SPARKLOOP, LLC
PRIVACY POLICY
Effective Date: June 17, 2024
SparkLoop, LLC (“SparkLoop”, “we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy (“Policy”) describes how we collect, use, and disclose data. This Policy applies to your use of SparkLoop’s products, services, and Website located at https://sparkloop.app on all platforms (collectively, “Services”).
SparkLoop is a United States limited liability company subject to the laws of the United States. The United States may not offer a level of privacy protection as great as that offered in other jurisdictions. Since our servers are located in the United States, your data may be transferred to, stored, or processed in the United States. By using our Services, you understand and consent to the collection, storage, processing, and transfer of your data to our facilities in the United States and those third parties we share your data with as described in this Policy and our Terms of Service Agreement.
1. DEFINITIONS
a. Mobile App(s): one or all of the SparkLoop applications available for Members to use on their mobile devices.
b. Contact: an individual a Member may contact through the Services. For example, if you are a Member, a subscriber to your email marketing campaigns would be considered a Contact.
c. Distribution List: a list of Contacts a Member may upload or manage on the Services and all associated information related to those Contacts (for example, email addresses).
d. Member: any person or entity that is registered with us to use the Services.
e. Personal Data: any information relating to an identified or identifiable natural person.
f. Visitor: any individual who visits the SparkLoop Services, offices, or otherwise engages with us at our events or in connection with our marketing or recruitment activities.
2. PRIVACY FOR MEMBERS
This section applies to the Personal Data we collect and process from a Member or potential Member through the provision of the Services. In this section, "you" and "your" refer to Members and potential Members.
a. Personal Data We Collect. The Personal Data we collect depends on the context of your interactions with SparkLoop, your SparkLoop account settings, the products and features you use, your location, and applicable law. However, the Personal Data we collect broadly falls into the following categories:
i. Business contact information (such as your name, job title, organization, location, phone number, email address, and country);
ii. Marketing information (such as your contact preferences);
iii. Account log-in credentials (such as your email address or username and password when you sign up for an account with us);
iv. Troubleshooting and support data (which is data you provide or we otherwise collect in connection with support queries we receive from you. This may include contact or authentication data, the content of your chats and other communications with us, and the product or service you are using related to your help inquiry);
v. Payment information (including your credit card numbers and associated identifiers and billing address);
vi. Device and usage data of the Services (collectively “Service Usage Data”). Service Usage Data may include device information, log data, and usage data.
vii. Data we collect from other sources such as public databases, social media platforms, third-party data providers, and our joint marketing partners. Examples of data we receive from other sources include demographic information (such as age and gender), device information (such as IP addresses), location (such as city and state), and online behavioral data (such as information about your use of social media websites, page view information, and search results and links). We use this information, alone or in combination with other Personal Data we collect, to enhance our ability to provide relevant marketing and content to you and to develop and provide you with more relevant products, features, and service.
b. Use of Personal Data. We may use the Personal Data we collect or receive through the Services (alone or in combination with other data we source) for the purposes and on the legal bases identified below:
i. To bill and collect money owed to us by you to perform our contract with you for the use of the Services or where we have not entered into a contract with you, in accordance with our legitimate interests to operate and administer the Services. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and those third parties collect billing information to process your orders and credit card payments.
ii. To send you system alert messages in reliance on our legitimate interests in administering the Services and providing certain features. For example, we may inform you about temporary or permanent changes to the Services, such as planned outages, or send you account, security or compliance notifications, such as new features, version updates, releases, abuse warnings, and changes to this Policy.
iii. To communicate with you about your account and provide customer support to perform our contract with you for the use of the Services or where we have not entered into a contract with you, in reliance on our legitimate interests in administering and supporting the Services.
