Privacy Policy

Identification Data

When you sign up for our Service, we collect your name, email address, and encrypted password. If you log in using a 3rd party service (e.g. Facebook) we store your identifier for that service.

At your request, we collect the email addresses of other people you wish to share your projects with.

Communication Data

We collect and access your personal data when you reach out to our customer support team for help via email, chat, or phone.

User Content

We collect your photos, drawings, text, event dates, addresses, favorite themes, and project designs in the course of your uploading of photos and creating your projects. We also collect metadata indicating the date your photos were taken.

Demographic Data

Through optional surveys, we may collect demographic information about you, such as your age and income ranges. Through the events you create we may also collect your birthdate.

Internet Activity Data

We collect the date you created your account, the dates you’ve logged into your account, and the dates you logged out or your session automatically expired.

When you visit our Site, we collect your IP address and information about your web browser. We may also collect your browser brand, version, operating system, and plugins in order to optimize your experience.

We use 3rd party Services (e.g. Google Analytics) that collect your IP address, information about your web browser you are using to access our Services, and details of what and when you’ve interacted with our Services and marketing promotions.

If you have Javascript disabled, we warn you that the site won’t work properly until you enable Javascript.

When you use the App, we may collect your location (with your authorization through your mobile OS) as well as information about your device and how you interact with the App.

Location Data

We derive a rough estimate of your location based on your IP address.

Financial Data

We collect credit card information, billing address, shipping address, shipping speed, and item quantity when you place an order.

Mixbook does not store full credit card data. If you elect to associate a payment method with your account, that payment method will be stored by a payment service provider under contract with us. The storing payment service provider will be required to comply with the Payment Card Industry Data Security Standard (PCI DSS).

Transaction Data

We store a record of the transactions you enter into with us, including which products you purchase.

Customer Feedback

We collect feedback from our customers via email, chat, web forms, and physical mail.

Cookies

We use web browser cookies and other tracking methods to uniquely identify your browser session. We use your unique cookie before you are logged in to track and improve our Services and marketing campaigns. Once you are logged in, we use browser cookies to keep you logged in.

The third party tracking tools we use also use cookies to uniquely identify your browser session, which is necessary for the tools to work. The use of cookies by our partners is not covered by this Privacy Policy and is subject to their own privacy policies.

Please note that if you access the Site through the App tracking technologies will be disabled for that visit. For more information about how we use cookies, please visit our Cookie Policy.

We may use personal data to fulfill our contract with you, including to:

• Allow you to create and edit custom photo projects.
• Charge you for the products you ordered, manufacture them, and ship them.
• Send invitations to view and edit your projects.
• Detect and fix issues before your order is manufactured.
• Download photos (when you request it) from 3rd party social media integrations (e.g. Google Photos). Such 3rd party sites may have information practices different than those set forth herein and their use of your personal data as well as cookies and similar technologies is not covered by this Privacy Policy.
• Verify that the person trying to login is you and not someone else.

We also use personal data as necessary for the following legitimate business interests:

• Understand how you are using our Services.
• Improve our Services.
• Measure and improve our marketing campaigns.
• Personalize our communication with you.
• Approximate your location: We use your location to select a default localized experience for you to show local currency, prices, promotional offers, language, date format, shipping options, ship time estimates, and holiday lists in calendars. You may choose a different localized experience within your account settings.
• Communicate with you as well as send you updates, surveys and communications about your activity on our Service such as order confirmation and shipping emails.
• Improve security.
• Troubleshoot and fix problems you may be experiencing, to improve the Site experience and for legal and security compliance purposes.
• Display thumbnails to you on the site (e.g. in the shopping cart).
• Customize special offers.

With your consent (where required by law), we use personal data to send you offers for products or services that may be of interest to you. You may opt out of receiving emails by following the instructions contained in each promotional email we send you. You can also control the marketing emails and/or text messages you receive by updating your settings through your account. In addition, if at any time you do not wish to receive future marketing communications, you may contact us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding management of your account, other administrative matters, and to respond to your requests.

Service Providers

We provide personal data to service providers to perform services on our behalf, such as to host the Service at a co-location facility for servers, to send out email updates about Mixbook or the Service, to process payments for products or Services, to print the projects that you order, or to provide search results, personalized advertising or links. In connection with these offerings and business operations, our service providers may have access to your personal data for use for a limited time in connection with these business activities. Where we utilize third parties for the processing of any personal data, we implement reasonable contractual and technical protections limiting the use of that data to Mixbook-specified purposes and imposing at least the same protections that we apply to your personal data.

