Zenfolio Privacy Notice
Welcome to Zenfolio!
Terms of Service Zenfolio | Terms of Service PhotoBooker | Privacy Policy | California Privacy | Copyright Policy | Website Terms of Use | Cookie Policy | Open Source Fonts | Data Processing Addendum | Acceptable Use Policy | Data Protection Framework
Last Updated: November 6, 2023
California Privacy (see Section 18)
EU & UK GDPR (see Section 20)
This Privacy Policy sets forth the terms and conditions under which Zenfolio, Inc. (“Zenfolio,” “we,” “us,” or “our”) collects, uses, and processes your personal information when you access or use any of our websites or services or otherwise engage with us or with third parties we use. This Privacy Policy describes, among other issues, the types of personal information that we collect, the purposes for which we use it, the types of third parties with whom we share it, and any rights and responsibilities you may have with respect to such personal information.
Please note that Zenfolio is subject to the Data Protection Framework (DPF) and will process our client’s personal information in accordance with the DPF.
Zenfolio offers two online platforms, one at www.zenfolio.com that allows photographers to exhibit, organize, print, sell, exchange, and share digital images, videos and related products, and the other at www.photobooker.com that allows photographers and their prospective customers to arrange photoshoots (such websites referred to collectively as the “Site,” and the Site, together with the corresponding services, referred to as the “Services”). FOR THE AVOIDANCE OF DOUBT, ZENFOLIO IS NOT RESPONSIBLE FOR, AND YOU WILL NOT HOLD OR SEEK TO HOLD ZENFOLIO LIABLE FOR, ANY DATA PROCESSING ACTIVITIES UNDERTAKEN IN CONNECTION WITH THE SERVICES BEING OFFERED OR THE WEBSITES BEING OPERATED BY PHOTOGRAPHERS OR OTHER THIRD PARTIES ON THE ZENFOLIO PLATFORMS. ANY AND ALL DISPUTES, COMPLAINTS, OR CLAIMS ARISING FROM THIS PRIVACY POLICY SHALL, TO THE MAXIMUM EXTENT PERMITTED BY LAW, BE SUBJECT TO THE DISPUTE RESOLUTION AND LIMITATIONS OF LIABILITY PROVISIONS, CRITERIA, AND REQUIREMENTS SET FORTH IN THE ZENFOLIO USER AGREEMENT.
1. Scope; Key Terms
This Privacy Policy describes how Zenfolio processes personal information in our role as a “data controller” (i.e., when Zenfolio determines the purposes for which and the means by which personal information is processed). More specifically, this Privacy Policy describes how we process personal information to fulfil our own business purposes, to market to photographers and others who may be interested in our Services, to operate our business websites that are available to the general public, and for other legitimate business interests.
In the event Zenfolio is processing personal information on behalf of photographers or other third parties, then Zenfolio is considered a “data processor,” and our data processing activities are governed by a contract between Zenfolio and such photographers and third parties (i.e., the Data Processing Clauses in our Terms of Services) and not this Privacy Policy. In other words, when photographers and other third parties use our Services to provide end-users goods and services, they act as the data controller and Zenfolio is their data processor. Any questions or concerns you have about the use of your personal information by photographers or such third parties must be submitted directly to them as they (and not Zenfolio) determine the purpose and means for processing your personal information. For the avoidance of doubt, Zenfolio is not responsible for, and you will not hold or seek to hold Zenfolio liable for, any data processing activities undertaken in connection with the services being offered or the websites being operated by photographers or other third parties on the Zenfolio platform.
For purposes of this Privacy Policy, the term “personal information” means any information that, alone or in conjunction with other information or data, identifies or is linked to a particular individual, household, or device, and that is subject to, or otherwise afforded protection under, a data protection law, statute, or regulation. The term “personal information” does not include anonymized data that is not attributable to a particular individual, household, or device or otherwise subject to a data protection law, statute, or regulation. Zenfolio may anonymize and aggregate personal information, and such data is not subject to this Privacy Policy.
