This statement has been prepared by Something Inc Limited (referred to in this statement as the “Something™”, “we”, “us”, or “our”), to outline that any processing of personal data we undertake in the course of our business is secure, lawful and in compliance with the EU General Data Protection Regulation (“GDPR”)
Something™'s policy is to comply with local laws that apply to our business related to the use of personal data and to ensure that we meet the applicable standards set out in such laws.
We follow GDPR’s six data processing principles, which set out that personal data must be:
- processed lawfully, fairly and in a transparent manner;
- collected for specified, explicit and legitimate purposes;
- adequate, relevant and limited to what is necessary;
- accurate and, where necessary, kept up to date;
- retained only for as long as necessary; and
- processed in an appropriate manner to maintain security.
Our compliance processes consists of various separate and overlapping parts that we have summarised below:
- Internal audit, data mapping and gap analysis.
- We record instances where data is transferred, or stored outside of the European Economic Area, and are committed to undertaking Data Privacy Impacts Assessments (DPIAs) of core business functions if a high risk to the rights of data subjects is identified during this process.
Information collection and use
Something™ is the only owner of the information collected on its websites. The information we collect about visitors to our website includes the visitor’s browser type, language preference, referring site, additional websites requested, and the date and time of each visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses.
The aim of Something™ activity is not collecting, selling or lending the information to the others.
We collect this information to better understand how our website visitors use Something™, and to monitor and protect the security of the website. We do not share, sell, rent, or trade personal information with third parties for their commercial purposes.
We do not intentionally collect sensitive personal information, such as social security numbers, genetic data, health information, or religious information. Although Something™ does not request or intentionally collect any sensitive personal information, we realise that you might store this kind of information in your account, such as in a repository. If you store any sensitive personal information on our servers, you are consenting to our storage of that information on our servers, which are in the United Kingdom.
We do not host advertising on Something™. We may occasionally embed content from third-party sites, such as YouTube and Vimeo, and that content may include ads. While we try to minimise the number of ads our embedded content contains, we can't always control what third parties show.
We may share User Personal Information with a limited number of third-party vendors who process it on our behalf to provide or improve our service, and who have agreed to privacy restrictions similar to our own Privacy Statement. Our vendors perform services such as network data transmission, and other similar services. When we transfer your data to our vendors under Privacy Shield, we remain responsible for it.
Cookies are series of data stored on the hard disk of the user which for example include the anonymous identifier of the user. The cookies are set up to remember the fact of being logged in the Service if the user wished so as well as for statistical aims. By using our website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept cookies, you will not be able to log in or use Something™’s services.
Certain pages on our site may set other third-party cookies. For example, we may embed content, such as videos, from another site that sets a cookie. While we try to minimise these third-party cookies, we can’t always control what cookies this third-party content sets.
Find out more about cookies and how to manage them.
We use Google Analytics as a third-party tracking service, but we don’t use it to track you individually or collect personal user information. We use Google Analytics to collect information about how our website performs and how our users, in general, navigate through and use Something™. This helps us evaluate our users' use of Something™, compile statistical reports on activity, and improve our content and website performance.
Google Analytics gathers certain simple, non-personally identifying information over time, such as your IP address, browser type, internet service provider, referring and exit pages, timestamp, and similar data about your use of Something™. We do not link this information to any of your personal information such as your username.
Something™ will not, nor will we allow any third-party to, use the Google Analytics tool to track our users individually, collect any personal information other than IP address; or correlate your IP address with your identity. Google provides further information about its own privacy practices and offers a browser add-on to opt out of Google Analytics tracking.
If you do not want online services to collect and share certain kinds of information about your online activity from third-party tracking services, you can set the Do Not Track privacy preference in your browser.
