Privacy Policy

Date of Last Revision: May 25, 2018

Welcome to Mosaic’s privacy policy. Mosaic respects your privacy and we are committed to protecting your personal data.

We at Interactive Memories, Inc., more commonly known as “Mosaic” and together with its corporate affiliates, We / Us / Our, are committed to respecting your privacy and to the security of your personal information or personal data as customers, individuals who visit our websites or otherwise do business with us. This Privacy Policy explains the data we collect from you, how the data is used and with whom it is shared as well as your rights to control that information. Mosaic’s Privacy Policy applies when you use our Services, which are described below and to our Terms of Service that can be viewed on the Terms of Service page.

Our privacy policy is designed to help you:

Information We Collect and How We Use It

When you visit or use the Service, we collect the following data directly from you, from third parties and automatically through our Service in order to provide our Services to you, to perform analytics for our business purposes, to advertise or market our Services to you, and/or to perform security, administrative or customer service activities.

Location and Localization

When you visit our Sites, we collect your IP address and information about your web browser and/or the app you are using to access our Services.

We use your IP address and browser locale to approximate your location. We use your location to select a default localized experience for you to show local currency, prices, promotional offers, language, date format, shipping options, ship time estimates, and holiday lists in calendars. You may choose a different localized experience within your account settings.

We use your browser brand, version, operating system, and plugins in order to optimize your experience, i.e. if you have Javascript disabled, we warn you that the site won’t work properly until you enable Javascript.

3rd Party Tracking Tools

We use 3rd party Services (e.g. Google Analytics) that collect your IP address, information about your web browser and/or the app you are using to access our Services, and details of what and when you’ve interacted with our Services and marketing promotions.

We use 3rd party services to better understand how you are using our Services and how we can improve. We also use them to measure and improve our marketing campaigns.

Cookies

We use web browser cookies and other tracking methods to uniquely identify your browser session. We use your unique cookie before you are logged in to track and improve our Services and marketing campaigns. Once you are logged in, we use browser cookies to keep you logged in.

The third party tracking tools we use also use cookies to uniquely identify your browser session, which is necessary for the tools to work. The use of cookies by our partners is not covered by this Privacy Policy and is subject to their own privacy policies.

Signup

We collect your name, email address, and encrypted password. If you log in using a 3rd party Service (e.g. Facebook) we store your identifier for that Service.

We use your name in order to personalize our communication with you. We use your email address as your login name and to communicate with you as well as send you updates, promotions, special offers, surveys and communications about your activity on our Service such as order confirmation and shipping emails. We use your encrypted password and/or your 3rd party ID to verify that the person trying to login is you and not someone else.

Login

We collect the date you created your account, the dates you’ve logged into your account, and the dates you logged out or your session automatically expired. We also collect whether you logged in using your Mosaic login name or using a 3rd party Service, e.g. Facebook.

We use this data to help us understand how you are using our Services, to improve our Services, to customize special offers, and to improve security.

Log Data and Analytics

We collect IP address, information about your web browser and/or the app you are using to access our Services, and details of what and when you’ve interacted with our Services and marketing promotions.

We use your IP address in our logs which track all activity on our site. We use our logs to help us understand how you are using our Services, to help us troubleshoot and fix problems you may be experiencing, to improve the site experience and for legal and security compliance purposes.

User Content

We collect your photos, drawings, text, event dates, addresses, favorite themes, and project designs in the course of your uploading of photos and creating your projects.

We use this data to enable the creation and editing of your projects, for displaying thumbnails to you on the site (e.g. in the shopping cart), to personalize marketing emails to you, for detecting and fixing issues before your order is manufactured, and for manufacturing the final product that we ship to you.

Support

We collect and access your personal data when you reach out to our customer support team for help via email, chat, or phone. We will never ask for you password or financial information and you should not share your password or financial information with anyone.

We use the data we collect and access to help troubleshoot and resolve any issues that you may have with our Service.

Orders

We collect credit card information, billing address, shipping address, shipping speed, and item quantity when you place an order. We use this data to charge you for the products you ordered, manufacture them, and ship them.

Mosaic does not store full credit card data. If you elect to store a Payment Method with us, that Payment Method will be stored by a payment service provider under contract with us. The storing payment service provider will be required to comply with the Payment Card Industry Data Security Standard (PCI DSS).

Customer Feedback

We collect text and/or multiple choice form feedback from our customers via email, chat, web forms, and physical mail. We use this data to improve our Services and troubleshoot specific issues you may be encountering.