2. Categories of Personal Information
Zenfolio collects personal information in order to provide our Site, comply with our legal obligations, promote our business interests, and for the other reasons set forth in this Privacy Policy. WHEN YOU DO NOT PROVIDE PERSONAL INFORMATION TO ZENFOLIO, WE MAY NOT BE ABLE TO PROVIDE YOU OUR SERVICES OR SATISFY ITS INTENDED PURPOSE (SEE BELOW). Generally, we collect the following types and categories of personal information during our business operations and for the following purposes:
Category | Examples | Purpose of Processing |
Registration information | Name; Address; Email; Phone number; Username; Password | To provide our Services and communicate with subscribers |
Photographer financial information | Credit Card number; SSN; Bank details | To provide our Services, to process transactions for our Services and for our photographer-subscribers |
Customer transaction information | Name; Email; Phone number; Shipping address; Payment information | To provide our Services, to enable ecommerce transactions, to fulfill orders, and to communicate with customers |
Photobooker and Photoshoot information | IP address; Location; Name; Email; Phone | To provide our Services and to enable our photoshoot scheduling |
Technical data (See more information below) | IP Address; Cookies; Social media contact information | To provide our Services, to enable logon sessions, to learn more about our visitors, and to improve our Services |
Support information | Name; Email; Phone number | To provide our Services and to provide support to our photographer-subscribers and to customers |
Commercial information | Records of the services you purchased, obtained, or considered, or your other purchasing or consuming histories or tendencies with respect to our services | For our own recordkeeping purposes, for legal compliance and to defend our interests, and to understand your preferences |
Business contact data | Name; Employer; Employer address; Email; Phone number | To contact employees and contractors of third parties with whom we conduct, or possibly will conduct, business activities |
Marketing and communications data | Name; Email; Phone number | To comply with your marketing preferences to receive, or not receive, our marketing materials, and to contact you about our Services |
Your feedback | Name; Information you provide about the Site or our Services | To improve our Services and to offer you an opportunity to provide your feedback |
Employment applicants | Name; Resumé; Employment history; Education; Criminal background; Credit history | To review and process applications for individuals seeking employment with Zenfolio |
Sensitive personal information | Information about images uploaded by photographers, which may include facial recognition data. Photographers, not Zenfolio, control the use of facial recognition tools and the identification of facial recognition data to a name or identity of an individual. | For sorting or organizing photographs in a gallery. |
We will not collect additional categories of personal information from you or use it differently than as described herein, unless we provide you with advance notice and obtain your consent.
3. Technical Data
When you access the Site, we collect certain data automatically using technical means and tools. This data relates to your device, and your experience on the Site and other websites, including the following:
Usage and Device Data. When you access and use the Site, we automatically collect details of your access to and use of the Site, including traffic data, usage logs and other communication data, and the resources that you access and use on or through the Site (e.g., browsing history, search history). We may also collect information about your device and internet connection, including the device’s unique identifier (e.g., device type, IMEI, Wi-Fi MAC, IP address), operating system, browser type, and mobile network information. The Site may collect “diagnostic” data related to your use of the Site, such as crash data and logs, performance data (e.g., launch time, hang rate, or energy use), and any other data collected for the purposes of measuring technical diagnostics.
Cookies and Tracking Data. We use “cookies” and other tracking technologies within the Site. A cookie is a small file placed on your smartphone or other device. It may be possible to refuse to accept cookies by activating the appropriate setting on your smartphone or device. However, if you select this setting, some parts of the Site may become inaccessible or not function properly. In addition, the Site may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us to analyze data on your use of the Site (e.g., recording the popularity of certain content and verifying system and server integrity). The Site may collect data about the advertisements you have seen or engaged. For more information, see our Cookie Policy.
Audio and Visual Materials. Our Site may, from time to time, display live or prerecorded videos or similar audio-visual materials (“Videos”). We may collect personal information with respect to you requesting access to, and/or accessing, such Videos, and we may disclose such personal information to third parties, including to our third-party service providers through the use of cookies. By requesting access to, or accessing, such Videos, you hereby agree to our Video Information Disclosure Consent Form. The provision of Videos on our Site is not an admission by Zenfolio and it shall not otherwise be interpreted, in any form or manner, to mean that Zenfolio is a “video tape service provider” for purposes of the Video Privacy Protection Act (codified as amended at 18 U.S. Code § 2710) (the “VPPA”) or that Zenfolio is otherwise subject to the VPPA.