iv. To enforce compliance with our Terms of Service Agreement and applicable law, and to protect the rights and safety of our Members in reliance on our legitimate interest to protect against misuse or abuse of the Services and to pursue remedies available. This may include developing tools and algorithms that help us prevent violations. For example, we may review the content our Members send or display to ensure it complies with our Terms of Service Agreement. To improve that process, we have software that helps us find content that may violate our Terms of Service Agreement. We may or our third-party service provider may also review content that our Members send or display. This benefits all Members who comply with our Standard Terms of Use because it reduces abuse and helps us maintain a reliable platform. Please do not use SparkLoop to send or display confidential information.
v. To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
vi. To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements in reliance on our legitimate interests.
vii. To prosecute and defend a court, arbitration, or similar legal proceeding.
viii. To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
ix. To provide, support, and improve the Services to perform our contract with you for the use of the Services or where we have not entered into a contract with you, in reliance on our legitimate interests in administering and improving the Services and providing certain features. For example, this may include sharing your information with third parties in order to provide and support the Services or to make certain features of the Services available to you. When we share your Personal Data with third parties, we take steps to protect your information in a manner that is consistent with our obligations under applicable privacy laws.
x. To provide suggestions to you and to provide tailored features within the Services that optimize and personalize your experience in reliance on our legitimate interests in administering the Services and providing certain features. This includes adding features that compare Members’ email campaigns, using data to suggest other publishers your Contacts may be interested in, or using data to recommend products or services that you may be interested in or that may be relevant to you or your Contacts. Some of these suggestions are generated through analysis of the data used in our data analytics projects, as described below.
xi. To perform data analytics projects in reliance on our legitimate business interests in improving and enhancing our products and services for our Members. Our data analytics projects use data from SparkLoop accounts, including Personal Data of Contacts, to provide and improve the Services. We use information like your sending habits and your Contacts’ purchase history, so we can make more informed predictions, decisions, and products for our Members. For example, we use data from SparkLoop accounts to enable product recommendation, audience segmentation, and predicted demographics features for our Members. If you or your Contact prefers not to have their data used for this purpose, you can alter the settings on your account (as described here) to opt out of data analytics projects, or your Contact can opt out of data analytics projects at any time by emailing us at legal@sparkloop.app.
xii. To personalize the Services, content and advertisements we serve to you in reliance on our legitimate interests in supporting our marketing activities and providing certain features within the Services. We may use your Personal Data to serve you specifically, such as to deliver marketing information, product recommendations and non-transactional communications (e.g., email, telemarketing calls, SMS, or push notifications) about us, in accordance with your marketing preferences and this Policy.
c. Third-Party Integrations. We may use the Personal Data we collect or receive through the Services, as a processor and as otherwise stated in this Policy, to enable your use of the integrations and plugins you choose to connect to your SparkLoop account.
d. Cookies and Tracking Technologies. We and our third-party partners may use various technologies to collect and store Service Usage Data when you use the Services (as discussed above), and this may include using cookies and similar tracking technologies, such as pixels, web beacons, and if you use our Mobile Apps, through our SDKs deployed on your mobile device. For example, we use web beacons in the emails we send on your behalf, which enable us to track certain behavior, such as whether the email sent through the Services was delivered and opened and whether links within the email were clicked. Both web beacons and SDKs allow us to collect information such as the recipient’s IP address, browser, email client type and other similar data as further described above details. We use this information to measure the performance of your email campaigns, to provide analytics information, enhance the effectiveness of the Services, and for other purposes described above. Reports are also available to us when we send email to you, so we may collect and review that information. If you want to opt-out of interest-based advertising, please visit http://preferences-mgr.truste.com/, or if located in the European Union, visit http://www.youronlinechoices.eu.
