Eppik Data Privacy Policy and Cookie Policy

Effective from: 06/12/2019

Welcome to Eppik’s Data Privacy Policy.

Eppik’s website and services (“us”, “we”, “our”) have been conceived and built on the principles of trust and privacy. Your personal data as a User (“you”, “your”) is therefore of central importance to us and we will always aim to treat your data with the greatest respect and always within the scope and limitations of the law. As a UK-based company, we are therefore bound by and compliant with the current General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

This Data Privacy Policy explains how and why we collect your personal data and also the ways you can control this. This Data Privacy Policy and all its terms and definitions are linked to and bound by our Terms of Use. Please make sure you read both documents carefully and understand them before using our website and services as you will be bound by these terms.

Scope & Definitions

Our Data Privacy Policy explains how we and some of the companies we work with collect, use, share and protect information in relation to our mobile services, web site, and any software provided on or in connection with Eppik services (collectively, the “Service"), and your choices about the collection and use of your information.

By using our Service you understand and agree that we are providing a platform for you to post content, including photos, comments and other materials ("User Content"), to the Service and to share User Content through your private network and/or publicly. This means that other Users may search for, see, use, or share any of your User Content that you make available through the Service, consistent with the terms and conditions of this Privacy Policy and our Terms of Use.

Our Policy applies to all visitors, users, and others who access the Service ("Users"). Our Data Privacy Policy does not replace the terms of any specific contracts you may have with us, nor does it affect your statutory rights.

We may amend or otherwise change the terms of this policy by updating this page and will notify you of any changes on our website.

Should you have any questions relating to this Data Privacy Policy, you may write to our Data Protection Officer on privacy@eppik.com

What Information Do We Collect?

We collect two types of information: Identifiable Information (where we know it is you) and Anonymous Information (where we aggregate User information for information purposes).

User Information

Identifiable Information

This consists of all the personal information that you have provided us, like your name, addresses, login details or billing details, and all the specific information we can identify and link to your individual use of our Service, for example your usage or browsing session identifiers (for example your session cookies, IP address, geo-location), your User Content, your messages sent to us and to other Users, your shared content, comments and other such User-generated activity. This will also include any third-party account connections that we may offer (such as PayPal).​

Anonymous Information

This consists of any information that cannot be specifically associated with a single User, either because the information is not made available to us or because the information is aggregated with other Users’ information as technical or analytical data that helps us monitor, analyse and understand our Service performance. This can included browser data, date/time stamps, language settings, device settings, etc.

Eppik Digitiser Information

This consists of all the information provided by prospective and active Eppik Digitisers, either through our public website, through direct emails to digitisers@eppik.com or through our dedicated Digitiser Platform.

Job Applications

This consists of all job applications submitted through www.eppik.com/we-are-hiring or directly by email to talent@eppik.com

Children's Privacy

Eppik does not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to register for the Service. The Service and its content are not directed at children under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13 without parental consent, please contact us.

How Do We Collect Your Information?

Information you provide us directly

Your username, password and e-mail address when you register for an Eppik account. Profile information that you provide for your user profile (e.g., first and last name). This information may allow us to help you or others be "found" on Eppik. 

User Content (e.g., photos, comments, and other materials) that you post to the Service. Communications between you and Eppik. For example, we may send you Service-related emails (e.g., account verification, changes/updates to features of the Service, technical and security notices). Note that you may not opt out of Service-related e-mails.

We may collect personal information through a “Find your friends” functionality. You or other Users may choose to use a "Find your friends" feature to locate other people with Eppikaccounts either through 

(i) your contacts list, 
(ii) third-party social media sites or 
(iii) through a search of names and usernames on Eppik. 

If you choose to find your friends through (i) your device's contacts list, then Eppik will access your contacts list to determine whether or not someone associated with your contact is using Eppik. If you choose to find your friends through a (ii) third-party social media site, then you will be prompted to set up a link to the third-party service and you understand that any information that such service may provide to us will be governed by this Privacy Policy. If you choose to find your friends (iii) through a search of names or usernames on Eppik then simply type a name to search and we will perform a search on our Service.

We may suggest you to invite the names that are not already associated with an Eppikaccount so that they can join. This will remain on a voluntary basis. Unless you choose to invite these new Users, we will not store their personal details for Service purposes.

You may also share pictures and albums with people outside of Eppik, in which case we will simply send them an email on your behalf, using the personal information you provided. This information will be stored for Service related purposes but will not be added to any marketing lists without their explicit and active consent.

We also collect data when you contact us, whether through our website or directly by email, and via any communications with us through 3rd party activities, like social media platforms.

Analytics information:

We use third-party analytics tools to help us measure traffic and usage trends for the Service. These tools collect information sent by your device or our Service, including the web pages you visit, add-ons, and other information that assists us in improving the Service. We collect and use this analytics information with analytics information from other Users so that it cannot reasonably be used to identify any particular individual User.

