Live Oaks Bible Church Privacy Policy

Last updated March 25, 2024 – Version 4.7

This privacy policy describes the collection, use, protection, disclosure, correction, and deletion of your personal information by Subsplash.  Please take a moment to read the following to learn more about our information practices, including what type of information is gathered, how the information is used and for what purposes, to whom we disclose the information, and how we safeguard your personal information.  Your privacy is a priority at Subsplash, and we go to great lengths to protect it.
This privacy policy applies to the websites located at subsplash.com and thechurchapp.com, including all subpages and successor pages, as well as all software and services that we offer, including but not limited to those services that we offer through our websites when you register for a Subsplash account (collectively referred to as the “Subsplash Account Services”).
Subsplash may update its privacy policy from time to time.  When we change the policy in a material way a notice will be posted on our website along with the updated privacy policy.
WHY WE COLLECT PERSONAL INFORMATION
We collect your personal information because:
  • It helps Subsplash deliver and administrate your Subsplash Account Services;
  • It helps Subsplash deliver a superior level of customer service;
  • It enables Subsplash to give you convenient access to our products and services and focus on categories of greatest interest to you;
  • It helps Subsplash keep you posted on the latest product announcements, software updates, special offers, and events that you might like to hear about. If you do not want Subsplash to keep you up to date with Subsplash news, software updates and the latest information on products and services please submit your request here or send an email request to privacy@subsplash.com.
WHAT INFORMATION WE COLLECT, WHEN WE COLLECT IT, AND HOW WE MAY USE IT
If you wish to utilize Subsplash Account Services, Subsplash needs your information for purposes of processing and transmitting information to drive the correct data and content between servers and apps for your experience.
Also, there are a number of situations in which your personal information may help us give you better service.  For example:
  • We may ask for your personal information when you’re discussing a service issue on the phone with an associate, downloading a software update, registering for a seminar, participating in an online survey, registering your products, or purchasing a product;
  • When you interact with Subsplash, we may collect personal information relevant to the situation, such as your name, mailing address, phone number, email address, and contact preferences; your credit card information and information about the Subsplash products you own, such as their serial numbers and date of purchase; and information relating to a support or service issue;
  • We collect information regarding customer activities on our websites and applications.  This helps us to determine how best to provide useful information to customers and to understand which parts of our websites, products, and Internet services are of most interest to them, and diagnose problems with our servers and websites;
  • When you visit the Subsplash mobile application, we may ask you to opt in to allow us to use GPS technology (or other similar technology) to determine your current location for purposes of reporting on user activity and engagement.  If you do not want us to use your location for the purposes set forth above, you should not opt in or turn off the location services for the Subsplash mobile application located in your account settings or in your mobile phone settings and/or within the mobile application;
  • We may use personal information to provide products and/or services that you have requested as well as for auditing, research, and analysis to improve Subsplash’s products; and
  • If you utilize the Subsplash messaging functionality, Subsplash stores the contents of your messages which may contain personal information, may obtain your mobile device’s number or your email, and may request access to your mobile device’s contacts for the purpose of accessing and storing only the phone number and/or the email address of the particular persons that you opt to contact through the Service—Subsplash will not copy any contact information regarding persons that you do not contact through the Service.  With regard to the contact information of the particular persons that you opt to contact through the Service, Subsplash will only utilize that information for purposes of providing the Service, and will not use that information for any other purpose;
  • If you sign up for Subsplash Messaging, as described above, and you choose to invite other users to join a conversation, Subsplash will request access to your contacts, though it is not required in order to invite other users to your conversation. Subsplash will only use this access to enable you to invite other users.
  • Subsplash may use aggregated and anonymized forms of personal information for a variety of purposes, including, but not limited to, analyzing usage trends, fraud detection, and development of new Services.
PUBLICLY DISPLAYED INFORMATION IS PUBLIC
If you use a bulletin board, streaming service, messaging service, or chat room on a Subsplash website or Service you should be aware that any information you share is visible to other users.  Personally identifiable information you submit to one of these forums can be read, collected, or used by other individuals to send you unsolicited messages.  Subsplash is not responsible for the personally identifiable information you choose to submit in these forums. For example, if you choose to make information, which was previously non-public, available by disclosing it in such forms or by enabling certain user features, Subsplash will collect that information from your interaction and the information will become publicly available.
