Privacy Policy (Valid since: 01-12-2024)
1. General information
1.1 Definitions
Personal data is information that discloses or may disclose the identity of the user. We adhere to the principle of data avoidance. The collection of personal data is avoided as far as possible.
SnapSell is an app that enables users (referred to as "Uploaders") to upload content to SnapSell's server, making it accessible to third parties ("Downloaders") via a URL hyperlink in exchange for a payment.
Other applications may have their own Privacy Policies, as available through their respective hyperlinks and/or sites.
Account: An online account on the SnapSell application assigned to the Uploader, accessible through the application using the Uploader’s Credentials.
Application or app: The application through which the Services are available to the Uploader.
Credentials: The dedicated email address and password for an Account, necessary for the Uploader to access their account. These are personal and private to each Uploader.
Data Protection Laws: Refers to (i) Regulation (EU) 2016/679 (General Data Protection Regulation/GDPR) of the European Parliament and of the Council concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data, as currently effective and subject to amendment; (ii) where applicable, regulations adopted within the European Union and local laws elsewhere that may apply to personal data processed under the scope of the Uploader Terms of Use.
Downloader: Any natural person who navigates to a Download Page and uses it to download a File in exchange for payment.
Download Page: A webpage published by SnapSell and accessible via a dedicated URL, where the Downloader can access and download a File.
File: A digital file uploaded by an Uploader using the Service, made available for access and download in exchange for payment.
Parties: SnapSell and the Uploader, collectively.
Services: File uploading and downloading services that enable the Uploader to upload a file on SnapSell’s servers and make it available to a Downloader in exchange for payment, as described in the Terms of Use.
Stripe:
For Uploaders in the United States: Stripe, Inc., a corporation registered in Delaware, located at 185 Berry Street, Suite 550, San Francisco, CA, 94107, USA.
For Uploaders in the European Union: Stripe Payments Europe, Ltd, an Irish private company limited by shares, located at North Wall Quay, D01 H104, Dublin, Ireland.
For Uploaders in the United Kingdom: Stripe Payments UK, Ltd, a private limited company registered in the UK, located at 9th Floor, 107 Cheapside, London, EC2V 6DN, United Kingdom.
Additional entities may apply if the Uploader resides in another country. More information is available at https://stripe.com/legal.
Uploader: Any natural person who uses the Services to make Files available on the Application.
1.2 Handling of personal data
Personal data is utilized solely for forming a contract, determining its content, executing, or managing the contractual relationship, as per Article 6(1)(b) of the GDPR. Moreover, personal data will only be processed with your consent (Article 6(1)(a) GDPR) or if it is necessary for our legitimate interests and if the interests, fundamental rights, or freedoms of the data subject do not override these interests (Article 6(1)(f) GDPR). We may engage processors to handle your personal data, with whom we will contract as needed, but we do not share personal data with third parties beyond this.
For processing payments, necessary payment data will be transferred to the financial institution managing the payment and, if applicable, to the payment service provider we have selected. Your personal data is processed within the EU and in countries deemed secure or appropriate by the EU. If personal data is processed in the USA, we strive to use services certified under the "Data Privacy Framework". For processing in the USA, we comply with applicable U.S. privacy laws and strive to use services that meet recognized data protection standards such as the "Privacy Shield Framework" or equivalent safeguards.
1.3 Duration of storage
We only store your personal data after the end of the purpose for which the data was collected for as long as this is required by law (in particular tax law).
1.4 Usage data
General technical information is collected when you visit the website and the application. This includes the IP address used, time, device type, duration of the visit, browser type and, if applicable, the originating page. For technical reasons, this usage data is registered in a log file and can be used and stored for the purpose of analysing the statistics of the website and the app. This usage data is not linked to your other personal data. The application collects and processes Personal Data provided by the Uploader when the Uploader creates an Account and uses the application. .
1.5 Registration/Login Data
Registration or login is necessary to fully access the features of our website or service. The data required for registration or login is gathered through your inputs and is used solely for the purposes explicitly stated, with your consent, in accordance with Article 6(1)(a) of the GDPR.
1.6 Personal data categories
Your consent after downloading the app and/or using our services, access to the following types of data is given:
- Type of end device, in particular the Uploader's device and Uploader's use of the application
- E-mail address, credentials
- Time zone
- Country of origin
- Photos/media/data
- Banking and transaction information (Payment amount, account numbers, date)
This data is required for the assignment of the user and the functions of our app. In particular, however, misuse by the user should also be counteracted.
2. Data safety
2.1 General
All data on our website and in our services is protected by technical and organizational measures against loss, destruction, access, modification and dissemination.
2.2 Sessions and cookies
We use cookies or server-side sessions in which data can be stored to operate the website. We ensure that no personal data is transferred from sessions or through cookies without your express consent and that cookies are only used if this is technically necessary for the website (e.g. spam protection for the contact form, shopping cart function) and thus the consideration shows that there are no overriding interests on your part (Art. 6 I p. 1 f GDPR) or that you have given your express consent.we use cookies after your express consent to personalize content and advertisements, to be able to offer functions for social media and to analyze access to our website. With your consent, we may share information about your use of our website with our social media, advertising and analytics partners. Our partners may be able to combine this information with other data that the partners already have about you.
3. Your rights
3.1 Information
You can request information from us as to whether we process your personal data and, if this is the case, you have a right to information about this personal data and to the further information specified in Art. 15 GDPR.