Cookies and similar technologies:

When you visit the Service, we may use cookies and similar technologies like pixels, web beacons, and local storage to collect information about how you use Eppik and provide features to you. We may ask advertisers or other partners to serve ads or services to your devices, which may use cookies or similar technologies placed by us or the third party.

Log file information:

Log file information is automatically reported by your browser each time you make a request to access (i.e., visit) a web page or app. It can also be provided when the content of the webpage or future app is downloaded to your browser or device. When you use our Service, our servers automatically record certain log file information, including your web request, Internet Protocol ("IP") address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information. 

We may also collect similar information from emails sent to our Users, which then helps us track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Service.

Device identifiers

When you use a mobile device like a tablet or phone to access our Service, we may access, collect, monitor, store on your device, and/or remotely store one or more "device identifiers." Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device's operating system or other software, or data sent to the device by Eppik.

A device identifier may deliver information to us or to a third-party partner about how you browse and use the Service and may help us or others provide reports or personalised content and ads. Some features of the Service may not function properly if use or availability of device identifiers is impaired or disabled.

Metadata

Metadata is usually technical data that is associated with User Content. For example, Metadata can describe how, when and by whom a piece of User Content was collected and how that content is formatted. It may also include the original camera and/or file settings and details. We aim to retain as much file metadata as possible on Uploaded Content and alsoinclude this metadata with any of your User Content should you choose to download it.

Users may be able to add or may have Metadata added to their User Content including a hashtag (e.g. to mark keywords when you post an image), geotag (e.g. to mark your location to an image), comments or other data. This makes your User Content more searchable by others and more interactive. If you geotag your image or tag your image using third partyAPIs, then your latitude and longitude will be stored with the photo and will become searchable (e.g., through a location or map feature) by those you have made the image available to, in accordance with your privacy settings.

How We Use Your Data

In addition to some of the specific uses of information we describe in this Privacy Policy, we may use information that we receive to:

– help you efficiently access your information after you sign in
– remember information so you will not have to re-enter it during your visit or the next time you visit the Service
– to provide essential Service-related communications
– provide personalised content and information to you and others, but not online ads
– Help you find other Users and other Content to be found
– to fulfil our contractual obligations, notably when dealing with your Orders
– provide, improve, test, and monitor the effectiveness of our Service
– develop and test new products and features
– monitor metrics such as total number of visitors, traffic, and demographic patterns
– diagnose or fix technology problems
– to enhance our data security and fraud prevention processes
– automatically update the Eppik application on your device.
– To comply with current legislation 
– To run contests, special offers or other events or activities ("Events") on the Service. 
– To review job applications and manage our hiring processes
– To pursue new business opportunities consistently with our legitimate business interests and always with your privacy interests at heart.

Essential Communications

By using our Service you acknowledge that we will be sending you essential Service messages, by email or through any other means as required, to notify you of important updates and security issues, to perform required Service functions and to request your active participation in these functions (for example through double opt-ins). You are not able to opt out of these essential Service communications.

Personalised & Promotional Communications

We will also send you targeted and personalised promotional material, based on your past activity or to promote new products and services. These can take place on our website or app, by way of personalised content shown on your private platform. We will also be sending personalised and promotional material by email, through our newsletter. To receive our promotional material via our newsletter, you need to actively sign-up to our newsletter on our website or through third-party platforms. You can unsubscribe from this newsletter at any time by clicking on the unsubscribe link at the bottom of each newsletter.

We may also send you information about competitions and third-party offers through our newsletter or on our website. On no account will we share your details with third-parties in connection with such promotional activity without your active consent.

How We Store Your Information

Storage and Processing:

Your information collected through the Service may be stored and processed in any country in which Eppik, its affiliates or Service providers maintain facilities.

Eppik, its affiliates, or Service providers may transfer information that we collect about you, including personal information across borders and from your country or jurisdiction to other countries or jurisdictions around the world. Please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction in order to fulfil our Service to you.

By registering for and using the Service you consent to the transfer of information to any other country in which Eppik, its affiliates or Service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

Security of Your Data

We use commercially reasonable safeguards to help keep the information collected through the Service secure and take reasonable steps (such as requesting a unique password) to verify your identity before granting you access to your account. 

We have multiple back-ups in place for all User Content and all our data, using reputable cloud services as well as maintained hardware. We comply with all Payment Card Industry Data Security Standards (PCI DSS) and perform adequate penetration tests to ensure these standards are resilient. 

We use HTTPS secure access as standard with the use of SSL encrypted keys across our Service.

However, Eppik cannot ensure the security of any information you transmit to Eppik or guarantee that information on the Service may not be accessed, disclosed, altered, or destroyed.