Site Monitoring. Please be aware that we (and our service providers) use cookies and other tracking technologies on and within our Site to monitor and record any and all activities and communications to, from, and on, the Site in order to safeguard, improve, and analyze usage of the Site, to undertake marketing and digital advertising, and for the other purposes listed in this Privacy Policy. For the avoidance of doubt, you hereby acknowledge, agree, and consent to such monitoring and recording by us (and by our service providers).
4. Facial Recognition
Please note that photographers may elect to make it easier for their customers to identify or sort photographs in their photo galleries by implementing facial recognition tools we make available through our services. The facial recognition tools may be used to capture and process biometric data (e.g., scans of facial geometry) with respect to individuals in the images. While Zenfolio may host such facial recognition data to enable photographers to identify and organize their images, the photographers have, in their sole discretion, control of identifying any facial recognition data to a name or identity and are solely responsible for doing so. Zenfolio only uses that data as implemented by photographers and does not sell that data or use it for any other purpose. Further, Zenfolio does not have any independent method to be able to identify or verify any individual based on that facial recognition data. Zenfolio retains facial recognition data so long as the photographer utilizes those features. Accordingly, requests pertaining to such data have to be resolved by the applicable photographer as they are the “data controller” over such information. Notwithstanding the foregoing, Zenfolio has implemented commercially reasonable protocols to safeguard and, when appropriate, to permanently delete or dispose of images and photographs subject to the facial recognition features. More specifically, Zenfolio will delete images subject to the facial recognition features from its custody or control when it has been more than three (3) years since the last interaction by an applicable photographer with Zenfolio. Zenfolio will disclose and disseminate images subject to the facial recognition features to third parties in accordance with the data sharing and third-party disclosure terms and conditions set forth the agreements (i.e., the Terms of Service) between Zenfolio and the applicable photographer/data controller. INDIVIDUALS WHO ARE RESIDENTS OF, OR WHO OTHERWISE ARE LOCATED IN THE STATE OF ILLINOIS (UNITED STATES), ARE PROHIBITED FROM USING, OR BEING SUBJECT TO, ZENFOLIO’S FACIAL RECOGNITION FEATURES.
5. Sources of Information
We collect the personal information identified herein directly from you when you engage with us directly, through automated means when you are using the Site, and from third parties. More specifically, we collect personal information from the following sources:
First Party / Direct Collection. We collect personal information directly from you when you use our services or otherwise directly engage with us (e.g., account registration, completing purchases, signing-up for subscriptions, when you visit our offices or premises or otherwise contact us).
Automated Collection. As described above, we may collect information and data, such as usage data and cookies, through automated means when you use the Site (see “Technical Data” above).
Third-Party Sources. We collect personal information from third parties, such as publicly available databases, social networking providers, advertising companies, our service providers, and third-party references.
6. How We Use your Information
We may use the personal information we collect about you in order to provide the Site, comply with our legal obligations, and promote our business interests, including to (i) provide, operate, maintain, improve, and promote our services, (ii) enable you to access and use the Site, (iii) process and complete transactions, and send you related information, including purchase confirmations and invoices, (iv) send transactional messages (e.g., responses to your comments, questions, and requests) and provide customer service and support for our services, (v) furnish technical notices, updates, security alerts, and support and administrative messages to you, (vi) provide you promotional and marketing communications (e.g., information about our services, features, surveys, newsletters, offers, promotions, contests, and events), (vii) process and deliver contest or sweepstakes entries and rewards, (viii) monitor and analyze trends, usage, and activities in connection with our services to promote our business interests (e.g., marketing), (ix) investigate and prevent fraudulent transactions, unauthorized access to or use of the Site or our services, and other illegal activities, and (x) personalize the Site and our advertising, including providing features or advertisements that match your interests and preferences. Notwithstanding the foregoing, Zenfolio may collect and use your personal information for any other purpose for which we obtain your consent. For the avoidance of doubt, you hereby agree that Zenfolio may contact you via any means, including SMS/text message and email, to furnish you information regarding a product order, shipping status, warranty-related information, and similar data and information pertaining to a commercial transaction.