3.2 Right to rectification
You have the right to rectification of inaccurate personal data concerning you and may request the completion of incomplete personal data in accordance with Art. 16 GDPR.
3.3 Right to erasure
The right to erasure does not exist if your personal data is required for the assertion, exercise or defence of our legal claims. You have the right to demand that we erase personal data concerning you without undue delay. We are obliged to erase this data immediately, in particular if one of the following reasons applies.
- Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- You withdraw your consent on which the processing of your data was based and there is no other legal basis for the processing.
- Your data has been processed unlawfully.
3.4 Right to restriction of processing
You have the right to demand that we restrict the processing of your personal data if
- you dispute the accuracy of the data and we therefore verify the accuracy,
- you have objected to the processing of your data and it is not yet certain whether our legitimate reasons outweigh your reasons.
- the processing is unlawful and you oppose the erasure and request the restriction of use instead
- we no longer need the data, but you need it for the establishment, exercise or defence of legal claims.
3.5 Right to data portability
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from us, where the processing is based on consent or on a contract and the processing is carried out by automated means.
3.6 Right of cancellation
If the processing of your personal data is based on consent, you have the right to withdraw this consent at any time.
3.7 General and right to lodge a complaint
The exercise of your above rights is generally free of charge for you. In the event of complaints, you have the right to contact the supervisory authority responsible for us, the state data protection officer.
4. Third-party services
4.1 Google Analytics
This website employs Google Analytics, a web analytics service provided by Google Ireland Limited, located at Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). It uses "cookies," which are small text files stored on your computer, to analyze how you use the website. The data collected through Google Analytics is used to create user profiles under pseudonyms. These profiles help us analyze visitor behavior and improve our website's content and layout to better meet your needs.
Typically, the information generated by the cookie about your website usage is sent to and stored on a Google server in the USA. However, if IP anonymization is enabled on this website, Google truncates your IP address within European Union member states or other states party to the Agreement on the European Economic Area before sending it to the USA. Only in exceptional cases is the full IP address sent to a Google server in the USA and truncated there.
Google will process this information on behalf of this website's operator to analyze your use of the site, compile reports on website activity, and provide other services related to website and internet usage to the website operator. The IP address sent from your browser as part of Google Analytics is not combined with other Google data. Moreover, the pseudonymized user profiles are not merged with any personal data about the user without the user’s explicit and separately provided consent. Google Analytics is utilized only with your consent, in accordance with Article 6(1)(a) of the GDPR.
You can opt out of cookies by adjusting your browser settings, but this may limit your ability to fully experience all features of this website. Additionally, you can prevent Google from collecting and processing data generated by the cookie related to your use of the website (including your IP address) by downloading and installing the browser plugin available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en. You can also prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website. You can view Google's privacy policy at http://www.google.de/intl/de/policies/privacy/. You can find more information on the terms of use at http://www.google.com/analytics/terms/de.html. Please note that Google Analytics has been extended on this website by the code "anonymizeIp" in order to ensure anonymised collection of IP addresses (so-called IP masking).
4.2 Google Web Fonts
We use so-called web fonts from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google") to display a standardised font on our website. These are automatically stored in your browser cache when you access one of our pages in order to enable the desired display. If your browser does not support the web fonts used, a standard font from your computer may be used. This does not affect any interests of the user that outweigh this technical necessity (Art. 6 I p. 1 f GDPR). You can view Google's privacy policy here: https://www.google.com/policies/privacy/. Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq.
4.3 Social-Media-Login
You can log in to us via your existing social media account so that you can access your content when you change devices, for example. To do this, click on the button "Google" (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) or "Facebook" (Meta Platforms Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland) or "Apple" (Apple Inc., 1 Infinite Loop Cupertino, California 95014, USA). This will redirect you to the relevant service. You then enter your account data there or initiate a login and then click on the respective login button. The data protection provisions and terms of use of the respective provider apply to the use of social media accounts.
4.4 Google Firebase und Firebase Cloud Messaging
Our website and/or services may use Google Firebase (operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland). This service also processes personal data, among other things. This usually involves "instance IDs", which are provided with a time stamp. These IDs are assigned to a specific user and allow different events or processes to be linked. This data does not allow us to draw any conclusions about the specific user. We do not personalise this data. We process this aggregated data to analyse and optimise user behaviour, for example by evaluating crash reports.
Google also uses the advertising ID of the end device for Firebase Analytics. You can restrict the use of the advertising ID in the device settings of your mobile device.
For Android: Settings -> Google -> Ads -> Reset advertising ID
For iOS: Settings -> Privacy -> Advertising -> No ad tracking
Firebase Cloud Messaging is used to send push messages or so-called in-app messages (messages that are displayed within the respective app). A pseudonymised push reference is assigned to the end device, which serves as the destination for the push messages or in-app messages. This function can be deactivated and reactivated at any time in the settings of the end device.
You can view the privacy policy here: https://firebase.google.com/support/privacy/
It cannot be ruled out that data may also be transferred to the USA. The legal basis for the use of Google Firebase and Firebase Cloud Messaging is your consent in accordance with Art. 6 I p. 1 a GDPR.
5. Contact details
To contact us regarding data protection, you are welcome to contact us using the contact options below. Controller within the meaning of the GDPR:
PUBLIbusiness24 AG
Rosenweg 3, 6340 Baar, Switzerland
E-mail address: info@snapsell.org