e. Member Distribution Lists. In order to send an email campaign or use certain features in your account, you need to upload a Distribution List that provides us information about your Contacts, such as their names and email addresses. We use and process this information to provide the Services in accordance with our contract with you or your organization and this Policy. A Distribution List can be created in a number of ways, including by importing Contacts, such as through a CSV or directly from your email client. We do not, under any circumstances, sell your Distribution Lists. If someone on your Distribution List complains or contacts us, we might then contact that person. You may export (download) your Distribution Lists from SparkLoop by accessing the “Subscribers” tab from within your account. If we detect abusive or illegal behavior related to your Distribution List, we may share your Distribution List or portions of it with affected ISPs or anti-spam organizations to the extent permitted or required by applicable law.
f. Your Data Protection Rights. Depending on the country or U.S. state in which you reside, you may have the following data protection rights: to access; correct; update; port; delete; restrict; or object to our processing of your Personal Data. You can manage your individual account and profile settings within the dashboard provided through the Services, or you may contact us directly by emailing us at legal@sparkloop.app. You can also manage information about your Contacts within the dashboard provided through the Services to assist you with responding to requests to access, correct, update, port, or delete information that you receive from your Contacts. If any of your Contacts wish to exercise any of these rights, they should contact you directly, or contact us as described in the “Privacy for Contacts” section below. You can also contact us at any time to update your own marketing preferences. SparkLoop takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete and up to date. You have the right to complain to a data protection authority about the collection and use of Personal Data. For more information, please contact your local data protection authority.
Similarly, if Personal Data is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent. If you receive these requests from Contacts, you can segment your lists within the Services to ensure that you only market to Contacts who have not opted out of receiving such marketing. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We may ask you to verify your identity in order to help us respond efficiently to your request. If we receive a request from one of your Contacts, we will either direct the Contact to reach out to you, or, if appropriate, we may respond directly to their request.
3. PRIVACY FOR CONTACTS
This section applies to the data we process about our Members’ Contacts as a data controller. The Services are intended for use by our Members. As a result, for much of the Personal Data we collect and process about Contacts through the Services, we act as a processor on behalf of our Members. SparkLoop is not responsible for the privacy or security practices of our Members, which may differ from those set forth in this privacy policy. Please check with individual Members about the policies they have in place. For purposes of this section, "you" and "your" refer to Contacts.
a. Information We Collect. The Personal Data that we may collect or receive about you broadly falls into the following categories:
i. Information we receive about Contacts from our Members. A Member may provide Personal Data about you to us through the Services. When a Member uploads their Distribution List or integrates the Services with another website or service, or when you sign up for a Member’s Distribution List on a SparkLoop or other signup form, the Member may provide us with certain contact information or other Personal Data about you such as your name, email address, address, or telephone number. You may have the opportunity to update some of this information by electing to update or manage your preferences via an email you receive from a Member.
ii. Information we collect automatically. When you interact with an email campaign that you receive from a Member or browse or purchase from a Member’s connected store, we may collect information about your device and interaction with an email. We use cookies and other tracking technologies to collect some of this information.
iii. Device information: We collect information about the device and applications you use to access emails sent through the Services, such as your IP address, your operating system, your browser ID, and other information about your system and connection.
iv. Usage data: It is important for us to ensure the security and reliability of the Services. Therefore, we also collect usage data about your interactions with campaigns (and/or emails) sent through the Services, which may include dates and times you access campaigns (and/or emails) and your browsing activities (such as what pages are viewed and which emails are opened). This information also allows us to ensure compliance with our Terms of Service Agreement and Acceptable Use Policy, to monitor and prevent service abuse, and to ensure we attain certain usage standards and metrics in relation to the Services. We also collect information regarding the performance of the Services, including metrics related to the deliverability of emails and other electronic communications that our Members send through the Services. This information allows us to improve the content and operation of the Services and facilitate research and perform analysis into the use and performance of the Services.
v. Data we collect from other sources: From time to time, we may obtain information about you from third-party sources, such as social media platforms and third-party data providers.
b. Use of Personal Data. We may use the Personal Data we collect or receive about you in reliance on our (and where applicable, our Members’) legitimate interests for the following purposes:
i. To enforce compliance with our Terms of Service Agreement and applicable law. This may include utilizing usage data and developing tools and algorithms that help us prevent violations.