7. Third-Party Disclosures
We may share your personal information with certain organizations and third parties in accordance with applicable law, including as set out below. However, we do not share personal information with third parties that we have reason to believe use such information for their own direct marketing purposes.
Affiliates and Corporate Group Sharing. We may share personal information to and among our affiliates and subsidiaries who act for Zenfolio or on behalf of our parent company, and these recipients may use your personal information in accordance with the terms and conditions of this Privacy Policy. In addition to the foregoing, Zenfolio may leverage computer networks and systems of our affiliates and subsidiaries, and your personal information may be transmitted or retained thereon.
Service Providers. We may share your personal information with companies that provide services on our behalf, such as hosting and analyzing the Site, conducting surveys and marketing on our behalf, processing transactions, and performing analyses to improve the quality of the Site and our services.
Payment Card Transactions. Zenfolio uses Stripe for our payment card transactions. In turn, Zenfolio does not have access to your full credit card information and does not store or disclose your full credit card information. Any personal or financial information you provide to a third-party online payment system is subject to Stripe’s privacy terms.
Distributors and Business Partners. We may share your personal information with third parties that distribute our goods, products, and marketing materials.
Business Restructuring. Circumstances may arise where for strategic or other business reasons Zenfolio decides to sell, buy, divest, merge or otherwise reorganize our businesses. We may disclose your personal information to the extent reasonably necessary to proceed with the negotiation or with the completion of a merger, acquisition, divestiture or sale of all or a portion of Zenfolio’s assets.
Disclosure for Other Reasons. We may disclose personal information (i) if required by law, government order, or legal process, (ii) to protect and defend our rights or property, or (iii) in urgent circumstances, to protect the health and personal safety of any individual. In addition, Zenfolio may disclose your personal information with any third party when we believe such disclosure is necessary to defend or protect our legal, regulatory, or business interests. We may also disclose your information upon your express consent.
In the event that you facilitate a transaction with Zenfolio, or request information from or otherwise engage with us, and such activities require Zenfolio to share your personal information with a service provider or other third party, you hereby consent to such disclosure.
8. Social Media Platforms
We may engage with you on various social media platforms (e.g., Facebook, Twitter, Pinterest, Instagram). If you contact us on a social media platform for customer support or for other reasons, we may contact you via the social media’s direct message tools. Those communications to and from us are governed by this Privacy Policy. However, your use of a social media platform is also subject to the policies and terms of the relevant social media platform. Certain social media platforms may also automatically provide us with your personal information, and the information we receive will depend on the terms that govern your use of the social media platform(s) and any privacy settings you may have set. The Site includes social media features and widgets (e.g., the “Facebook Like” button, the “Share This” button) or interactive mini-programs that run on the Site. These features may collect your IP address and which Site page you are accessing and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Site. Your interactions with these features are governed by the privacy statement of the relevant social media platform that provides them.
According to the terms and conditions governing certain social media platforms, you may request that the information, data, or other content we obtain from or through the social media platform (“Platform Data”) be deleted or modified. If you would like Platform Data related to you deleted or modified, please contacts us in accordance with the “Contact Us” section below and identify (i) the social media platform at issue and (ii) the Platform Data that you would like deleted and/or modified, and if modified, the modification to said Platform Data. We may also delete Platform Data if requested by the social media platform.
9. Links to Other Websites; Your Direct Third-Party Disclosures
As a resource to you, the Site may include links to third-party websites or provide you the opportunity to disclose information directly to third parties (e.g., credit card processors). Our Privacy Policy does not apply to such third-party websites or organizations. You assume all privacy, security, and other risks associated with providing any data, including personal information, to third parties via the Services. For a description of the privacy protections associated with providing information to third parties, you should refer to the privacy statements, if any, provided by those third parties.