WHEN WE DISCLOSE YOUR INFORMATION
Subsplash takes your privacy very seriously.  Subsplash does not sell or rent your contact information to other marketers or any other third party.  If you wish to utilize the Subsplash Account Services, Subsplash discloses your information to third-party service providers and institutions for purposes of processing and transmitting information to drive the correct data and content between servers and apps for your experience. If you invite other users to one of our services, we may inform the person(s) you invite of who has invited them. Subsplash may share aggregated and anonymized forms of personal information with third parties, in which case, the information shared will be shared in a deidentified and non-identifiable form.
WITHIN THE SUBSPLASH GROUP
Subsplash, Inc. and Subsplash Wallet, LLC both operate under the name “Subsplash” and they operate as a group.  To help us provide superior service, your personal information may be shared with legal entities within the Subsplash group globally who will take reasonable steps to safeguard it in accordance with Subsplash’s privacy policy.
WITH OUR SERVICE PROVIDERS, VENDORS, AND STRATEGIC PARTNERS
There are also times when it may be advantageous for Subsplash to make certain personal information about you available to companies that Subsplash has a strategic relationship with or that perform work for Subsplash to provide products and services to you on our behalf.  These companies may help us process information, extend credit, fulfill customer orders, deliver products to you, manage and enhance customer data, provide customer service, assess your interest in our products and services, or conduct customer research or satisfaction surveys.  These companies are also obligated to protect your personal information in strict accordance with Subsplash’s policies, except if we inform you otherwise at the time of collection. Without such information being made available, it would be difficult for you to purchase products, have products delivered to you, receive customer service, provide us feedback to improve our products and services, or access certain services, offers, and content on the Subsplash website.
PARTNER PROMOTIONS
We may offer contests, sweepstakes, or other promotions with third party partners. If you decide to enter a contest, sweepstakes, or promotion that is sponsored by and/or associated with a third party partner, then the information that you provide will be shared with us and with them. Their use of your information is not governed by this privacy policy.

BUSINESS TRANSFERS
We may choose to buy or sell assets and may share and/or transfer customer information, including Personal Information, in connection with the evaluation of and entry into such transactions and based on our legitimate interests. Also, if we or our assets are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information may be one of the assets transferred to or acquired by a third party.

LAWFUL REQUESTS
At times we may be required by law or litigation to disclose your personal information.  We may also disclose information about you if we reasonably determine that for national security, law enforcement, or other issues of public importance, disclosure is necessary.
SUBSPLASH GIVING
Subsplash Giving is web-enabled functionality that can be used with a web browser and on mobile devices.  It was developed by Subsplash to enable donors to donate money to third-party organizations. If you choose to use the Subsplash Giving functionality to donate money, Subsplash and the payment processor will collect personal information from you, including your name, contact information, the donation amounts, and the payment processor receives certain payment information (e.g. credit card number, billing address, security code) and will use that information to process payments and provide you records of the transactions. Donor information will be shared with the Gift Recipient.
When you send a text message to Subsplash or Subsplash Wallet for purposes of utilizing text-to-give functionality, you will be disclosing your cell phone number to Subsplash, Inc., and you thereby consent to receiving a hyperlink to the Subsplash Wallet donation portal via text message. In order to stop receiving texts from Subsplash or Subsplash Wallet, respond to the text message by typing, “STOP.”
SUBSPLASH LIVE
Subsplash Live uses YouTube API Services, governed by the Google Privacy Policy (http://www.google.com/policies/privacy), to access your organization’s YouTube channel name and ID, and to create live streams and live broadcasts on your organization’s behalf. We do this to display the linked channel in your Subsplash Dashboard and to create syndicated live broadcasts in that channel. In addition to Subsplash’s normal procedure for deleting stored data, your organization may revoke Subsplash Live’s access to your YouTube data via the Google security settings page (https://security.google.com/settings/security/permissions). Please contact Subsplash with any questions or complaints about Subsplash Live’s privacy practices.