ii. To protect the rights and safety of Members, third parties, or SparkLoop. For example, sometimes we review the content of our Members’ email campaigns to make sure they comply with our Terms of Service Agreement. To improve that process, we have software that helps us find email campaigns that may violate our Terms of Service Agreement. We, or our third-party service provider, may review those particular email campaigns, which may include your contact information. This reduces the amount of spam being sent through our servers and helps us maintain high deliverability.
iii. To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
iv. To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
v. To prosecute and defend a court, arbitration, or similar legal proceeding.
vi. To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
vii. To provide, support and improve the Services. For example, this may include sharing your information with third parties in order to provide and support the Services or to make certain features of the Services available to our Members. When we share Personal Data with third parties, we take steps to protect your information in a manner that is consistent with applicable privacy laws.
viii. To perform data analytics projects. Our data analytics projects use data from SparkLoop accounts, including your Personal Data, to provide and improve the Services. We use information, like your purchase history, provided to us by Members, so we can make more informed predictions, decisions, and products for our Members. For example, we use data from SparkLoop accounts to enable product recommendation, audience segmentation, and predicted demographics features for our Members. If you prefer your data not to be used in this manner, you can opt out of data analytics projects at any time by emailing us at legal@sparkloop.app.
ix. To carry out other business purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.
c. Cookies and Tracking Technologies. We and our third-party partners may use various technologies to automatically collect and store certain device and usage information (as discussed above) when you interact with a Member’s email campaign or connected store, and this may include using cookies and similar tracking technologies, such as pixels and web beacons or if a Member is using our Mobile App, we may collect this information through our SDKs deployed on our Members mobile device. For example, we use web beacons in the emails we send on behalf of our Members. When you receive and engage with a Member’s campaign, web beacons track certain behavior such as whether the email sent through the Services was delivered and opened and whether links within the email were clicked. Both web beacons and SDKs allow us to collect information such as your IP address, browser, email client type, and other similar data as further described above. We use this information to measure the performance of our Members’ email campaigns, and to provide analytics information and enhance the effectiveness of the Services, and for the other purposes described above. If you want to opt-out of interest-based advertising, please visit http://preferences-mgr.truste.com/, or if located in the European Union, visit http://www.youronlinechoices.eu.
d. Your Data Protection Rights. Depending on the country or U.S. state in which you reside, you may have the following data protection rights: to access; correct; update; port; delete; restrict or object to our processing of your Personal Data. For more information about how you can exercise these rights, please email us at legal@sparkloop.com. You also have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. As described above, for much of the Personal Data we collect and process about Contacts through the Services, we act as a processor on behalf of our Members. In such cases, if you are a Contact and want to exercise any data protection rights that may be available to you under applicable law or have questions or concerns about how your Personal Data is handled by SparkLoop as a processor on behalf of our individual Members, you should contact the relevant Member that is using the Services, and refer to their separate privacy policies. If you no longer want to be contacted by one of our Members through the Services, please unsubscribe directly from that Member’s newsletter or contact the Member directly to update or delete your data. If you contact us directly, we may either forward your request to the relevant Member or provide you with the identity of the Member to enable you to contact them directly. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request.
4. PRIVACY FOR VISITORS
This section applies to Personal Data that we collect and process when you visit the Services, and in the usual course of our business, such as in connection with our recruitment, events, sales and marketing activities, or when you visit our offices. In this section, "you" and "your" refer to Visitors.
a. Information We Collect. The Personal Data we collect may include:
i. Information you provide to us on the Services or otherwise. The Services offer various ways to contact us, such as through form submissions, email or phone, to inquire about our company and the Services. For example, we may ask you to provide certain Personal Data when you express an interest in obtaining information about us or the Services, take part in surveys, subscribe to marketing, apply for a role with SparkLoop, or otherwise contact us. We may also collect Personal Data from you in person when you attend our events or trade shows, if you visit our offices (where you will be required to register as a visitor and provide us with certain information that may also be shared with our service providers) or via a phone call with one of our sales representatives. You may choose to provide additional information when you communicate with us or otherwise interact with us, and we may keep copies of any such communications for our records.