10. Data Retention
The period during which we retain your personal information varies depending on the purpose for the data processing. For example, we retain personal information needed to provide you with our Services, to facilitate transactions you have requested, or to engage in marketing activities, and for as long as is necessary to defend our legal or business interests. In all other cases, we retain your personal information for as long as is needed to fulfill the purposes outlined in this Privacy Policy.
11. Data Transfer Framework
Zenfolio is based in the United States and the personal information that we collect and process is retained and stored in the United States.LE You hereby acknowledge and agree that in order to satisfy our contractual obligations and to provide you the Services described here, we have to transfer and process your personal information in the United States. Please note that Zenfolio is subject to the Data Protection Framework (DPF) and will process our client’s personal information in accordance with the DPF.
12. Information Security
We seek to protect the security of your personal information and use a variety of security technologies and procedures to help protect your personal information from unauthorized access, use, or disclosure. HOWEVER, NO INFORMATION SYSTEM CAN BE FULLY SECURE AND WE CANNOT GUARANTEE THE ABSOLUTE SECURITY OF YOUR PERSONAL INFORMATION. MOREOVER, WE ARE NOT RESPONSIBLE FOR THE SECURITY OF PERSONAL INFORMATION YOU TRANSMIT TO THE SITE AND/OR THE SERVICES OVER NETWORKS THAT WE DO NOT CONTROL, INCLUDING THE INTERNET AND WIRELESS NETWORKS, AND YOU PROVIDE US WITH ANY PERSONAL INFORMATION AND DATA AT YOUR OWN RISK. TO THE EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE OR OTHERWISE RESPONSIBLE FOR ANY DATA INCIDENT OR EVENT THAT MAY COMPROMISE THE CONFIDENTIALITY, INTEGRITY, OR SECURITY OF YOUR PERSONAL INFORMATION THAT IS CAUSED BY A THIRD PARTY. The safety and security of your personal information also depends on you. Where we have given you (or where you have chosen) a username and password to access our Services, you are responsible for maintaining the security and confidentiality of those credentials and not revealing them to others. You must contact us immediately if you have reason to believe that your username or password to our Services has been compromised. You acknowledge and agree that we may contact you via email or other electronic communications in the event we are legally required to notify you of a data security incident or event related to your personal information.
13. No Data Collected from Children
The Site is not directed at, nor intended for use by, children. As a result, if you are under the age of eighteen (18), you are prohibited from accessing or using the Services (including the Site).
14. Publicly Posted Information; Product Reviews
The Site may provide you with the ability to submit a comment on, provide an opinion about, rate, or otherwise discuss our Services (a “Product Review”) or provide other information (“Feedback”), which may be posted to a publicly available portion of the Site. Any information or content you post in a Product Review or in your Feedback will be available to other users of the Site (and our social media platforms) and may be retrievable by third-party search engines, and third parties may also be able to download or share your Product Review and Feedback to social media websites or elsewhere. We recommend that you guard your privacy and anonymity and not upload any information in your Product Review and Feedback that you wish to remain confidential. Any third party with access to your information via the Site will be permitted to use the information in the same manner as if you submitted the information directly to that third party. Publicly posting any information on the Site is entirely voluntary on your part, and we recommend you carefully consider the information you choose to make publicly available.
15. Your Responsibilities
You are permitted, and hereby agree, to only provide personal information to Zenfolio if such personal information is accurate, reliable, and relevant to our relationship and only to the extent such disclosure will not violate any applicable data protection law, statute, or regulation or infringe upon a person’s data privacy rights or privileges. IF YOU PROVIDE PERSONAL INFORMATION (INCLUDING PERSONAL INFORMATION CONCERNING A THIRD PARTY) TO ZENFOLIO, YOU EXPRESSLY REPRESENT AND WARRANT TO ZENFOLIO THAT YOU HAVE THE FULL RIGHT AND AUTHORITY TO PROVIDE ZENFOLIO WITH SUCH PERSONAL INFORMATION (INCLUDING PERSONAL INFORMATION CONCERNING A THIRD PARTY) AND THAT ZENFOLIO’S USE AND PROCESSING OF SUCH PERSONAL INFORMATION AS SET FORTH HEREIN WILL NOT VIOLATE ANY PERSON’S RIGHTS OR PRIVILEGES, INCLUDING RIGHTS TO PRIVACY. YOU HEREBY AGREE TO FULLY AND COMPLETELY INDEMNIFY ZENFOLIO FOR ANY CLAIMS, HARM, OR DAMAGES THAT MAY ARISE FROM YOUR PROVISION OF PERSONAL INFORMATION (INCLUDING PERSONAL INFORMATION CONCERNING A THIRD PARTY) TO ZENFOLIO.
