Collaborate with me on Vidoser®

This privacy policy is intended to provide all information on the processing of personal data carried out by CreationDose S.r.l. SB when the User registers through the App (as better specified below).

1. INTRODUCTION - WHO ARE WE?

CreationDose S.r.l. SB, with registered office in Via G. Vagliasindi 70, Catania, CT - 95126, Tax Code/VAT Number IT05538860874 (hereinafter, "Data Controller"), owner of the Vidoser app (hereinafter, "App"), as the data controller of the personal data of Users (hereinafter, the "Users"), hereby provides the privacy policy pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, "Regulation", or the "Applicable Law").

2. HOW TO CONTACT US?

The Data Controller gives the utmost consideration to the right to privacy and the protection of its Users' personal data.

You can contact the Data Controller by:

Sending an email to: privacy@creationdose.com
Sending a certified email to: creationdose@pec.impresecatania.it

The Data Controller has not appointed a Data Protection Officer (DPO), as it is not subject to the designation obligation provided for by art.37 of the Regulation.

3. WHAT DO WE DO? – PURPOSES OF PROCESSING

By registering on the App, the User can create their own videos, photos, and stories to be published on major social network platforms and thus participate in communication campaigns for brands and agencies, leverage the AI tools made available to support the User in their activity, as well as to improve their skills in the Creator Economy sector (hereinafter, "Service"). In relation to the activities that can be carried out through the App, the Data Controller collects personal data relating to the Users.

This App and any services offered through it are reserved for individuals who have reached the age of eighteen. At the request of Users, the Data Controller will promptly delete all personal data involuntarily collected relating to persons under 18 years of age.

The personal data of Users will be lawfully processed by the Data Controller for the following purposes:

Contractual obligations and provision of the Service: To allow the registration of your Account; to execute the Service offered through the App and to fulfill specific requests of the User. The User data collected by the Data Controller for registration purposes include: username, name, surname, date of birth, gender, e-mail address and password. The User's personal data will be used by the Data Controller for the sole purpose of ascertaining the User's identity (also through validation of the e-mail address), thus avoiding possible fraud or abuse, and contacting the User for service reasons only (e.g. sending notifications relating to the services offered). Except as otherwise provided in this privacy policy, in no case will the Data Controller make the personal data of Users accessible to other Users and/or to Third Parties.
Administrative-accounting purposes: To carry out activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations.
Legal obligations: To comply with obligations provided for by law, an authority, a regulation or European legislation.
Data and Privacy related to AI use: App usage data, interaction data with AI tools for the operation, improvement of AI functionalities and customization of the User's experience;raw data relating to uploaded videos, in order to provide contextualized and personalized responses from the AI tools made available.

The provision of personal data for the processing purposes indicated above is optional but necessary, as failure to provide them will make it impossible for the User to make their request to the Data Controller.

4. LEGAL BASIS

Contractual obligations and provision of the Service (as described in par. 3, lett. a)): the legal basis consists of art.6, paragraph 1, lett. a and b) of the Regulation, i.e. the processing has been consented to by the User and is necessary for the execution of a contract to which the User is a party or for the execution of pre-contractual measures adopted at their request. Administrative-accounting purposes (as described in par. 3, lett. b)): the legal basis consists of art.6, paragraph 1, lett. a and b) of the Regulation, as the processing has been consented to by the User and is necessary for the execution of a contract and/or for the execution of pre-contractual measures adopted at the User's request.
Legal obligations (as described in the previous par. 3, lett. c)): the legal basis consists of art.6, paragraph 1, lett. c) of the Regulation, as the processing is necessary to comply with a legal obligation to which the Data Controller is subject.
Data and Privacy related to AI use (as described in the previous par. 3, lett. c)): the legal basis consists of art.6, paragraph 1, lett. a and b) of the Regulation, as the processing has been consented to by the User and is necessary for the execution of a contract to which the User is a party or for the execution of pre-contractual measures adopted at their request.

5. PROCESSING METHODS AND DATA RETENTION PERIODS

The Data Controller will process the personal data of Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data.

The personal data of Users will be kept for the time strictly necessary to carry out the primary purposes illustrated in the previous paragraph 3, or in any case as necessary for the protection in civil law of the interests of both Users and the Data Controller.

In any case, any retention terms provided for by law or regulations are reserved.

6. SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA

The employees and/or collaborators of the Data Controller in charge of managing the App and User requests may become aware of the Users' personal data. These subjects, who have been instructed in this regard by the Data Controller pursuant to art.29 of the Regulation, will process the User's data exclusively for the purposes indicated in this policy and in compliance with the provisions of the Applicable Law.

Third parties who may process personal data on behalf of the Data Controller as Data Processors may also become aware of the Users' personal data, such as, by way of example, providers of IT and logistical services functional to the operation of the App, providers of outsourcing or cloud computing services, professionals and consultants.