Social Media Integrations

We collect information necessary for 3rd party social media integrations (e.g. Facebook). We use this information to share to those 3rd party sites or download photos from those sites when you request it. Such 3rd party sites may have information practices different than those set forth herein and their use of cookies and similar technologies is not covered by this Privacy Policy and is subject to their own privacy policies.

Collaboration

At your request, we collect the email addresses of other people you wish to share your projects with. We use those emails to send them an invitation to view and edit your project.

WedPics Website and Mobile Application (“WedPics”)

Name and Profile Picture. Our mobile application WedPics and its associated website are designed to make it easy for you to find and connect with others. For this reason, your name and profile picture do not have privacy settings. If you are uncomfortable with sharing your profile picture, you should delete it (or not add one).

Contact Information. Your contact information settings control who can contact you on WedPics, and who can see your contact information such as your media. Remember that none of this information is required except for your email address, and you do not have to share your email address with anyone.

User Content. When uploading a photo, you can control exactly who can see it by selecting the event in which it will be stored. The specified event will determine who will be able to see your media.

Other. Here are some other things to remember:

Sharing Your Information With Third Parties

Mosaic Affiliates

Mosaic may share your information with and receive information from affiliates of Mosaic for marketing purposes, and such use and disclosure is subject to this Privacy Policy.

Service Providers

We provide collected information to Service providers to perform services on our behalf, such as to host the Service at a co-location facility for servers, to send out email updates about Mosaic or the Service, to process payments for products or Services, to print the projects that you order, or to provide search results, personalized advertising or links. In connection with these offerings and business operations, our Service providers may have access to your Personal Information for use for a limited time in connection with these business activities. Where we utilize third parties for the processing of any Personal Information, we implement reasonable contractual and technical protections limiting the use of that information to Mosaic-specified purposes. If we provide any of the information collected from you with a third party, their use of that information will be governed by their privacy policy.

For example: when you place an order for a printed copy of a project through the Service, your billing information is transmitted to a third-party credit card processor and your shipping information is transmitted to a third-party printer to be printed, bound, and shipped to you. In addition, if you elect to permit your credit card or other billing information to be saved, that information will be transmitted to a third-party credit card processor and stored by such third-party credit card processor for the purpose of completing purchases you make in connection with the Service.

Marketing

We share data with third parties in connection with advertising, retargeting and analytics on behalf of Mosaic. Under no circumstances do we rent, trade or share your address or e-mail address with any other company for their marketing purposes without your consent.

Legally Required

We may be required to disclose user information pursuant to lawful requests, such as subpoenas, law enforcement investigations, or court orders, or in compliance with applicable laws. We also may release information to protect our rights, property, or other interests, including those of our customers or other third parties or to prevent illegal activities or violations of the Mosaic Terms of Service. This may include sharing information with other companies, lawyers, agents, or government agencies.

Business Transfers

If the ownership of all or substantially all of the Mosaic business, or individual business units owned by Interactive Memories, Inc., were to change, information may be transferred to the new owner so the Service can continue operations. We may also transfer information if we partner with, acquire or merge with another company. If a change happens to our business, then the new owners may use your personal data as set out in this privacy policy.

Links

The Service may contain links to web sites not operated or controlled by Mosaic. We are not responsible for the privacy practices of other web sites. We encourage our users to be aware when they leave the Service to read the privacy statements of each and every web site that collects personally identifiable information. This Privacy Policy applies solely to information collected via the Service.

Transferring Your Data

Mosaic is headquartered in the United States. We have operations and service providers in the United States and throughout the world. As such, we and our service providers may transfer your personal information to, or access it in, jurisdictions (including the United States) that may not provide equivalent levels of data protection as your home jurisdiction. These countries may not have the same data protection laws as the country in which you initially provided the information. By providing your Personal Information to the Service, you consent to any transfer and processing in accordance with this Policy.

Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. If the provider is not EU-US Privacy Shield certified, we may use the EU Model Clauses. We are applying for certification with the U.S. Department of Commerce under the EU - U.S. Privacy Shield Framework.

Some of our external third-party providers are based outside of the EEA, so their processing of data will involve a transfer of data outside the EEA.

Data Retention

We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers for tax purposes.

We also make a promise to you that you can come back at any time in the future and re-order products you have ordered from us in the past or utilize photos and other content you have uploaded to the service to create and order additional products. So, unless you actively delete this information, we keep it, so we can keep our promise to you.