16. Updating/Correcting Your Information
It is important that the personal information that you provide to us is accurate and reliable. In certain circumstances, the Site may offer you the ability to directly edit your account to update and change your personal information (e.g., name, telephone number, email, shipping address) and you must do so when such changes are warranted. If your account does not contain such features, then you must directly notify Zenfolio of any changes or updates to your personal information in accordance with the “Contact Us” section listed below.
17. Email Marketing and Your Rights
You have the right to opt out of receiving email marketing communications from us. Generally, the email marketing communications that you receive from us will provide you an option to “unsubscribe” from receiving future email marketing communications from us. You may also unsubscribe from such email marketing by contacting us in accordance with the “Contact Us” section listed below. You hereby agree to immediately notify Zenfolio, in writing, in the event you no longer own, license, or use an email address to which you subscribed to receive email marketing from us.
18. California Privacy Rights
Data Privacy Rights. Pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”), California residents are entitled to certain data privacy rights:
- Right to Know (Specific Pieces of Personal Information). You have the right to know the specific pieces of your personal information that we have collected about you.
- Right to Know (Categories of Personal Information). You have the right to know (i) the categories of personal information we have collected from you; (ii) the categories of sources from which the personal information is collected; (iii) the categories of your personal information we have sold or disclosed for a business purpose; (iv) the categories of third parties to whom your personal information was sold or disclosed for a business purpose; and (v) the business or commercial purpose for collecting or selling your personal information.
- Right to Delete. You have the right to request that we delete your personal information that we have collected and retain.
- Right to Correct. You have the right to request that we correct inaccurate personal information that we have collected and retain.
- Nondiscrimination. You have the right not to be subject to discrimination for asserting your rights under the CCPA.
Submit a Privacy Request. To submit a privacy request, you (or your authorized agent) may contact us using the “Contact Us” section below. An authorized agent must be registered with the California Secretary of State to conduct business in California.
Privacy Request Verification Process. If you (or your authorized agent) make any request related to your personal information, Zenfolio will ascertain your identity (and the identity of the authorized agent, to the extent applicable) to the degree of certainty required or permitted under the law before addressing your request. In particular, Zenfolio will, to the extent required or permitted by law, require you (or your authorized agent) to verify your request via email, request certain contact information or government identifiers, and we will match at least two pieces of such personal information with data that we have previously collected from you before granting you access to, erasing, or correcting, specific pieces or categories of personal information, or otherwise responding to your request. We may require written documentation that demonstrates a third party is authorized to serve as your agent for the purposes of submitting the requests set forth herein, unless you have provided the authorized agent with power of attorney pursuant to California Probate Code §§ 4121 to 4130. None of the CCPA’s rights are absolute, and such rights are subject to legal and regulatory exceptions and exemptions. For more information about the CCPA, please see https://oag.ca.gov/privacy/ccpa.
Opt-Out Rights / Do Not Sell My Personal Information. California residents have the right to opt out of the “sale” of their personal information. However, Zenfolio does not sell your personal information to third parties for profit, or monetary or other valuable consideration, and therefore we do not provide opt-out request processes for the sale of personal information (because we do not undertake such activities).