COOKIES AND OTHER TECHNOLOGIES
As is standard practice on many corporate websites, Subsplash’s websites use “cookies” and other technologies to help us understand which parts of our websites are the most popular, where our visitors are going, and how much time they spend there.  We also use cookies and other technologies to make sure that our online advertising is bringing customers to our products and services. Cookies contain information that is transferred to your computer’s hard drive. These cookies are used to store information, such as the time that the current visit occurred, whether the visitor has been to the site before and what site referred the visitor to the web page.
If, however, you prefer not to enable cookies, you can disable them in your browser.  Please note that certain features of the Subsplash websites and Subsplash online products will not be available once cookies are disabled.  As is true of most websites, we gather certain information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type, Internet Service Provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.  We may also track usage data, such as how frequently you visit our site or use our applications, how many messages you send, and how you engage with our content.
We also use Google Analytics. Google Analytics is a web analytics tool that helps website owners understand how visitors engage with their website.  
Like many services, Google Analytics uses first-party cookies to track visitor interactions as in our case, where they are used to collect information about how visitors use our site. We then use the information to compile reports and to help us improve our site.
We also may use other Google Analytics tools, such as Demographics and Interest Reporting, which enable us to learn more about the characteristics and interests of the users who visit our Site, and Remarketing with Google Analytics, which enables us to provide relevant advertising on different websites and online services.
Google Analytics collects information anonymously.  It reports website trends without identifying individual visitors.  You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across websites you use, visit this Google page.
We use this information, to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole.
In some of our email messages we use a “click-through URL” linked to content on the Subsplash website.  When customers click one of these URLs, they pass through our web server before arriving at the destination web page.  We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications.  If you prefer not to be tracked simply avoid clicking text or graphic links in the email. In addition, we use pixel tags — tiny graphic images — to tell us what parts of our website customers have visited or to measure the effectiveness of searches customers perform on our site.
Pixel tags also enable us to send email messages in a format customers can read.  And they tell us whether emails have been opened to ensure that we’re sending only messages that are of interest to our customers.  We may use this information to reduce or eliminate messages sent to a customer.
HOW WE PROTECT YOUR PERSONAL INFORMATION
Subsplash takes precautions — including administrative, technical, and physical measures — to safeguard your personal information against loss, theft, and misuse, as well as unauthorized access, disclosure, alteration, and destruction.  The Subsplash websites use Secure Sockets Layer (SSL) encryption on all web pages where personal information is required. To make purchases from the Subsplash online store, or through your Subsplash accounts, you must use an SSL-enabled browser such as Safari, Google, or Internet Explorer.  Doing so protects the confidentiality of your personal and credit card information while it’s transmitted over the Internet. You can help us by also taking precautions to protect your personal data when you are on the Internet. Change your passwords often using a combination of letters and numbers, and make sure you use a secure web browser like Safari or Google.
INTEGRITY OF YOUR PERSONAL INFORMATION
Subsplash allows you to keep your personal information accurate, complete, and up to date.  Naturally, you have the right to access, correct and delete the personal information you have provided, though you may not delete all information if you wish to maintain an account with Subsplash and Subsplash is required to retain some information with regard to Subsplash Giving transactions and donors.  Despite our best efforts, errors sometimes do occur. If you identify any personal information that is out-of-date, incorrect or incomplete, let us know and we will make the corrections promptly and use every reasonable effort to communicate these changes to other parties who may have inadvertently received incorrect or out-of-date personal information from us.  In the event that you delete your information, such deletion may make it impossible for Subsplash to continue offering you some or all of the Subsplash Account Services.
Subsplash retains personal information only as long as we are required to for our business relationship or as required by Federal or Provincial laws, subject to reasonable industry practices for records retention.  Subsplash has appropriate procedures in place with respect to the destruction, deletion and disposition of personal information when it is no longer required by Subsplash, subject to applicable law.
