Nature of Personal Data

Logged-in users may choose to interact publicly with our services in the form of commenting on a post, sharing links on connected social media accounts, or writing original posts. Where such personal data may reveal special category protected data, it is processed on the basis that it is manifestly made public by the user. Additional information on potential consequences of such processing can be found below. If you do not agree to this public usage, do not create an account or use these features of our services.

Categories of Personal Data Collected

Logged out users

  • Reading history
  • IP address
  • Browser information
  • DNT status

Logged in users:

  • Username
  • Display name
  • Avatar image
  • Email address (non-public)
  • Session activity (security)
  • IP address
  • Browser information
  • Reading history (on our network only)
  • Posts, responses, or series published by user
  • Business information, if applicable

Categories of Recipients

We share minimal personal data with third-party processors in order to provide our services. These processors offer at least the same level of data protection as that set out in this statement. This includes the following categories of recipients:

  • Hosting, Storage, & Other Infrasructure
  • Security
  • Analytics
  • Communication & Support
  • Payment Processors

Search engines will index user profiles, public interactions, and any user-generated content. Users may also share links to their content on social media.

Payment Processors

We provide services in conjunction with several payment processors, through which users may pay for services. Those companies acting as payment processors may collect and store personal data related to your billing information and history in order to provide their services, and may collect and store personal data and business data to prevent fraud and other abuse.

When you delete your account, we delete your personal data as outlined in this document. However, to delete your payment or billing information, you will need to do so with your payment provider, as we only have minimal secure access to those records as needed to provide the services.

Embedded Content

Our posts may contain third-party embeds, which may in some cases collect and store personal data. The use of personal data by embedded content providers is not covered by this statement, but by the privacy policies of those sites or services.

Existence of Automated Decision-making

We collect and store personal data about users to customize reading. This includes automated decision-making to promote content tailored to the preferences and interests indicated by the user, and to their browsing history and network interactions.

We also filter content for the purposes of fighting and preventing spam, fraud, and other forms of abuse.

Potential Consequences of Processing

By creating an account, users may make certain personal data about themselves public and accessible to others on their profile and through network interactions. This may in some cases constitute special category protected data which is considered manifestly made public by the user.

Due to the public nature of information posted to the site, it may be possible for third parties to derive identifying personal data from posts, whether by reading, inference, supplemental research, or automated extraction and analysis.

Users are free to use their real name and information, or a pseudonym of their choosing, for their account. Users may also choose to use the service without posting data or engaging in network interactions. However, if you do not agree with and accept the risks of such usage, you may not use the services.

Cross-border Transfers

We are incorporated in the United States. By using our services, you authorize us to transfer, store, and use your information in the United States and any other country where we operate. Where your data is disclosed to our processors, it is subject by contract to at least the same level of data protection as that set out in this statement.

Retention

We retain personal data associated with your account for the lifetime of your account. If you would like to delete your personal information, you can delete your account at any time. Deleted account profile pages will yield an error 404 “file not found” page, immediately upon initiating deletion, and will become unrecoverable in our system. It may take several additional days for your personal data to be de-indexed from search engines, depending on those search engines’ practices, over which we may have limited or no control.

To delete your payment or billing information, you will need to do so with your payment provider, as we only have minimal secure access to those records as needed to provide the services.

Rights of Data Subjects

  1. If you sign up for an account, you may at any time request an export of your personal information through e-mail to our support team.
  2. You may correct information associated with your account from the settings page.
  3. You may withdraw consent by deleting your account at any time, which will erase your personal information completely.
  4. You may object at any time to the use of your personal data by contacting us in any way specified in our contact data. If your complaint relates to alleged misuse of your personal data by a third party, it may result in suspension of that post or account in keeping with relevant law, public interest, our contractual obligations, and the rights of expression and access to information of others.
  5. You may at any time lodge a complaint regarding the processing of your personal data by us with the Supervisory Authority of your EU member state.

Contact Information

CaseAgile OÜ
Sakala tn 7-2, Tallinn 10141, Estonia.
w: http://www.caseagile.com
e: info@caseagile.com
p: +1 (631) 954-4723
f: +1 (631) 402-1094