Opt-Out Rights / Do Not Share My Personal Information. California residents have the right to opt out of the “sharing” of their personal information. Zenfolio uses third-party analytical and targeted advertising features on our Site and similar web tools provided by our marketing partners, and such features, tools and marketing relationships involve the disclosure of your personal information to third parties and may constitute the “sharing” of your personal information for CCPA purposes. To opt out of this sharing of your personal information in these circumstances, please click on the cookie management tool (sometimes visible as a “Your Privacy Choices” or a “Do Not Sell/Share My Personal Information” link) on the footer of the Site to set your cookie preferences. You, or your authorized agent, may also contact us in accordance with the “Contact Us” section listed below.
Children. The Site is not directed at, and should not be used by, minors under the age of sixteen (16), and therefore Zenfolio does not knowingly sell or share the personal information of minors under sixteen (16) years of age.
Limit Use of Sensitive Personal Information. Zenfolio does not use or disclose sensitive personal information for reasons other than those set forth in the CCPA, and therefore we do not provide individuals with the ability to limit how we use or disclose such sensitive personal information.
California “Shine the Light.” Under California Civil Code Section 1798.83 (“Shine the Light”), California residents have the right to request in writing from businesses with whom they have an established business relationship: (a) a list of the categories of personal information, as defined under Shine the Light, such as name, email address, and mailing address, and the type of services provided to the customer that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes; and (b) the names and addresses of all such third parties; however, we do not disclose personal data to third parties for their direct marketing purposes.
19. Nevada Privacy Rights
Zenfolio does not currently conduct “sales” of personal information for purposes of Nevada law. Notwithstanding the foregoing, Nevada residents may submit a request directing us to not sell personal information we maintain about them to third parties who will sell or license their information to others. If you would like to exercise this right, please contact us in accordance with the “Contact Us” section listed below.
20. European Union (EU), Switzerland, and the United Kingdom (UK)
Data Protection Rights. If you are located in the EU, Switzerland, or the UK, you have the following data protection rights:
- Right to Know: The right to know about what personal information Zenfolio collects and processes about you, including the types and categories of personal information we collect and process, the sources of such personal information, our retention criteria, with whom we share your personal information, information on any cross-border data transfers, and how to file complaints and inquiries.
- Automated Decision Making. Zenfolio does not engage in any activity that subjects our customers, Site users, survey participants, or others to a decision based solely on automated processing, including profiling, which produces legal effects, or similarly significant results, impacting them.
- Access Rights. You may ask us whether we process any of your personal information and, if so, you may request to receive access to such personal information. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal information concerned as well as any other information necessary for you to exercise the essence of this right.
- Rectification. You have the right to have your personal information corrected/rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal information about you and, taking into account the purposes of the processing, update any incomplete personal information, which may include the provision of a supplementary statement.
- Erasure. You have the right to have your personal information erased, which means the deletion of your personal information by us and, where possible, any other controller to whom your data has previously been disclosed. However, your right to erasure is subject to statutory limits and prerequisites (e.g., where your personal information is no longer necessary in relation to the initial purposes for which it was processed, your personal information was processed unlawfully).
- Restriction of Processing. You have the right to obtain the restriction of the processing of your personal information, which means that we suspend the processing of your personal information for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your personal information is contested but we need time to verify the inaccuracy (if any) of your personal information.
- Data Portability. You have the right to request us to provide you with your personal information in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible.
- Right to Object. You have the right to object to the processing of your personal information, which means you may request us to no longer process your personal information. This only applies in case the “legitimate interests” ground (including profiling) constitutes the legal basis for processing (see below “Legal Basis for Processing”). However, at any time (and free of charge) you can object to having your personal information processed for direct marketing purposes.
- Withdrawing Consent. You also may withdraw your consent at any time if we are solely relying on your consent for the processing of your personal information. However, this will not impact our legal basis to process such personal information prior to the withdrawal of your consent.
To exercise any of these data privacy rights, please contact us, or have your designated agent contact us, in accordance with the “Contact Us” section listed below. To the extent permitted by law, we will need to verify your identity (or the identity of your agent) and ensure the authenticity of your request.
Legal Basis for Processing. We process your personal information in accordance with the legal bases set forth in law. For example, our processing of personal information (as described herein) is justified based on the following legal grounds:
- Consent. Processing is based on your consent (e.g., you register to receive our marketing materials, you voluntarily contact us).