In some circumstances you can ask us to delete your data; see Your Rights and Choices below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Children’s Information

Mosaic is not intended to be used by children, and we do not knowingly collect personally identifiable information from children under 13 (16 in the EU). The Children's Online Privacy Protection Act (COPPA) defines personal information as "individually identifiable information," including things like a first and last name, a street address, an email address, or a telephone number. COPPA places requirements on websites that collect such information from children.

You must be at least 13 years or older (16 in the EU) to register and use the Service. If you are under the age of 13 (16 in the EU), you must use an account created by a parent or guardian, and you must have the explicit permission of a parent or guardian to use the Service.

In the event that we learn that we have collected personal information from a child under age 13 (16 in the EU), we will take appropriate steps to delete that information. If you become aware or believe that a child has provided us with personal information, please contact us as provided in the Contact Us section.

We recommend that minors over the age of 13 (16 in the EU) ask their parents before sending any information about themselves to anyone over the internet.

Security

Mosaic takes precautions to protect our users’ Personal Information: your account information is located on a secured server behind a firewall, and we utilize other physical, electronic and procedural safeguards to protect the security and confidentiality of the information we have collected and to prevent the unauthorized access to or disclosure of your information.

However, no precautions are 100% effective. As a result, Mosaic does not guarantee that Personal Information you provide to us will remain secure. In the event we become aware that the security of the sites has been compromised or users' personal information has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with data protection and law enforcement authorities.

Email and instant messaging including chat are not recognized as secure communications, we request that you not send private information to us by email or instant messaging Services. If you have any questions about the security of the Mosaic Web Site, please contact us at privacy@mixbook.com.

Your Rights and Choices

Correcting Errors in Personal Data

To correct errors in your personal data, access the setting menu on our website or within the app and make your corrections. If there’s any data you want to correct that you cannot update through our website or apps, please email hello@heymosaic.com and we are happy to make the update for you.

Downloading Personal Data

If you wish to download your personal data, email hello@heymosaic.com.

Deleting Personal Data

If you wish to delete your account and the data associated with it, click here. Then delete the Mosaic app from your device. It can take up to 30 days to delete your account. Please note that even after your account is deleted, we keep records of your past orders and other data necessary for financial, legal, and tax compliance.

Contacting our Data Protection Officer

To reach our Data Protection Officer with a question or concern about your data, or about your privacy including your rights under GDPR, please email legal@mixbook.com.

EU Citizens

You have the right to access and/or take your data at any time. You may contact our Data Protection Officer at privacy@mixbook.com to request a copy of your personal data and can ask for a copy of personal data be provided in machine readable form.

Legal Basis for Processing Personal Information (European Economic Area)

If you are from the EEA, our legal basis for collecting and using the personal information described in this Privacy Policy will depend on the personal information concerned and the specific context in which we collect it. We collect and use your information for a variety of business purposes that are in our legitimate interests, in order to enter into or perform a contract with you, with your consent, or to comply with our legal obligations.

If you wish to learn more about specific legal grounds we rely on to process your information for any particular purpose (including any legitimate interests we have to process this information), please contact us as provided under the Contact Us section. For example, we rely on our legitimate interests to process information for direct marketing purposes and for fraud prevention and detection, provided these interests are not overridden by your data protection interests or fundamental rights and freedoms.

Your Data Protection Right (European Economic Area)

In some regions, such as the EEA, you may have certain rights in relation to your personal information, including the right to access, correct, update, or request deletion of your personal information. We takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete, and up to date. You also can manage your profile and settings within your account settings. However, if you are not a user of our Services and you want to contact us directly about accessing, correcting, updating, or deleting your personal information, or altering your data or marketing preferences, you can do so at any time by contacting as provided in the Your Rights and Choices section. We will consider your request in accordance with applicable laws.

You can object to processing of your personal information, ask us to restrict processing of your personal information, or request portability of your personal information. Again, you can exercise these rights by contacting us as provided in the Your Rights and Choices section.

You can complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA and Switzerland are available here.

Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request.

Updates to Our Privacy Policy

We will post any updates and/or changes to our Privacy Policy by posting any changes on the Site with all changes taking effect immediately upon their posting on the Site. If we make changes, we will indicate at the top of the page the policy effective date. If we materially change the treatment of your personal data, we will work to provide you reasonable notice of such changes through our Service, by email or other communication.

We therefore encourage you to refer to this policy on an ongoing basis so that you understand our current privacy policy. Your use of the Service after any changes to the Privacy Policy constitutes your acceptance of the new Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account.

Contacting Mosaic

If you have any questions about this Privacy Policy, please contact us at privacy@mixbook.com. You may also contact us by mail at 726 Main St., Redwood City, CA 94063.

« Back to Home