CHILDREN
Subsplash recognizes that parents, guardians, or other adults often purchase our products for family use, including use by minors.  We do not knowingly collect personal information from children under the age of 13 for marketing purposes, but because some information is collected electronically, it can appear to be the personal information of the Subsplash purchaser of the product, and will be treated as such by this privacy policy.  If a child under the age of 13 submits personal information to Subsplash without the consent of their parent or guardian and we learn that that personal information is the information of a child under the age of 13, we will delete the information as soon as possible.
We will never share, sell, rent, or transfer children’s personal information other than as described in this section.
We may disclose aggregated information about many of our users which may include aggregated information that does not identify a particular person. In addition, we may disclose children’s personal information:
  • To third parties that the child’s parent or guardian approved through the Services.
  • If we are required to do so by law or legal process, such as to comply with any court order or subpoena or to respond to any government or regulatory request;
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Subsplash, our customers or others, including to: (1) protect the safety of a child; (2) protect the safety and security of the Services; or (3) enable us to take precautions against liability; or
  • To law enforcement agencies or for an investigation related to public safety.
At any time, you may review your child’s personal information maintained by us, require us to correct or delete the personal information, and/or refuse to permit us from further collection or using the child’s information.
You can review, change or delete your child’s personal information by:
  • Logging on to your account; or
  • Submitting a request here, or by sending us an email at privacy@subsplash.com.
To protect your privacy and security, we may require you to take certain steps or provide additional information to verify your identity before we provide any information or make corrections.
CANADA CUSTOMERS
Our policies and practices have been designed to comply with the Personal Information Protection and Electronic Documents Act (Canada), the Privacy Act (Canada) and all provincial statutes that regulate the treatment of personal information in the private and public sectors.
Depending on the location of users of the Subsplash Account Services, information on the Subsplash Account Services including the Subsplash website may be accessed from outside of Canada or sent to others outside of Canada.  Please note that any personal information that is sent outside of Canada may be subject to access by law enforcement and government authorities having jurisdiction in those countries in which the information is located.
If the event that any dispute between you and Subsplash regarding your personal information or this policy is not resolved pursuant to the “Dispute Resolution” section below within thirty (30) days, either party may consult the Privacy Commissioner of Canada or a relevant provincial privacy commissioner.
PRIVACY NOTICE FOR EU RESIDENTS
This Section [•] governs personal data, information relating to an identified or identifiable natural person, gathered from data subjects located in the EU only.  
General Data Protection Regulation (“GDPR”) Information
The following information describes our commitments to you under EU General Data Protection Regulation (“GDPR”).
The GDPR makes a distinction between organizations that process personal data for their own purposes (known as "Data Controllers") and organizations that process personal data on behalf of other organizations (known as "Data Processors"). Subsplash only acts as a Data Controller for very limited types of data, such as the information you enter when you register an account with us or the information you submit when purchasing our software.  Subsplash is the Data Controller for information provided by our users when we provide our Services. Subsplash is the Data Processor for information provided by our third party partners when they provide us with services, such as our payment partners processing payments on behalf of our users.
When We Act as a Data Controller
When we process your data as a Data Controller, the following applies.  
We collect, use, and share your personal data where we are satisfied that we have an appropriate legal basis to do this. This may be because:  
  • Consent:  Our use of your personal data is in accordance with your consent. If we process your personal data based on consent, you will be asked for said consent at or before the time of data collection. You may withdraw your consent at any time, and will not suffer any detriment for withdrawing your consent.
  • Contract: Our use of your personal data is to fulfill a contract between you and us.
  • Legal Obligation: Our use of your personal data is necessary to comply with a relevant legal or regulatory obligation that we have (for example, where we are required to disclose personal data to a court, or store information due to federal financial regulations); or
  • Legitimate Interest: Our use of your personal data is for a legitimate interest of ours, such as fraud prevention and ensuring our network’s security.
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, EU residents have certain rights in relation to their personal data:  
  • Right to Access: You have the right to access your personal data that is being processed; specifically you may request to view your personal data and obtain copies of your personal data.