ii. Business contact data (such as your name, phone number, email address and country);
iii. Professional data (such as your job title, institution or company);
iv. Nature of your communication;
v. Marketing data (such as your contact preferences);
vi. Any data you choose to provide to us when completing any ‘free text’ boxes in our forms.
vii. Data we collect automatically through the Services. When you visit the Services or interact with our emails, we use cookies and similar technologies such as pixels or web beacons, alone or in conjunction with cookies, to collect certain information automatically from your browser or device. In some countries, this information may be considered Personal Data under applicable data protection laws. The data we collect automatically includes: device information such as your IP address, your browser, device information, unique device identifiers, mobile network information, request information (speed, frequency, the site from which you linked to us (“referring page”), the name of the website you choose to visit immediately after ours (called “exit page”), information about other websites you have recently visited and the web browser you used (software used to browse the internet) including its type and language; and usage data such as information about how you interact with our emails, the Services, and other websites (such as the pages and files viewed, searches, operating system and system configuration information and date/time stamps associated with your usage).
b. Use of Personal Data. We may use the data we collect through the Services and in connection with our events and marketing activities (alone or in combination with other data we collect) for a range of reasons in reliance on our legitimate interests, including:
i. To provide, operate, optimize, and maintain the Services.
ii. To send you marketing information, product recommendations and non-transactional communications (e.g., email, telemarketing calls, SMS, or push notifications) about us, in accordance with your marketing preferences, including information about our products, services, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent.
iii. For recruitment purposes if you have applied for a role with SparkLoop.
iv. To respond to your online inquiries and requests, and to provide you with information and access to resources or services that you have requested from us.
v. To manage the Services and system administration and security.
vi. To manage event registrations and attendance, including sending related communications to you.
vii. To register visitors to our offices for security reasons and to manage non-disclosure agreements that visitors may be required to sign.
viii. To improve the navigation and content of the Services.
ix. To identify any server problems or other IT or network issues.
x. To process transactions and to set up online accounts.
xi. To compile aggregated statistics about site usage and to better understand the preferences of our Visitors.
xii. To help us provide, improve and personalize our marketing activities.
xiii. To facilitate the security and continued proper functioning of the Services.
xiv. To carry out research and development to improve the Services, products and services.
xv. To conduct marketing research, advertise to you, provide personalized information about us on and off the Services, and to provide other personalized content based on your activities and interests to the extent necessary for our legitimate interests in supporting our marketing activities or advertising the Services or instances where we seek your consent.
xvi. To carry out other legitimate business purposes, as well as other lawful purposes, such as data analysis, fraud monitoring and prevention, identifying usage trends and expanding our business activities in reliance on our legitimate interests.
xvii. To cooperate with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of the Services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, or responding to lawful requests.
c. Public Data and Third-Party Websites. We have public blogs on the Services. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your Personal Data appears on our blogs and you want it removed, contact us at legal@sparkloop.app. If we are unable to remove your information, we will tell you why. The Services include social media features, such as the Facebook Like button. These features may collect information about your IP address and which page you are visiting on the Services, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on the Services. We also maintain presences on social media platforms, including Facebook, Twitter, and Instagram. Any information, communications, or materials you submit to us via a social media platform is done at your own risk without any expectation of privacy. We cannot control the actions of other users of these platforms or the actions of the platforms themselves. Your interactions with those features and platforms are governed by the privacy policies of the companies that provide them. The Services also include links to other websites, whose privacy practices may be different from ours. If you submit Personal Data to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit. We may, from time to time, offer surveys, contests, sweepstakes, or other promotions on the Services or through social media (collectively, "Promotions"). Participation in our Promotions is completely voluntary. Information requested for entry may include Personal Data such as your name, address, date of birth, phone number, email address, username, and similar details. We use the information you provide to administer our Promotions. We may also, unless prohibited by the Promotion’s rules or law, use the information provided to communicate with you, or other people you select, about the Services. We may share this information with our affiliates and other organizations or service providers in line with this privacy policy and the rules posted for our Promotions.
