Creaceed Privacy Policy

This Privacy Policy describes the policies of Creaceed SRL (collectively referred to hereunder as “Company” or “we,” “us,” or “Creaceed”) regarding the information we collect or receive about our customers. The collection and processing of all data is made in accordance with the relevant data protection regulations, and in particular with the European Union’s General Data Protection Regulation (GDPR). It is applicable to the creaceed.com website and Creaceed’s apps, including internet-operated services that they offer, collectively referred to as Our Services. Creaceed SRL is a company established in Belgium, Europe.

Creaceed Services are GDPR compliant, which is one of the most restrictive regulations on data protection and privacy for all individuals. Regarding other points pertaining to data privacy and security regulations from other countries/states such as, but not limited to, FERPA, COPPA, PPRA, SOPIPA, CSDPA, AB 1584, we suggest you peruse through this Privacy Policy so as to check if it is in accordance with these. We have good hope that Our Services are compliant with most regulations, because our business model does not rely in any way on commercial exploitation of user data. If you have specific questions, request, or need further clarifications, you should contact us by email at privacy@creaceed.com.

We provide this document to let you know the kinds of personal and non-personal data we may gather, why we gather your data, what we use your data for, when we might disclose your data, and how you can manage your personal data.

Policy Updates

As our company and offerings continue to develop, we may add new services and features to our website or apps, or create new apps. Although it is our intention to keep the same spirit and core values, if these additions do affect this policy, this document will be updated appropriately. That is why we reserve the right to modify or amend the terms of our Privacy Policy from time to time. Because we do not have direct contact access to the vast majority of our users and cannot proactively contact you in case of changes, you are encouraged to review this policy on a regular basis (last update date is mentioned at the end of this document).

Contacting You

We provide an opt-in Newsletter service to which you can subscribe from our website or through our apps. The newsletter service is used to send occasional information about our products, upgrade information, and special offers such as Black Friday.

Each newsletter email you receive will contain an unsubscribe link that will instantly remove you from our newsletter recipients list. You can also contact us at support@creaceed.com to be removed from it at any time.

We also provide support by email, in which case we will contact you back to answer your feedback or questions.

Data Collection

We differentiate personal and non-personal data. Personal data is information that can be used to uniquely identify a specific individual. Non-personal data is information that cannot be used just by itself to uniquely identify a specific individual.

One of the basic principles we are following in our apps and website is that we only ask for the personal data we need to provide the service you have requested. We use pseudonymized & anonymized data wherever possible, and we have otherwise no business interest in personal data.

We do not share your data with anyone except for the data processors listed below, and to comply with the law or to protect our rights.

Here is the list of personal and non-personal data that we process and/or collect, who is actually collecting it, why it is collected, how it is used, and who it is shared with.

Contractual Information (personal data): for users who purchase our apps directly through Apple (App Store, Mac App Store, Volume Purchase Program), we do not collect and do not have access to your customer data (Apple manages it directly). For users who purchase one of our Mac apps from our website, they are then entering a license agreement with us to use the software (see Terms & Conditions). We do not collect nor have access to any payment information such as credit cards. We have an agreement with FastSpring, the reseller, that processes the payment, collects user information of this contract (email, address and possibly other data), and delivers an activation code by email. To unlock the software, the user activates the code with their email address and that association is stored encrypted on our server (contract fulfillment). We don’t establish contracts with children under the age of majority. Data Processor: Apple, FastSpring

User-Generated Content (personal data): we do not collect user-generated content. Our apps process all kinds of user-generated content (photo, video, audio, text, geotag…) on users’ behalf, and, in that context, they may require or optionally need photo / microphone / geolocation / device sensors / access to user generated contents. This information is solely processed to provide standard photo capture, video capture (with sound), speech recognition, and photo/video geotagging or other editing features. These personal data remain private on the device at all times unless cloud storage, cloud processing, collaboration with other users are used, or a cloud syncing option (iCloud, Dropbox, or other explicitly mentioned solution) is knowingly initiated by the user. Our apps may explicitly require access to your Dropbox, Evernote, iCloud account or any other cloud storage account (at your request) to provide specific features. Our apps may access, process, update your cloud storage data on your behalf, but our apps do not use or access this data otherwise and we do not have any access to it. No sharing of personal data is performed without user consent other than through specific user-initiated actions. In cases where we need to store user-generated data on a server to provide a specific feature (such as multi-user collaboration), we design it so that we cannot access your data (data is stored encrypted, and the encryption key is not shared with us). Your data can be accessed/exported either directly from our apps, or directly with the service provider. Data Processors: Apple (iCloud / CloudKit), DropBox, Evernote, Microsoft (Azure).

Website & App Statistics (non-personal data): we collect anonymized data to determine overall usage statistics of our website and our apps. On the website, we use (self-hosted) Matomo software (see note below* in this paragraph) to measure traffic and communication campaigns, website referrals, as well as other macroscopic information. In apps, we use Microsoft AppCenter SDK (see note below** in this paragraph) to determine the popularity of proposed features (usage counting) and other overall statistics (such as the OS version and device model) in order to better focus our development efforts on future versions of the apps. On our website, we use IP address anonymisation & traffic logs older than 60 days are automatically removed , and you can opt-out of analytics by using the “Do not track” feature of browsers or by using a content blocker. In our apps, you can opt-out of usage pattern collection through app Settings > Help & Support > Diagnosis & Usage > Send Usage Data (switch it off). Data Processors: Microsoft, Apple.