  • Right to Rectification: You have the right to request modifications to your personal data if it is out of date or inaccurate. In some circumstances, you may be able to exercise this right, in whole or in part, through your existing account with us.
  • Right of Erasure: You have the right to ask that we delete your personal data.  However, we are not required to comply with your request to erase personal data if the processing of your personal data is necessary for compliance with a legal obligation, or for the establishment, exercise, or defense of legal claims.
  • Right to Restriction of Processing: Under certain circumstances, you have the right to request we restrict processing your personal data You have the right to restrict the use of your personal data.  However, we can continue to use your personal data following a request for restriction (a) where we have your consent; (b) to establish, exercise or defend legal claims; or (c) to protect the rights of another natural or legal person.
  • Right to Data Portability: To the extent that we process your information (i) based on your consent or under a contract; and (ii) through automated means, you have the right to receive such personal data in a structured, commonly used, machine-readable format, or you can ask to have it transferred directly to another data controller.
  • Right to Object: You have the right to object to the processing of your personal data. However, we may still process your personal data if we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
  • Right to Object to Automated Processing:  You have the right to object to decisions based on automated processing, such as where a computer assesses factors in the data we collect about you and makes a determination. We do not currently make any decisions based on automated processing.  
We retain your personal data for as long as necessary to provide you with our services, or for other important purposes such as complying with legal obligations, resolving disputes, and enforcing our agreements.
We ask that you please attempt to resolve any issues regarding your data protection or requests with us first before contacting the relevant supervisory authority.  If you would like to exercise any of the rights described above, please send a request to privacy@subsplash.com. In your message, please indicate the right you would like to exercise and the information that you would like to access, review, correct, or delete.
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the requested personal data.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
When Subsplash Acts as a Data Processor
Where we process your data in our capacity as a Data Processor, the processing of your data will not be governed by the foregoing provisions (“When We Act As Data Controller”), but you can contact the Data Controller directly to learn about their processing of your information and to exercise your rights, or we will forward your request directly to them at your request.
Subsplash’s “privacy by design” approach requires that our default user data protection levels be at the highest setting by default. In the unlikely event of breach, Subsplash will notify data subjects and Supervisory Authorities (SAs) in the EU according to procedures provided in GDPR Articles 33 and 34.  
EU-US DATA PRIVACY FRAMEWORK
The following provisions govern information collected in reliance on the EU-U.S. Data Privacy Framework Principles for transfers of personal data from the EU to the United States.  Subsplash adheres to the Data Privacy Framework Principles (“Principles”) and is committed to subject to the Principles all personal data received from the EU in reliance on the Data Privacy Framework.  Individuals from whom Subsplash collects personal information under the Data Privacy Framework have the right to access their personal data by contacting Subsplash here or at privacy@subsplash.com. As a result of certification to the Data Privacy Framework, Subsplash is subject to the investigatory and enforcement powers of the Federal Trade Commission or any other U.S. authorized statutory body.
You may access the Data Privacy Framework Participant List here.
Notice and Choice
When Subsplash collects personal information from individuals, it may share this information with its client organizations or third parties as described above in the Privacy Policy. Individuals should review the privacy policy of the client organization. Individuals will have the choice of signing up for Subsplash services or not.  A link to the Subsplash privacy policy will be provided when individuals are first asked to provide personal information when opting in to Subsplash services.
In instances in which Subsplash is not the controller or collector of the personal information, but only a processor, it has no means of providing individuals with the choice and means for limiting the use and disclosure of their personal information or providing notices when individuals are first asked to provide personal information to Subsplash.  In such instances, Subsplash will comply with the instructions of the controller of such information; provide appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and to the extent appropriate, assist the controller in responding to individuals exercising their rights under the Principles.