Users have the right to obtain a list of any data processors appointed by the Data Controller, by making a request to the Data Controller in the manner indicated in the following paragraph 7.

7. RIGHTS OF THE DATA SUBJECTS

7.1 How to exercise your rights

Users may exercise the rights guaranteed to them by the Applicable Law by contacting the Data Controller in the following ways:

Sending an email to: privacy@creationdose.com
Sending a certified email to: creationdose@pec.impresecatania.it

The User has the right to request the deletion of their personal data at any time. To exercise this right, it is necessary to send a written request to our data protection office at the address privacy@creationdose.com. Confirmation of receipt of the request will be provided, on the response times in relation to the problem and on the methods of execution, in compliance with current legislation.

The Data Controller has NOT identified a Data Protection Officer (DPO), as it is not subject to the designation obligation provided for by Article 37 of the Regulation.

7.2 List of rights

Pursuant to the Applicable Law, the Data Controller informs that Users have the right to obtain the indication (i) of the origin of the personal data; (ii) of the purposes and methods of the processing; (iii) of the logic applied in case of processing carried out with the aid of electronic instruments; (iv) of the identification details of the owner and managers; of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as managers or agents.

Furthermore, Users have the right to obtain:

access, updating, rectification or, when they have an interest, the integration of the data;
the cancellation, transformation into anonymous form or limitation of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
the certification that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves a use of means manifestly disproportionate to the protected right;
the right to withdraw consent at any time, if the processing is based on their consent;
the right (where applicable) to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format);
the right to object:
- in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection;
- in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
- if personal data are processed for direct marketing purposes, at any time, to the processing of their data carried out for this purpose, including profiling to the extent that it is connected to such direct marketing.
if they believe that the processing concerning them violates the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State in which they usually reside, in which they work or in which the alleged violation occurred). The Italian supervisory authority is the Garante per la protezione dei dati personali, with headquarters in Piazza Venezia n. 11, 00187 – Rome (http://www.garanteprivacy.it/).

8. REGISTRATION VIA SOCIAL NETWORKS

8.1 Registration via "Connect with Facebook"

The Data Controller informs that Users registered on Facebook can register for the App through the "Connect with Facebook" service or equivalent, in cases where this option is available on the App. The data that may be communicated by Facebook to the Data Controller through the "Connect with Facebook" service are the following: name, surname, profile image, email address on which the User can be contacted by Facebook (with "actual" address or address on the proxymail.facebook.com domain), the address and date of birth, as well as all personal information of the User that may be voluntarily published. The Data Controller will process this data exclusively for the purposes indicated in this policy, in compliance with the consents given by the User from time to time. By joining the "Connect with Facebook" service and clicking on the "Allow" button, the User consents to the transfer of the aforementioned data from the Facebook platform to the Data Controller. The Data Controller will use this data to facilitate the registration procedure, pre-filling the fields of the User's registration form with the data communicated by Facebook. Users who use the "Connect with Facebook" service can access the App using the credentials normally used to access Facebook. For more information on the "Connect with Facebook" service and to change your privacy settings related to this service, please consult the following links: http://www.facebook.com/help/405977429438260/ and https://www.facebook.com/about/privacy/your-info-on-other.

8.2 Registration via “Connect with Google”

The Data Controller informs that Users registered on Google can register for the App through the "Connect with Google" service or equivalent, in cases where this option is available on the App. The data that may be communicated by Google to the Data Controller through the "Connect with Google" service are the following: name, surname, profile image, email address on which the User can be contacted by Google (with "actual" address or address on the proxymail.google.com domain), the address and date of birth, as well as all personal information of the User that may be voluntarily published.The Data Controller will process this data exclusively for the purposes indicated in this policy, in compliance with the consents given by the User from time to time. By joining the "Connect with Google" service and clicking on the "Allow" button, the User consents to the transfer of the aforementioned data from the Google platform to the Data Controller. The Data Controller will use this data to facilitate the registration procedure, pre-filling the fields of the User's registration form with the data communicated by Google. Users who use the Google Connect service can access the App using the credentials normally used to access Google. For more information on the "Connect with Google" service and to change your privacy settings related to this service, please consult the following links: www.google.com/intl/it_ALL/policies/privacy/and https://support.google.com/plus/answer/1301225?hl=en.

8.3 Registration via “Apple ID”

The Data Controller informs that Users with an Apple ID can register for the App through the "Sign in with Apple" service or equivalent, in cases where this option is available on the App. The data that may be communicated by Apple to the Data Controller through the "Sign in with Apple" service are the following: name, surname, email address, as well as all personal information of the User that may be voluntarily published. The Data Controller will process this data exclusively for the purposes indicated in this policy, in compliance with the consents given by the User from time to time. By joining the "Sign in with Apple" service and clicking on the "Allow" button, the User consents to the transfer of the aforementioned data from the Apple platform to the Data Controller. The Data Controller will use this data to facilitate the registration procedure, pre-filling the fields of the User's registration form with the data communicated by Apple. Users who use the "Sign in with Apple" service can access the App using the credentials normally used to access Apple. For more information on the "Sign in with Apple" service and to change your privacy settings related to this service, please consult the following link: https://support.apple.com/it-it/HT210318.