Please do your part to help us. You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to emails between you and Eppik, at all times. Your privacy settings may also be affected by changes made by the social media services that you connect to Eppik. We are not responsible for the functionality, privacy, or security measures of any other organization.

Who We Share Your Information With

We work with a number of external organisations to provide you with the high Servicestandards you expect from us and enhance your experience of our Service.

Operational & Technical Partners & Programmes

We work with a team of trusted developers, who are constantly monitoring, building and improving our website and apps.

Our Service uses cloud-based technology, dedicated servers and Content Delivery Networks (CDN) all supplied by well-established third-parties with strict security and privacy rules in place.

We also work with professional accountants, using third-party software.

We use specialist interconnected apps and software for our Customer Relationship Management (CRM), Enterprise Resource Planning (ERP), operational processing, Customer support, User feedback, data capture, data analysis and email distribution.

We use legal and financial specialists and their related software and applications.

All the above may require full or part access to our Service data but will only be given such access as is required to perform, enhance or assist us to perform, enhance our Service to you and may only be used for such purposes.

We do not sell your data to any third party for advertising or promoting.

Eppik Shop Suppliers 

We work with a number of trusted suppliers who supply products and services on our behalf. All suppliers are subject to security checks and will only hold the minimum amount of personal information needed that they need to fulfil the orders you place or to provide a service on our behalf. 

Licensors

Our Service may contain content that is licensed to us from third party organisations. We may share your personal data with those licensors to enable your use of their licensed content but only if you provide us with your consent to do so. 

Delivery companies 

We work with a number of delivery companies including Royal Mail and international courier companies. We only pass limited information to them in order to ensure proper delivery of your items. 

Payment processors 

We work with trusted third-party payment processing providers such as banks and payment gateways like Stripe and PayPal in order to securely take payments either by telephone or through the website. We do not hold payment card details on our servers. Card details are securely managed and stored whenever necessary by our payment processors only and we do not have full access to these details.

Legal Obligations

We may be required by law to share your information with the relevant authorities to perform a legal obligation or assist in an investigation. This will only be done within the strict application of current data privacy laws.

Other Web Sites and Services:

We are not responsible for the practices employed by any websites or services linked to or from our Service, including the information or content contained within them. Please remember that when you use a link to go from our Service to another website or service, our Privacy Policy does not apply to those third-party websites or services. Your browsing and interaction on any third-party website or service, including those that have a link on our website, are subject to that third party's own rules and policies. In addition, you agree that we are not responsible and do not have control over any third-parties that you authorize to access your User Content. If you are using a third-party website or service and you allow them to access your User Content you do so at your own risk.

How long we keep your information 

If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our legal obligations. 

We will retain your information as long as your User Account remains active and for a period thereafter to comply with auditing and legal requirements, notably for our accounting records.

We may need your personal information to establish, bring or defend legal claims. For this purpose, we will normally retain your personal information for a period of 6 years. After the date it is no longer needed by us for any of the purposes listed under the section “How we use your data” above and we will delete it. 

The only exceptions to this are where: 

• the law requires us to hold your personal information for a longer period, or delete it sooner; 
• you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law; 
• we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or 
• in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.

What are your rights? 

Your personal data is protected by legal rights. You are entitled to request the following from us, these are called your Data Subject Rights and there is more information on these on the Information Commissioners website www.ico.org.uk

• Right of access – to request access to your personal information and information about how we process it 
• Right to rectification – to have your personal information corrected if it is inaccurate and to have incomplete personal information completed 
• Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased. 
• Right to restriction of processing – to restrict processing of your personal information 
• Right to data portability - to electronically move, copy or transfer your personal information in a standard form 
• Right to object - to object to processing of your personal information 
• Rights with regards to automated individual decision making, including profiling –rights relating to automated decision making, including profiling 

If you have any general questions about your rights or want to exercise your rights please contact contact@eppik.com. We will ask you to verify your identity for security purposes and we may request a fee, as authorised by applicable law, in certain circumstances (for example where claims are excessive or unsubstantiated).

You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country where you work or live or where your legal rights have been infringed. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website www.ico.org.uk where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.

Cookie Policy 

This notice is designed to help you understand what cookies are, how we use them and the choices you have in regards to their use. By continuing to use any of our websites and by consenting to accept cookies on those sites, you are agreeing to our use of cookies in the manner described in this notice. 

Your privacy and our use of cookies

Under EU law, it is our responsibility to inform you that we use cookies within our websites and describe their general usage below. 

Cookies on this website 

Cookies are small text files stored by your device when you access most websites on the internet. We also use other, similar, technologies like pixels, web beacons and other locallystored identifiers to collect information about how you use Eppik and provide features to you.For the purpose of this cookie policy, the word “cookie” shall mean all these digital tracking codes and file types.