d. Cookies and Tracking Technologies. We use cookies and similar tracking technologies to collect and use Personal Data about you, including to serve interest-based advertising. If you want to opt-out of interest-based advertising, please visit http://preferences-mgr.truste.com/, or if located in the European Union, visit http://www.youronlinechoices.eu.
e. Other Data Protection Rights. Depending on the country or U.S. state in which you reside, you may have the following data protection rights: to access; correct; update; port; delete; restrict or object to our processing of your Personal Data. You can exercise these rights by emailing legal@sparkloop.app. You may also have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. Similarly, if we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent. You can also contact us at any time to update your marketing preferences. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request.
5. HOW WE SHARE PERSONAL DATA
We may share and disclose your Personal Data to the following types of third parties for the purposes described in this Policy (for purposes of this section, "you" and "your" refer to Members, Contacts, and Visitors unless otherwise indicated):
a. Our service providers. Sometimes, we share your information with our third-party service providers working on our behalf for the purposes described in this Policy. For example, companies we’ve hired to help us provide and support the Services or assist in protecting and securing our systems and services and other business-related functions. Other examples include analyzing data, hosting data, engaging technical support for the Services, processing payments, and delivering content.
b. Advertising partners. We may partner with third-party advertising networks, exchanges, and social media platforms (like Facebook) to display advertising on the Services or to manage and serve our advertising on other sites, and we may share Personal Data of Members and Visitors with them for this purpose. We and our third-party partners may use cookies and other similar tracking technologies, such as pixels and web beacons, to gather information about your activities on the Services and other sites in order to provide you with targeted advertising based on your browsing activities and interests.
c. Any competent law enforcement body, regulatory body, government agency, court or other third party where we believe disclosure is necessary (a) as a matter of applicable law or regulation; (b) to exercise, establish, or defend our legal rights; or (c) to protect your vital interests or those of any other person.
d. A potential buyer (and its agents and advisors) in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on the Services.
e. Any other person with your consent.
6. INTERNATIONAL DATA TRANSFERS
SparkLoop reserves the right to store and process your Personal Data in the United States and in any other country where SparkLoop or its affiliates, subsidiaries, or service providers operate facilities in compliance with and as permitted by applicable laws and regulations. Some of these countries may have data protection laws that are different from the laws of your country and may offer less legal protection.
When SparkLoop transfers, stores, or processes Personal Data outside of your jurisdiction, including to or in the United States, we take appropriate safeguards to protect your Personal Data in accordance with this Policy and applicable law.
Some recipients of your Personal Data are located in countries outside the EU/EEA, UK, and/or Switzerland that are not subject to an adequacy decision, which means that these countries are not recognized as having an adequate level of data protection under the EU/EEA, UK, and/or Swiss data protection laws and the transfer of Personal Data is therefore not permitted under the General Data Protection Regulation (EU) 2016/679 (the “EU’s GDPR”), the Data Protection Act 2018 (the “UK GDPR”), and/or Swiss Federal Act on Data Protection (the “Swiss FADP”). In these cases, SparkLoop may use the following to transfer your Personal Data to the United States and elsewhere:
a. The EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK extension to the EU-U.S DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss- U.S. DPF”); or
b. The Standard Contractual Clauses (“SCCs”) approved by the European Commission or the International Data Transfer Agreement (“IDTA”) approved by the UK Government.
SparkLoop offers a Data Processing Agreement for those Members processing Personal Data on behalf of EU/EEA, United Kingdom, and Swiss individuals. To request our Data Processing Agreement, please fill out this form.