In the context of an onward transfer Subsplash has responsibility for the processing of personal information it receives under the Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Subsplash shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
Disclosures to Third Parties
Subsplash will not make disclosures of personal information to third parties without notifying individuals that such disclosure may be made.  In those instances in which Subsplash collects personal information from individuals, prior to disclosing personal information to a third party, Subsplash shall notify the individual of the fact that their information may be disclosed. If individuals do not wish to have their personal information disclosed to any third parties, the individual should not register for such Subsplash services.  With regard to Subsplash Giving, donor information will be shared with the Gift Recipient. The Gift Recipient may utilize a third party for purposes of receipt and management of such information and donors should review the privacy policies of Gift Recipient in this regard. In the case of third parties (e.g., churches) for whom Subsplash gathers personal information, Subsplash shall enter into a contract that provides that such data may only be processed for limited and specified purposes consistent with consent provided and that such third party will provide the same level of protection as is required by the Principles.  For third party agent recipients (e.g., payment processors) of personal information, Subsplash shall: transfer only such data for limited and specified purposes; ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles, and; upon notice, take reasonable and appropriate steps to stop and remediate unauthorized processing.
Data Security
Subsplash shall take reasonable steps to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Subsplash has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the information from loss, misuse, unauthorized access or disclosure, alteration or destruction. Subsplash cannot guarantee the security of information on or transmitted via the Internet.
Data Integrity
Subsplash shall only process personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by those who provided the information. To the extent necessary for those purposes, Subsplash shall take reasonable steps to ensure that personal information is accurate, complete, current and reliable for its intended use.
Access
In those instances in which Subsplash collects personal information directly from individuals, Subsplash shall allow those individuals access to their personal information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.  As noted above, you may not delete all information if you wish to maintain an account with Subsplash and Subsplash is required to retain some information with regard to Subsplash Giving transactions and the applicable users.
Recourse, Enforcement, and Liability
A)  Dispute Resolution
If you filed a complaint with Subsplash and it has not been properly addressed, JAMS is designated by Subsplash as the independent dispute resolution body to address complaints regarding Subsplash’s collection of personal information and provide appropriate recourse.  Such body will not charge the complaining party for its services. Follow this link to the complaint submission form for the above referenced independent dispute resolution body.
B)  Binding Arbitration
If your claims as to data covered by the EU-U.S. Data Privacy Framework have not been remedied through dispute resolution directly with Subsplash or through independent dispute resolution as described above, such “residual claims” may be heard by a “Data Privacy Framework Panel” composed of one or three arbitrators as agreed upon by the parties. The Panel may only award individual-specific, non-monetary equitable relief (e.g. access, correction, deletion of the individual’s data in question) necessary to remedy the violation of the Principles only with respect to the individual. Damages, costs, fees and other remedies may not be awarded, and each party bears its own attorney’s fees.  This arbitration option is only available for an individual to determine for such “residual claims” whether Subsplash has violated its obligations under the Principles as to that individual and whether any such violation remains fully or partially unremedied.
C)  GDPR (General Data Protection Regulation)
The GDPR replaces Directive 95/46/EC and becomes enforceable on May 25, 2018. The following statement is intended to supplement the preceding discussion of the EU-U.S. Data Privacy Framework. As to personal data collected and controlled by Subsplash, subject to the qualifications and limitations stated in the preceding discussion, EU data subjects retain their full rights to be informed of the purposes of our processing activities at collection; to withdraw consent; to access, rectify, transport, and erase their personal data; to object to processing for direct marketing efforts; and to object when subjected to automated processing decisions. As to personal data collected by third parties, and as to which Subsplash is a mere processor, EU data subjects should contact the controller (e.g., church or ministry) with regard to their rights to be informed of the purposes of our processing activities at collection; to withdraw consent; to access, rectify, transport, and erase their personal data; to object to processing for direct marketing efforts; and to object when subjected to automated processing decisions.  Such rights may be subject to certain qualifications and limitations as stated in the discussion of EU-US Data Privacy Framework.
Our Data Protection Officers will assist EU residents with these requests free of charge and may be contacted at privacy@subsplash.com.
Subsplash understands that the adoption of global data security practices is not a one-time activity.  Subsplash’s “privacy by design” approach requires that our default user data protection levels be at the highest setting by default. In the unlikely event of breach, Subsplash will notify data subjects and Supervisory Authorities (SAs) in the EU according to procedures provided in GDPR Articles 33 and 34.
We do not intentionally collect personal data from, and do not tailor any services to, children.