For example: when you place an order for a printed copy of a project through the Service, your billing information is transmitted to a third-party credit card processor and your shipping information is transmitted to a third-party printer to be printed, bound, and shipped to you. In addition, if you elect to permit your credit card or other billing information to be saved, that information will be stored by such third-party credit card processor for the purpose of completing any future purchases you make in connection with the Service. We will also share your photos, name, and address with our printing and carrier services for purposes of production and delivery.

Marketing

We share data with third parties in connection with advertising, retargeting and analytics on behalf of Mixbook. Under no circumstances do we rent, trade or share your address or e-mail address with any other company for their marketing purposes without your consent.

Legally Required

We may be required to disclose user information pursuant to lawful requests, such as subpoenas, law enforcement investigations, or court orders, or in compliance with applicable laws. We also may release information to protect our rights, property, or other interests, including those of our customers or other third parties or to prevent illegal activities or violations of the Mixbook Terms of Service. This may include sharing information with other companies, lawyers, agents, or government agencies.

Business Transfers

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (collectively a “Transaction”), your personal data and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate after the Transaction.

Links

The Service may contain links to web sites not operated or controlled by Mixbook. We are not responsible for the privacy practices of other web sites. We encourage our users to be aware when they leave the Service to read the privacy statements of each and every web site that collects personally identifiable information. This Privacy Policy applies solely to information collected via the Service.

Legal Basis For Processing Personal data (European Economic Area)

This Privacy Policy (the paragraph “How We Use Personal Data”) describes the legal bases we rely on for the processing of your Personal Data. Please contact us if you have any questions about the specific legal basis we are relying on to process your Personal Data.

As used in this Privacy Policy, “legitimate interests” means our interests in conducting our business and developing a business relationship with you. This Privacy Policy describes when we process your Personal Data for our legitimate interests, what these interests are and your rights. We will not use your Personal Data for activities where the impact on you overrides our interests, unless we have your consent or those activities are otherwise required or permitted by law.

Your Rights

Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:

• Right of access: If you ask us, we will confirm whether we are processing your Personal Data and, if so, provide you with a copy of that Personal Data along with certain other details. If you require additional copies, we may need to charge a reasonable fee.
• Right to rectification: If your Personal Data is inaccurate or incomplete, you are entitled to ask that we correct or complete it. If we shared your Personal Data with others, we will tell them about the correction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
• Right to erasure: You may ask us to delete or remove your Personal Data, such as where you withdraw your consent. If we shared your data with others, we will tell them about the erasure where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data with so you can contact them directly.
• Right to restrict processing: You may ask us to restrict or ‘block’ the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read below for information on your right to object). We will tell you before we lift any restriction on processing. If we shared your Personal Data with others, we will tell them about the restriction where possible. If you ask us, and where possible and lawful to do so, we will also tell you with whom we shared your Personal Data so you can contact them directly.
• Right to data portability: You have the right to obtain your Personal Data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by automated means. We will give you your Personal Data in a structured, commonly used and machine-readable format. You may reuse it elsewhere.
• Right to object: You may ask us at any time to stop processing your Personal Data, and we will do so:

  • If we are relying on a legitimate interest to process your Personal Data—unless we demonstrate compelling legitimate grounds for the processing or we need to process your data in order to establish, exercise, or defend legal claims;
  • If we are processing your Personal Data for direct marketing. We may keep minimum information about you in a suppression list in order to ensure your choices are respected in the future and to comply with data protection laws (such processing is necessary for our and your legitimate interest in pursuing the purposes described above);
• Right to withdraw consent: If we rely on your consent to process your Personal Data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.
• Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your Personal Data, you can report it to the data protection authority that is authorized to hear those concerns (in the UK, the Information Commissioner’s Office (ICO), who can be contacted at https://ico.org.uk/concerns, and in other EU countries the data protection authority of the country in which you are located).

Transferring Your Data

Mixbook is based in the United States. If you are accessing our Service from the EU or other regions with laws governing data collection and use, please note that your personal data will be transferred to and stored in the United States as necessary for the purposes described in this Privacy Policy, and the data may be transmitted to our service providers supporting our business operations (described above). The United States may have data protection laws less stringent than or otherwise different from the laws in effect in the country in which you are located.