(*)As of August 1, 2020, we have transitioned away from Google Analytics towards self-hosted Matomo software for our website for overall statistics collection (no third-party involved).

(**) As of January 10, 2020, we have transitioned away from Google Analytics towards Microsoft AppCenter SDK for our apps for overall statistics collection. All of our iOS and Mac apps released after that date now rely exclusively on Microsoft AppCenter SDK.

Crash Reports (non-personal data): when a crash occurs in our iOS apps, we automatically collect anonymized crash reports (function backtrace, OS version, device model) to help us debug crashes in our apps. You can opt out of crash report collection through app Settings > Help & Support > Diagnosis & Usage > Send Crash Reports (switch it off). In our Mac apps, crash sending is a manual process. A crash prompt is displayed on next launch of the app, where you can describe the issue, or decide not to send it. We use both Apple’s opt-in mechanism, and Microsoft AppCenter to perform auto-collection (iOS) or manual sending (Mac). Data Processors: Apple, Microsoft.

Support Mails (personal data): we provide support by email. Users can contact us through our support email addresses (prizmo@creaceed.com or <appname>@creaceed.com) to request support about our apps. Our ticket system, Freshdesk, is operated by Freshworks, and tickets are archived indefinitely in our internal knowledge base (see user’s rights below). Our email software is operated by Google. We don’t accept support requests from children under the age of majority unless the request is verifiably supervised by an adult. Data Processors: Freshworks (Freshdesk), Google.

IP Address (personal data): IP address of users visiting our website may appear in the standard logs of our web server software. These logs are automatically deleted after a maximum of 14 days. When a user activates a Mac app purchased from our website, IP addresses are also recorded in the activation journal database on our web server for fraud protection purposes.

Email Address (personal data): email addresses, as part of Contractual Information and Support Mails, are detailed above. We also operate an opt-in newsletter to let users know about news and special offers (see Contacting You section above). Our newsletter is operated by Mailchimp, which stores the email list and distributes the newsletter on our behalf. Users accepting to beta-test our software are added to beta-testing lists that we maintain on Apple’s App Store Connect platform. We don’t accept newsletter subscriptions from children under the age of majority. Data Processors: Mailchimp, Apple.

Data Processors

Apple, Inc.

Website: https://www.apple.com
Privacy Policy: https://www.apple.com/legal/privacy/en-ww/

Microsoft Corporation

Website: https://www.microsoft.com/en-us/
Privacy Policy: https://privacy.microsoft.com/en-us/privacystatement

Google LLC

Website: https://www.google.com/intl/en_be/about/
Privacy Policy: https://policies.google.com/privacy#intro

Bright Market LLC (FastSpring)

Website: https://fastspring.com
Privacy Policy: https://fastspring.com/privacy/

Freshworks, Inc. (Freshdesk)

Website: https://www.freshworks.com
Privacy Policy: https://www.freshworks.com/privacy/

The Rocket Science Group LLC (Mailchimp)

Website: https://mailchimp.com
Privacy Policy: https://mailchimp.com/legal/privacy/

Evernote Corporation

Website: https://evernote.com
Privacy Policy: https://evernote.com/privacy/policy

Dropbox, Inc.

Website: https://www.dropbox.com/?landing=dbv2
Privacy Policy: https://www.dropbox.com/privacy

Cookie Policy

Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”).

Our website may use cookies for functional reasons to remember user’s settings such as language, or embedded video player configuration. However, we do not collect nor make any use of this information and, in particular, we do not track users with cookies. However, we do not collect nor make any use of this information and, in particular, we do not track users with cookies (cookie-based web analytics is disabled).

Children’s Privacy

Protecting the privacy of children is especially important.

Our Website is neither directed at nor targeted to children. If you have not reached the age of majority or are not able to enter into legally binding agreements in your country, you may not use our Website unless supervised/accepted by an adult, as applicable. If we learn that personally identifiable information has been provided to us and/or collected on our Website from persons under the age of majority and without verifiable parental consent, such as through a support request, we take the appropriate steps to delete this information in a secure manner. If you are a parent and discover that your child has provided Personal Information through to our Services, then you may alert us at privacy@creaceed.com and request that we delete that child’s personally identifiable information from our systems.

Our Apps are directed at users of all ages, including children. We encourage parents and teachers to supervise their child or student’s use of the Apps. Simply downloading any Creaceed App to your iOS / Mac device does not trigger the collection of any personally identifiable information.

If Our Services are being used by a school and/or teacher (the “Educational Institution”) with students under the age of majority, such Educational Institution agrees that it has reviewed our Terms & Conditions and our Privacy Policy. Creaceed only requests Personal Information from parents and/or teachers and we will never knowingly solicit, nor will we accept, Personal Information from users known to be under the age of majority. Please refer to Data Collection above for reference.

Security

We take security seriously, and use several measures to protect your data. Communications with our website and APIs only use secure connections (TLS). Activation data (email / activation code association) for apps purchased directly through us, as opposed to App Store, are stored encrypted on our server. All our backups are encrypted.

Governing Law

Belgian law shall govern in any and all disputes, including privacy or defamation issues or otherwise.

Responsibility

The responsible body for user privacy is:

Creaceed SRL,
Avenue Melina Mercouri, 9
7000 Mons, BELGIUM

More Information

If you have any questions about this Privacy Policy or don’t see your concerns addressed here, you should contact us by email at privacy@creaceed.com.

This policy was last modified on June 7th, 2021.