- Legitimate Interests. Processing is necessary for our legitimate interests as set out herein (e.g., monitoring your use of the Site and your compliance with the terms and conditions governing the same, improving our Services).
- Contract Undertaking. Processing is necessary for the performance of a contract to which you are a party (e.g., you purchase or consider purchasing our Services).
- Legal Compliance. Processing is required to comply with a legal or statutory obligation (e.g., tax disclosures).
Complaints. In the event you have concerns about our data processing, you have the right to file a complaint with your data protection authority.
- For data protection authorities in the EU, please see here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
- For the data protection authority in Switzerland, please contact the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch/edoeb/en/home.html).
- For the data protection authority in the UK, please contact the Information Commissioner’s Office (www.ico.org.uk).
We would, however, appreciate the opportunity to deal with your concerns before you approach a data protection authority with a complaint, and invite you to contact us in the first instance.
21. Do-Not-Track Signals
Some web browsers may transmit “do-not-track” signals to the website with which the user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they are even aware of them. Unless otherwise required by law, we currently do not take action in response to these signals.
22. Persons with Disabilities
Zenfolio strives to ensure that every person has access to information related to our Services, including this Privacy Policy. Please contact us if you would like this Privacy Policy provided in an alternative format, and we will seek to meet your needs.
23. Employment Applicants
As part of our recruitment and talent management process, we collect personal information with respect to individuals who are interested in working for us. In this context, we collect employment and application data, such as the following: contact information (e.g., name, title, residential or postal address, telephone number, and personal email address); information in a curriculum vitae, résumé, cover letter, or similar documentation; details regarding the type of employment sought, willingness to relocate, job compensation and benefit preferences; health data (e.g., medical conditions); information related to your background, education, criminal record, credit history and similar data; information provided about or by your references or other third parties related to your employment history, skills, qualifications, or education; and information related to previous applications to us or previous employment history with us. When permitted by law, we may collect information about your race and ethnicity to assist with our diversity and inclusion programs. We use this information for the following purposes: to identify and evaluate job applicants; to verify your information; to complete employment, education, background and reference checks; to communicate with you about the recruitment process and your application; to comply with our legal, judicial, regulatory, administrative, or other corporate requirements; to analyze and improve our application and recruitment process; to accommodate individuals who may have specialized needs during the employment process; and to protect the rights, interests, and property of our business, other job applicants, employees, or the public, as required, or permitted, by law. We share this personal information with third parties (see “Third-Party Disclosures”), and we may also use this employment and application data for any other purpose set forth in this Privacy Policy.
24. Events and Video Teleconferencing
Zenfolio hosts and uses video teleconferencing platforms to facilitate conferences, meetings, training events, and other programs. We often use online platforms that are owned and administered by a third-party service provider (e.g., Google, Zoom, WebEx, Skype for Business). Please be aware that our video teleconferencing may record the content, conversations, and discussions thereon, and such records may be stored or retained by our third-party service providers. By participating in our events and video teleconferencing, you hereby consent to the collection and retention of any information provided therein, and you hereby consent to the recording of such activities.
25. Changes to the Policy
We reserve the right to amend this Privacy Policy at any time. We will notify you if this Privacy Policy is amended by updating the “Last Updated” section listed above. It is your responsibility to periodically review the Privacy Policy to determine whether any amendments have been made hereto. Your use of the Services, and continued use of the Services after any amendments are made to this Privacy Policy, signifies your consent to this Privacy Policy and any amendments hereto. We may, in our sole discretion, provide you communications, including via email or text messages, about changes to our Privacy Policy; however, such communications do not abrogate or otherwise limit your responsibility to periodically review the Privacy Policy to determine whether any amendments have been made hereto.
26. Contact UsIf you have questions regarding this Privacy Policy or our handling of your personal information, would like to request more information from us, or would like to exercise a data privacy right, please contact us at any of the following: (email) [email protected] or (mail) Zenfolio Inc., Attn: Legal Department – Privacy, 303 Twin Dolphin Dr, 6th Flr, Redwood City, CA 94065.