Date of Last Revision: June 30, 2020
When you visit or use the Service, we collect information that relates to or could reasonably be associated with you (“personal data”) directly from you, from third parties and automatically through our Service in order to provide our Services to you.
When you sign up for our Service, we collect your name, email address, and encrypted password. If you log in using a 3rd party service (e.g. Facebook) we store your identifier for that service.
At your request, we collect the email addresses of other people you wish to share your projects with.
We collect and access your personal data when you reach out to our customer support team for help via email, chat, or phone.
We collect your photos, drawings, text, event dates, addresses, favorite themes, and project designs in the course of your uploading of photos and creating your projects.
Through optional surveys, we may collect demographic information about you, such as your age and income ranges. Through the events you create we may also collect your birthdate.
We collect the date you created your account, the dates you’ve logged into your account, and the dates you logged out or your session automatically expired.
When you visit our Site, we collect your IP address and information about your web browser. We may also collect your browser brand, version, operating system, and plugins in order to optimize your experience.
We use 3rd party Services (e.g. Google Analytics) that collect your IP address, information about your web browser you are using to access our Services, and details of what and when you’ve interacted with our Services and marketing promotions.
We derive a rough estimate of your location based on your IP address.
We collect credit card information, billing address, shipping address, shipping speed, and item quantity when you place an order.
Mixbook does not store full credit card data. If you elect to store a payment method with us, that payment method will be stored by a payment service provider under contract with us. The storing payment service provider will be required to comply with the Payment Card Industry Data Security Standard (PCI DSS).
We store a record of the transactions you enter into with us, including which products you purchase.
We collect feedback from our customers via email, chat, web forms, and physical mail.
We use web browser cookies and other tracking methods to uniquely identify your browser session. We use your unique cookie before you are logged in to track and improve our Services and marketing campaigns. Once you are logged in, we use browser cookies to keep you logged in.
We may use personal data to fulfill our contract with you, including to:
We also use personal data as necessary for the following legitimate business interests, including to:
With your consent (where required by law), we use personal data to send you offers for products or services that may be of interest to you. You may opt out of receiving emails by following the instructions contained in each promotional email we send you. You can also control the marketing emails and/or text messages you receive by updating your settings through your account. In addition, if at any time you do not wish to receive future marketing communications, you may contact us. If you unsubscribe from our marketing lists, you will no longer receive marketing communications but we will continue to contact you regarding management of your account, other administrative matters, and to respond to your requests.
We do not sell your personal data. In certain circumstances we may share the categories of personal data described above with the following categories of third parties without further notice to you, unless required by the law, as set forth below:
For example: when you place an order for a printed copy of a project through the Service, your billing information is transmitted to a third-party credit card processor and your shipping information is transmitted to a third-party printer to be printed, bound, and shipped to you. In addition, if you elect to permit your credit card or other billing information to be saved, that information will be transmitted to a third-party credit card processor and stored by such third-party credit card processor for the purpose of completing purchases you make in connection with the Service. We will also share your photos, name, and address with our printing and carrier services for purposes of production and delivery.
We share data with third parties in connection with advertising, retargeting and analytics on behalf of Mixbook. Under no circumstances do we rent, trade or share your address or e-mail address with any other company for their marketing purposes without your consent.
We may be required to disclose user information pursuant to lawful requests, such as subpoenas, law enforcement investigations, or court orders, or in compliance with applicable laws. We also may release information to protect our rights, property, or other interests, including those of our customers or other third parties or to prevent illegal activities or violations of the Mixbook Terms of Service. This may include sharing information with other companies, lawyers, agents, or government agencies.
If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider (collectively a “Transaction”), your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the Transaction and transferred to a successor or affiliate after the Transaction.
We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Identification, Financial, and Transaction Data) for six years after they stop being customers for tax purposes.
You may come back at any time in the future and re-order products you have ordered from us in the past or utilize photos and other content you have uploaded to the service to create and order additional products (“Product Data”). You can however delete any such Product Data we retain in order to facilitate the repeat order process by sending us an email at firstname.lastname@example.org.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Mixbook is not intended to be used by children, and we do not knowingly collect personally identifiable information from children under 13.
You must be at least 13 years or older to register and use the Service. If you are under the age of 13, you must use an account created by a parent or guardian, and you must have the explicit permission of a parent or guardian to use the Service.
In the event that we learn that we have collected personal data from a child under age 13, we will take appropriate steps to delete that information. If you become aware or believe that a child has provided us with personal data, please contact us.
We recommend that minors over the age of 13 ask their parents before sending any information about themselves to anyone over the internet.
Mixbook takes precautions to protect our users’ Personal data. Your account information is located on a secured server behind a firewall, and we utilize other physical, electronic and procedural safeguards to protect the security and confidentiality of the information we have collected and to prevent the unauthorized access to or disclosure of your information.
However, no precautions are 100% effective. As a result, Mixbook does not guarantee that personal data you provide to us will remain secure. In the event we become aware that the security of the sites has been compromised or users' personal data has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with data protection and law enforcement authorities.
Email and instant messaging including chat are not recognized as secure communications, we request that you not send private information to us by email or instant messaging services. If you have any questions about the security of the Site, please contact us at email@example.com.
To correct errors in your personal data, access the setting menu on our website and make your corrections. If there’s any data you want to correct that you cannot update through our website, please email firstname.lastname@example.org and we are happy to make the update for you.
Where provided for by law and subject to any applicable exceptions, California residents may have the following rights under the California Consumer Privacy Act of 2018 (“CCPA”):
If you would like to exercise any or all of these rights, you may do so by contacting us. Your authorized agent may submit requests in the same manner. Once we receive your request, we will verify your identity by sending an email to the email address you provide to us.
Pursuant to the European Union General Data Protection Regulation (or GDPR), you have the following rights in relation to your Personal Data, under certain circumstances:
If you are an individual in the EU, you can also contact DPR Group, who has been appointed as Mixbook’s Data Protection Representative in the EU pursuant to Article 27 of the GDPR on matters related to the processing of personal data activities that take place in the EU. To make such an inquiry, please contact DPR Group by either 1) sending an email to DPR Group at email@example.com quoting “Mixbook” in the subject line, 2) using the online webform found at www.dpr.eu.com/datarequest, or 3) mailing your inquiry to DPR Group, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom (referencing “Mixbook” or “Interactive Memories” in the body of the correspondence).