We will use two types of cookies: 

• Session cookies - these expire when you close your browser and do not remain on your computer. 
• Persistent cookies - these are stored in the longer term on your computer. They are normally used to make sure the site remembers your preferences. 

This website uses cookies to make it easier to use and to support the provision of relevant information and functionality to you. Cookies also provide us with information about how this website is used so we can keep it is as up to date, relevant and error free as possible. Further information about the types of cookies in use on this website is set out below. 

You can choose to manage the cookies we use on this website by modifying your cookie preferences in your internet browser settings. Please refer to your browser’s help and support section or visit https://ico.org.uk/your-data-matters/online/cookies/ for more information.

Note that choosing to not accept cookies is likely to impact the functionality or performance of this website or prevent you from using certain services provided through it. 

The types of cookies we currently use on this website are set out below. 

Strictly Necessary Cookies 

Strictly necessary cookies are session cookies and are essential to enable you to move around this website and use its features and/or services. These cookies allow our website to provide services at the request of Users. 

This website uses strictly necessary cookies to: 

• Identify you as being logged in to this website 
• Remember the goods and services you ordered when you get to the checkout page 
• Remember things like information you've entered on order forms when you navigate to different pages during your session on this website 

Performance Cookies 

Performance cookies allow us to update this website to cater for User preferences and improve website performance. They collect information about how this website is used, e.g. which pages Users visit most often and where error messages are delivered. These cookies don't collect information that identifies individuals. All information is aggregated and therefore anonymous. 

This Website uses performance cookies to: 

• Provide statistics on how this website is used (including selections that you have made and pages you have visited and goods that you have viewed) 
• See how effective our adverts are 

Functional Cookies 

Functional cookies allow this website to remember choices you make, e.g. your user name, log in details and language preferences and any customisations you make to website pages during your visit. They are necessary to provide features and services specific to individual users. 

This website uses functional cookies to: 

• Identify you as having consented to the use of cookies by this website 
• Remember User log-in details
• Remember User currency choices 
• Remember User language preferences

What do we use Cookies for? 

• They enable you to transact, whilst other non-essential cookies enable us to give you an enhanced, personalised web experience and determine relevant products to show you; 
• To personalise and improve your customer experience; 
• To allow you to securely sign in to your website account with us, so that you can use "My Account" features such as viewing previous orders; 
• To recognise the device that you are using; 
• To store the content of your online shopping basket whilst you browse the site and to complete an order; 
• To record the areas of the site that you have visited, products you have viewed and time spent browsing, as well as the products you purchased. 
• For re-marketing purposes to determine relevant related products to show you when you're browsing on other selected websites. These cookies can be associated with services provided by a third party such as an advertising network. 
• We also offer you the facility to share your experience on our website through social media sites such as Facebook and Twitter. By using these features, you are consenting to allow cookies from these providers. More information about how these providers use cookies can be found at their own websites. 

Cookies are an essential part of how our websites work, as they remember certain information about a visitor. We use first-party cookies (these are placed and used solely by us) and third-party cookies (these are placed by us to allow your data to be shared with third-parties we work with). 

Are cookies safe? 

Yes. The information stored in our cookies is safe and anonymous but we recommend that you do not consent to accepting cookies if you are using a public computer. 

Can I turn off cookies? 

Yes – but if you choose not to allow the use of cookies, your experience of our website may be limited and many integral aspects of the website, such as adding items to your shopping basket and accessing your account, may not work at all.

To change your cookie settings, or if you want to be notified each time a cookie is about to be used, you should amend the settings provided in your web browser to prevent us from storing cookies on your computer hard drive. For information on how to disable cookies, please consult the help section of your browser via its menu bar. For further information on non-essential cookies used for targeting and banner advertising please see below. 

Details of our Third-Party Cookies 

We allow selected third-parties to place cookies when you visit our site. These cookies enable us to monitor your activity on our website and provide us with various statistical data so that we can amend and improve your experience. 

For details of the third-party cookies we use please see the list below. We are not responsible for the content or privacy policies of third-parties or other websites and we advise that you check these yourself. The following cookies are all used for analytical or connection purposes:

• Google Tag Manager 
• Google Analytics 
• Hotjar 
• Twitter 
• Facebook

How To Contact Us:

If you have any questions about this Privacy Policy or the Service, please contact us at:

Eppik Ltd Devonshire House
60 Goswell Road
London EC1M 7AD
United Kingdom
contact@eppik.com

Changes To Our Privacy Policy:

Eppik may modify or update this Privacy Policy from time to time, so please review it periodically. We may provide you additional forms of notice of modifications or updates as appropriate under the circumstances. Your continued use of Eppik or the Service after any modification to this Privacy Policy will constitute your acceptance of such modification.

Eppik
Not just pictures. Your story.
Eppik
Not just pictures. Your story.