We do not track your online browsing activity on other online services over time and we do not permit third-party services to track your activity on our site with the exception of basic Google Analytics tracking and occasional user behaviour tracking performed with Hotjar and Full Story analytics tool. The tracking data is collected exclusively to improve the UX and performance of the Service and website. Something™ does not record any personal data with Hotjar as all text entered to the Service during tracking is suppressed before the data is sent back to Hotjar servers.
Because we do not share this kind of data with third-party services or permit this kind of third-party data collection on Something™ for any of our users, and we do not track our users on third-party websites ourselves, we do not need to respond differently to an individual browser's Do Not Track setting. If you wish, you can opt out from Google Analytics tracking here and from Hotjar here.
Something™ uses certain vendors in providing its Services. All services either fully comply with GDPR regulations or are to implement it shortly.
- Amazon Web Services – CDN and infrastructure for the service
- Google Cloud – hosting infrastructure for the website
- Cloudflare – DNS, network and security
- Imgix - Image CDN
- Google G Suite – Email communication with clients
- Hotjar – UX analytics
Our emails might contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email. If you prefer not to receive pixel tags, please opt out of marketing emails.
Something™ uses AWS and Google Cloud for hosting infrastructure and to store client data for the Service's website. Physical servers for both services are located in the United Kingdom and United States.
All data uploaded by the Users belong to the Users. Something™ does not claim any rights to intellectual property uploaded by the Users.
Despite that Something™ hosts all data entered by the user, the ones all the time belong to the user. Something™ will never sell or by purpose make accessible the data entered by the user to the third-party as well as will never use them for the benefit of his own business. Our procedures obey the privacy of our users and their data.
Information rights and publicity
Unless you notify Something™ otherwise in writing, You hereby grant to Something™ and its wholly owned subsidiaries a limited license to use Your trade names, trademarks, service marks, logos, domain names and other distinctive brand features in presentations, marketing materials, websites, customer lists, and financial reports.
Access to Personally Identifying Information
If your personal information changes, or if you no longer desire to access or use the Service, you may correct, update, amend or delete it by contacting our customer support team at email@example.com.
Global Privacy Practices
Information that we collect will be stored and processed in the United Kingdom in accordance with this Privacy Statement. However, we understand that we have users from different countries and regions with different privacy expectations, and we try to meet those needs.
We provide the same standard of privacy protection to all our users around the world with the same levels of notice, choice, accountability, security, data integrity, access, and recourse, regardless of their country of origin or location. We work hard to comply with the applicable data privacy laws wherever we do business. Additionally, we require that if our vendors or affiliates have access to personal information, they must comply with our privacy policies and with applicable data privacy laws, including signing data transfer agreements.
Something™ provides clear methods of unambiguous, informed consent at the time of data collection, when we do collect your personal data.
We collect only the minimum amount of personal data necessary unless you choose to provide more. We do not encourage you to give us more data than you are comfortable sharing.
We offer you simple methods of accessing, correcting or deleting the data we have collected.
Protection of Certain Personal Information
Something™ discloses potentially personal information only to those of its employees, contractors, and affiliated organisations that (1) need to know that information in order to process it on Something™’s behalf or to provide services available in connection with the Service and (2) have agreed not to disclose it to others. Some of those employees, contractors and affiliated organisations may be located outside of your home country; by using Something™’s Website, you consent to the transfer of information to such individuals and organisations in order to support our provision to you of the Website. These supporting partners may be authorised to, for example, process payments on our behalf or provide customer support. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice and the service agreements with our customers. However, in each case, these partners are authorised to use your personally identifying information only as necessary to provide the services we request.
Something™ takes all measures reasonably necessary to protect against the unauthorised access, use, alteration, or destruction of potentially personally identifying and personally identifying information.
Right of access and Right to be Forgotten
Something™ doesn’t ask for more personal data from our users than we need to provide our services to you. If you want to erase all personal information that we have about you, please send a request to firstname.lastname@example.org. We have gone through our Privacy Statement to provide more context and transparency, though, so our users understand exactly why we ask for information and what we’ll do with it.