VeraSafe has been appointed as Subsplash's representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. VeraSafe can be contacted in addition to the Privacy Officer, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form or via telephone at: +420 228 881 031.
Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
Cork T23AT2P
Ireland
DATA PRIVACY FOR CALIFORNIA RESIDENTS
This section applies solely to visitors and users of our Site and Services who reside in the State of California. We have adopted this notice to comply with the California Consumer Privacy Act of 2018 (the “CCPA”) and the California Online Privacy Protection Act (“CalOPPA”), and any terms defined in the CCPA or CalOPPA have the same meaning when used in this notice.
For the purposes of this section “California Data Subject” shall mean: (1) an individual who is in the State of California for other than a temporary or transitory purpose, and (2) an individual who is domiciled in the State of California who is outside the State of California for a temporary or transitory purpose.
Information We Collect
Subsplash collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California Data Subject or device ("personal information"). In particular, Subsplash has collected the following categories of personal information from California Data Subjects within the last twelve (12) months:
CATEGORY
EXAMPLE
DO WE COLLECT THIS DATA?
Indentifiers
Real name, alias, postal address, unique personal identifier, online identifier, internet protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers
Yes
Characteristics of protected classifications under California or federal law
Race, gender, ethnicity, disability status
No
Commercial information
Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
Yes
Biometric information
Fingerprint, facial pattern, voice, typing cadence
Yes
Internet or other electronic network activity information
Information regarding usage of a site, software, or app
Yes
Geolocation data
Physical location
Yes
Audio, electronic, visual, thermal, olfactory, or similar information
Recordings of a California Data Subject
Yes
Professional or employment-related information
Place of work, current occupation, duration of occupation, position/title
Yes
Education Information
Information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (FERPA)
No
Inferences drawn from any of the information identified above
Information used to create a profile about the California Data Subject reflecting their preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes
Yes
Sources of Personal Information. Subsplash obtains the personal information listed above from the following sources:
SOURCE
EXAMPLE
DO WE RECEIVE FROM THIS SOURCE?
Directly from you
From forms you complete or orders for products and services you purchase.
Yes
Indirectly from you
From observing your actions on the Service
Yes
Third Parties
We are provided information by our third party vendors such as:
  • Authentication Partners (who may provide us with personal information regarding users who authenticate with our Services through a third party)
  • Technology Service Providers (who may provide us personal information in the form of usage information, IP addresses, etc. of users of our Site and Services)
  • Payment Partners (who may provide us personal information in order to process payments from users)
  • Advertising Partners (Who may provide information about users viewing our advertisements)
Yes
Use of Personal Information
We may use or disclose the personal information we collect for one or more of the following business purposes:
A) To fulfill the purpose for which you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, we will use that personal information to respond to your inquiry. If you create an account on our Services the personal information you provide as part of the account creation process may be visible to other account holders, and we may use that information to verify your identity when you access the account. We may use personal information you provide us to provide technical support.  In addition, we may use the above information:
a)  To provide, support, personalize, and develop our websites, products, and/or services;
b)  To create, maintain, customize, and secure your account with us;
c)  To process your requests, purchases, transactions, and payments and prevent transactional fraud;
d)  To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses;
e)  To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets, and business;
f)  To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations; and
g)  As described to you when collecting your personal information or as otherwise set forth in the CCPA.
Subsplash will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice.  
Subsplash does not sell your personal information.  Subsplash does share personal information with our third party service providers and vendors in order to provide you the Service.
Your Rights and Choices
This section describes your CCPA rights and explains how to exercise those rights.
