- UID - a unique identification of your device.
- "IP to location" data - approximation of location to city/country level.
- Implicit PII - data collected with assumed consent (e.g. by tapping a sticker). This may include your IP address, "IP to location" data and user agent. Every data point contains a UID which allows data points to be associated with each other.
- Explicit PII - data collected with specific consent, such as your name or shipping address.
What data do we collect?
Tapping a sticker
We collect implicit PII.
We collect explicit PII, such as your name and address, so we can send you stickers and charge you in the right currency.
How do we use your data?
Tapping a sticker
- We provide analytics and an event log to our customers. They include "IP to location" data and user agent for each sticker. They don't include your IP address or your UID.
- We may perform retargeting and personalisation by your UID.
We use explicit PII to fulfill orders and for customer service. We don't use implicit PII or explicit PII for marketing.
How do we store your data?
We store all data in "Google Cloud Platform". We access data via our secure API and all requests are logged. Special privileges are required to access raw data.
What are my rights?
- Right to access - we will give you a copy of relevant explicit PII.
- Right to rectify - we will change relevant explicit PII if you believe is is incorrect or incomplete.
- Right to erasure - we will erase relevant explicit PII under any condition. We don't erase implicit PII. To disassociate yourself from implicit PII, clear your browser's "Local Storage".
- Right to restrict processing - you can ask us not to process relevant explicit PII. You can't ask us not to process implicit PII; we need it to make Sticky work.
- Right to portability - we will give you relevant explicit PII in any reasonable format.
To talk to us about any privacy concerns, e-mail email@example.com.
Engaging with kids
Sticky human-approves and human-moderates all Sticky applications. We ensure Sticky applications by customers operating an online service with an under 13 audience are compliant with kids' data privacy laws around the world.
To do that, we human-moderate the complete flow of Sticky applications which a customer has marked as "kid targeted" or we have reason to believe is "kid targeted" (including landing pages and social media links).
A "zero-data" standard is applied to applications which a customer has marked as "kid targeted" or we have reason to believe is "kid targeted". Sticky:
- Does not collect any implicit PII, explicit PII or "IP to location" data
- Does not create a UID (COPPA/GDPR-K "persistent identifier") so we cannot track any activity both between tapping stickers or online visits
It may be possible for elements of a Sticky application's complete flow to collect kids' PII if the customer has verifiable parental consent. Sticky will never ask for verifiable parental consent because we apply a "zero-data" standard.