7. LEGAL BASIS FOR PROCESSING PERSONAL DATA
Under the EU’s GDPR, the UK GDPR, and the Swiss FADP, SparkLoop generally acts as a processor on behalf of our Members. When SparkLoop processes Personal Data as a data controller, we do so on the following legal bases:
a. To perform our contract with you for the use of the Services;
b. In reliance on our legitimate interests in administering, operating, and supporting the Services;
c. In reliance on our legitimate interests in providing certain features;
d. In reliance on our legitimate interests in enforcing our Terms of Service Agreement and applicable law;
e. In reliance on our legitimate interests in preventing fraud and abuse;
f. In reliance on our legitimate interests in meeting legal requirements;
g. In reliance on our legitimate interests in improving the Services;
h. In reliance on our legitimate interests in supporting our marketing activities;
i. In reliance on our legitimate interests in providing network and information security; and
j. You provided us your consent.
8. THE CALIFORNIA CONSUMER PRIVACY ACT
The California Consumer Privacy Act (“CCPA”) provides California residents with specific rights regarding their Personal Data, including the right to request certain information from businesses subject to the CCPA that collect Personal Data from you, the right to ask such businesses to delete Personal Data collected from you (subject to exceptions), the right to opt-out if a business sells your Personal Data, and the right of non-discrimination if you exercise any of these privacy rights.
SparkLoop acts as a “service provider” under the CCPA when offering the Services to its Members and our receipt and collection of any Personal Data is completed on behalf of our Members in order for us to provide the Services. If you are a Contact of one of our Members, please contact the Member directly with your request for access or deletion under the CCPA. If you contact us, we will refer you to that Member and support them in responding to your access or deletion request if necessary.
If you exercise your rights under the CCPA, SparkLoop will not discriminate against you, deny, charge different prices for, or provide a different quality of the Services. If SparkLoop ever offers a financial incentive or product enhancement that is contingent upon you providing your Personal Data, we will not do so unless the benefits to you are reasonably related to the value of the Personal Data you provide to us. SparkLoop does not sell your Personal Data.
SparkLoop offers a Data Processing Agreement for those Members that are considered “businesses” under the CCPA and that process Personal Data on behalf of California residents. To request our Data Processing Agreement, please fill out this form. To exercise any of your rights under the CCPA, please email us at legal@sparkloop.app.
9. OTHER REGION AND STATE-SPECIFIC PRIVACY LAWS AND RIGHTS
Depending on where you live, you may have certain state or country-specific rights regarding your Personal Data. Under some of these laws and regulations, where applicable, you may have the right to access, deletion, correction, verification, portability, opt-out of tracking for targeted advertising purposes, opt- out of profiling, among other rights. To exercise any rights under these or other applicable data protection laws, please email us at legal@sparkloop.app.
You may also have the right to file a complaint about SparkLoop’s collection and processing of Personal Data. To file a complaint, contact the applicable supervisory authority or data protection authority.
10. EU-U.S. DATA PRIVACY FRAMEWORK, UK EXTENSION TO THE EU-U.S. DATA PRIVACY FRAMEWORK, AND SWISS-U.S. DATA PRIVACY FRAMEWORK
SparkLoop complies with the EU-U.S. Data Privacy Framework (the “EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (the “Swiss-U.S. DPF”) (collectively, “Data Privacy Framework”), as set forth by the U.S. Department of Commerce.
SparkLoop has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of Personal Data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. SparkLoop has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of Personal Data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
The types of Personal Data we collect and the purposes for which we collect and use Personal Data are described in Sections 2, 3, and 4 of this Privacy Policy. The choices we offer individuals for limiting the use and disclosure of Personal Data are described in Section 2, 3, 4, and 11 of this Privacy Policy.