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and verify your request, we will disclose to you:
A)  The categories of personal information we collected about you;
B)  The categories of sources for the personal information we collected about you;
C)  Our business or commercial purpose for collecting or selling that personal information;
D)  The categories of third parties with whom we share that personal information;
E)  The specific pieces of personal information we collected about you (also called a data portability request);
F)  If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
a)  sales, identifying the personal information categories that each category of recipient purchased; and
b)  disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and verify your request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
A)  Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
B)  Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
C)  Debug products to identify and repair errors that impair existing intended functionality;
D)  Exercise free speech, ensure the right of another California Data Subject to exercise their free speech rights, or exercise another right provided for by law;
E)  Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
F)  Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent;
G)  Enable solely internal uses that are reasonably aligned with California Data Subject expectations based on your relationship with us;
H)  Comply with a legal obligation; and
I)  Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
To exercise the access, data portability, and deletion rights described above, please submit a verifiable California Data Subject request to us by submitting a request here or by sending us an email at privacy@subsplash.com or calling us at (206) 965-8090.
Only you or a person registered with the California Secretary of State, that you authorize to act on your behalf, may make a verifiable California Data Subject request related to your personal information. You may also make a verifiable California Data Subject request on behalf of your minor child.
You may only make a verifiable California Data Subject request for access or data portability twice within a twelve (12) month period. The verifiable California Data Subject request must:
A)  Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
B)  Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable California Data Subject request does not require you to create an account with us.  We will only use personal information provided in a verifiable California Data Subject request to verify the requestor's identity or authority to make the request.
We aspire to respond to a verifiable California Data Subject request within forty five (45) days of receipt of the request.  If we require more time (up to ninety (90) days) we will inform you of the reason(s) why an extension is needed and how long we anticipate the period to be.  Any disclosure we provide will only cover the twelve (12) month period preceding the receipt of your request.  If applicable, the response may provide the reasons why we cannot comply with your request.  For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable California Data Subject request unless it is excessive, repetitive, or manifestly unfounded.  If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.  We reserve the right to refuse to respond to verifiable California Data Subject requests that are excessive, repetitive, or manifestly unfounded.
Right of Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. We will not take any of the following actions against you in response to an exercise of your rights:
A)  Deny you goods or services.
B)  Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
C)  Provide you a different level or quality of goods or services.
D)  Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
California Do-Not-Track Disclosures
Subsplash does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals.  Third parties that have content embedded on Subsplash’s websites, software, or mobile applications (e.g. social features) may set cookies on a user’s browser and/or obtain information about the fact that a web browser visited a specific Subsplash website from a certain IP address.  Third parties cannot collect any other personal identifiable information from Subsplash’s websites unless you provide it to them directly.
Special Information for Nevada Residents
Residents of the State of Nevada have the right to opt out of the sale of certain pieces of their information to other companies who will sell or license their information to others. Subsplash does not sell or rent your contact information to other marketers or any other third party. If you are a Nevada resident and have additional questions please contact us here or by email at privacy@subsplash.com.

SPECIALIZED PARTNER CAMPAIGNS
From time-to-time, Subsplash may work with partner organizations to develop and distribute specialized content. Users who participate in the specialized marketing campaigns by completing our lead form and downloading the applicable content will be subject to the Supplemental Privacy Notice in addition to this Privacy Policy.

OUR COMPANY-WIDE COMMITMENT TO YOUR PRIVACY
To make sure your personal information is secure, we communicate these privacy guidelines to Subsplash employees and strictly enforce privacy safeguards within the company.
FREEDOM OF INFORMATION REQUESTS
If you are communicating with or making a donation to any organization or institution that is subject to either federal or provincial public sector “freedom of information” or “access to information” legislation, then please note that information concerning your communication and/or donation may disclosed to third parties pursuant to the procedures available under those laws.
INQUIRIES, COMPLAINTS, AND DISPUTE RESOLUTION
If you wish to verify, correct or delete any personal information we have collected, or if you have any questions or concerns, or if you have any complaints, please contact us here or by email at privacy@subsplash.com. If there is a dispute between you and Subsplash regarding your personal information or this policy, you agree to use reasonable efforts to resolve such dispute with Subsplash informally and to consult and negotiate with Subsplash in good faith to reach a fair and equitable solution.

PRIVACY QUESTIONS
If you have questions or concerns about Subsplash’s privacy policy, please contact our Privacy Officer.  Our Privacy Officer can be contacted at:
Subsplash, Inc.
5473 Blair Rd. Ste 100, PMB 41141, Dallas, TX 75231-4227
Email: privacy@subsplash.com