9. CONNECTION TO SOCIAL NETWORKS

9.1 TikTok

The Data Controller informs that Users with a profile on the TikTok Platform can connect their profile via "Contacts and Social" in the App, within the "Profile Verification" Section.The data that may be communicated by TikTok to the Data Controller through the "Connect to your social" service are the following: name, surname, email address, avatar and display name, as well as all personal information of the User that may be voluntarily published, such as bio description, profile link, account verification status, audience engagement metrics, such as general count, follower count, video count. The Data Controller will process such data exclusively for the purposes indicated in this policy, in compliance with the consents given by the User from time to time. By continuing with the connection process, the User consents to the transfer of the aforementioned data from the relevant Social Network to the Data Controller. The Data Controller will use this data to enhance the search and selection of Users in the App useful for the Data Controller's business reasons. Users who use the "Connect your social" service will need to access their Tiktok profile using their TikTok credentials. For more information on the "Connect your social" service and to change your privacy settings related to said service, please consult the subsequent section 9.4.

9.2 Meta

The Data Controller informs that Users with a profile on the Instagram Platform can connect their profile via "Contacts and Social" in the App, within the "Profile Verification" Section. The data that may be communicated by Meta (Instagram and/or Facebook) to the Data Controller through the "Connect to your social" service are the following: name, surname, email address, photo and username, as well as all personal information of the User that may be voluntarily published, such as bio description, profile link, account verification status, audience engagement metrics, such as general count, follower and following count, count of published posts. The Data Controller will process such data exclusively for the purposes indicated in this policy, in compliance with the consents given by the User from time to time. By continuing with the connection process, the User consents to the transfer of the aforementioned data from the relehvant Social Network to the Data Controller. The Data Controller will use this data to enhance the search and selection of Users in the App useful for the Data Controller's business reasons. Users who use the "Connect your social" service will need to access their Instagram profile using their Instagram credentials or via Facebook. For more information on the "Connect your social" service and to change your privacy settings related to said service, please consult the subsequent section 9.4.

9.3 Reasons for connection

By connecting their social accounts, the User will be able to:

Increase collaboration opportunities: The information from your connected social profile (such as interests, online behaviors, etc.) will allow for the selection of the User for potential collaborations with brands and companies related to their interests.
Improve the in-app experience: Thanks to the data collected from your social profiles, the User can be offered personalized content, features, and recommendations, making their in-app experience even more engaging and satisfying.

9.4 Disconnecting social accounts

At any time the User can:

Disconnect social profiles: by accessing via "Contacts and Social" in the App, within the "Profile Verification" Section, and clicking on the "Connected" icon next to the Social network you want to disconnect.
Change the privacy settings of your social profiles: to limit the amount of information you share with us.

Important Note: The User is reminded that the management of personal data collected through social networks is subject to the respective privacy policies of the platforms. The User is invited to read them carefully to have a complete view of how their data is processed.

10. THIRD PARTIES

The Data Controller may share personal data with third parties who assist in providing the services. These third parties may use the User's data to improve the services offered, to provide assistance, to complete transactions and payments. For example, aggregated and anonymous data may be shared with analytical service providers to better understand how Users use the App. The Data Controller may also share specific personal data with payment service providers to process transactions. In any case, we ensure that the processing of the User's data by third parties occurs in compliance with the GDPR.

Identification of the Third Parties involved:

Analytical services: Google Analytics, Firebase, MixPanel, etc.
Advertising services: AdWords, Facebook Ads, etc.
Payment service providers: Stripe, PayPal, Play Store, App Store, etc.
AI Services: Google Cloud.
Support services: intercom.com and corporate emails, etc.
Crashlytics error tracking services: Firebase, etc.
Other service providers: cloud services, email marketing platforms, etc.

Type of data shared:

Registration Data: Name, surname, email address, username, password (encrypted), phone number (if provided), etc.
Other personal data: date of birth, age, sex, interests, ATECO code, VAT number, etc.
Navigation data: IP addresses, pages visited, etc.
Purchase data: products purchased, amounts spent, etc.
Device data: manufacturer, brand, OS, version of the App in use, the features used, etc.
Profile Information: Profile photo, biography, interests, and other information that the user chooses to share publicly or privately within the App.
User-Generated Content Data: videos and images of faces of Users and framed Third Parties, Voice recordings or audio tracks embedded in the content, Captions and other textual communications present in the uploaded content.

The Data Controller is not responsible for updating all the links viewable in this Policy, therefore, whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites recalled by such link.