We only collect Personal Data that is relevant for providing the Services. We process Personal Data in a way that is compatible with providing the Services or as otherwise authorized by you. We take reasonable steps to ensure that Personal Data is reliable for its intended use, accurate, complete, and current. We provide individuals with the opportunity to opt out whether their personal information is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals. We adhere to the DPF Principles for as long as we retain Personal Data.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, SparkLoop commits to resolve DPF Principles-related complaints about our collection and use of your Personal Data. EU/EEA, UK, and Swiss individuals with inquiries or complaints regarding our handling of Personal Data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact SparkLoop at legal@sparkloop.app.
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, SparkLoop commits to refer unresolved complaints concerning our handling of Personal Data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgement of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit here for more information or to file a complaint. The services of JAMS are provided to you at no cost.
The Federal Trade Commission has jurisdiction over SparkLoop’s compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.
You may, under certain conditions, invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other mechanisms. Please visit here for more information.
SparkLoop is liable in cases of onward transfers of Personal Data to third parties acting as agents on our behalf. We comply with the DPF Principles for all onward transfers of Personal Data from the EU/EEA, UK, and Switzerland, including the onward transfer liability provisions. SparkLoop remains liable under the DPF Principles if SparkLoop’s agent processes such Personal Data in a manner inconsistent with the DPF Principles unless we can prove that we are not responsible for the event giving rise to the damage. SparkLoop enters into contracts with all third parties acting on our behalf and under our instructions, and all third-party contracts comply with the DPF Principles. We do not collect or process sensitive information under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.
In certain situations, we may need to disclose Personal Data in response to lawful requests by public authorities, including to meet national security and law enforcement requirements, or otherwise comply with the law or a court order.
We use reasonable and appropriate physical, electronic, and administrative safeguards to protect personal data from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data and risks involved in processing that information. If you would like to review, correct, delete, or update Personal Data that you have previously disclosed to us, please email us at legal@sparkloop.app. We may limit or deny access to Personal Data only where permitted by the DPF Principles. We will assist our Members in responding to EU/EEA, UK, and Swiss individuals exercising their rights under the DPF Principles. We need to retain certain information about you for legal and internal business reasons. We will retain your Personal Data for as long as necessary to provide you with the Services and as needed to comply with our legal obligations and enforce our agreements.
11. YOUR CHOICES AND OPT-OUTS
Members and Visitors who have opted in to our marketing emails can opt out of
receiving marketing emails from us at any time by clicking the "unsubscribe" link
at the bottom of our marketing messages. All opt-out requests can be made by
emailing us at legal@sparkloop.app. Please note that some communications
(such as service messages, account notifications, billing information) are
considered transactional and necessary for account management, and Members
cannot opt out of these messages unless you cancel your SparkLoop account.
12. SECURITY
We take appropriate and reasonable technical and organizational measures
designed to protect Personal Data from loss, misuse, unauthorized access,
disclosure, alteration, and destruction, taking into account the risks involved in
the processing and the nature of the Personal Data. If you have any questions
about the security of your Personal Data, you may contact us at
legal@sparkloop.app. SparkLoop accounts require a username and password to
log in. Members must keep their username and password secure, and never
disclose it to a third party. Because the information in a Member’s SparkLoop
account is private, account passwords are hashed, which means we cannot see
a Member’s password. We cannot resend forgotten passwords either. We will
only provide Members with instructions on how to reset them.
13. DO NOT TRACK DISCLOSURE
Currently, there is no industry standard for recognizing Do Not Track browser
signals, so we do not respond to them.
14. CHANGES TO THIS PRIVACY POLICY
SparkLoop may change this Privacy Policy at any time. The most recent version of the Privacy Policy is indicated by the “Last Updated” date at the top of the Privacy Policy. All changes are effective immediately upon posting. Please review this Privacy Policy frequently to stay updated on changes that may affect you. Your continued use of the Services signifies your continuing consent to be bound by this Privacy Policy.
15. CONTACT
If you have any questions about this Privacy Policy, please email us at