Effective date: 6 November 2019
“Account” means an account enabling a person to access and use the Services, including both administrator accounts, Customer and User accounts.
“Affiliate” means any entity which directly or indirectly controls, is controlled by, or is under common control with the subject entity.
“Control” for purposes of this definition, means direct or indirect ownership or control of more than 50% of the voting interests of the subject entity.
“Authorisation” the set of rights and privileges on the Platform assigned to a User by a Customer.
“Customer” means all natural persons or other subjects who use the Services.
“Customer Data” means the files and any other digital data and information, which is subjected to the Services or otherwise inserted to the System by the Customer.
“Services” include any and all services provided by the Company and as requested by Customers.
“System” means the integrated cloud computing solution for providing the Services, including applications, software, hardware, data bases, interfaces, associated media, documentation, updates, new releases and other components or materials provided therewith.
“Personal Data”means such data and information as set out in Section 2.
“Platform” means the platform managed by the Company and used by the Company to provide the Services, including the application and database software for the Services, the System and server software used to provide the Services, and the computer hardware on which that application, database, system and server software is installed.
“User” means a natural person granted with the Authorisation to use the Account on behalf of a Customer.
The Company only collects information wherever it is essential and only where it is relevant to our operations so as to be able to provide You with the best experience and service. The Company shall not collect, use or disclose Your Personal Data unless You give consent to us for the collection, use or disclosure of Your Personal Data. The Company promises to only collect and use Personal Data as mentioned below:
Contact information such as name, email address, mailing address, and phone number.
Billing information such as credit card details and billing address.
Profile information such as a username, and job title.
Preferences information such as notification and marketing preferences.
Information you provide to create an Account, specifically email address, first name and last name. If you sign up for Paid Services, we receive a portion of your payment information from our payment processor (such as the last four digits, the country of issuance and the expiration date of the payment card) and we ask you to select your jurisdiction.
Your marketing preferences.
The emails and other communications that you send us or otherwise contribute, such as customer support inquiries or posts to our customer message boards or forums. Please be aware that information on public parts of our sites is available to others.
Information you share with us in connection with surveys, contests or promotions.
Information from your use of the Services. This includes: IP addresses, preferences, web pages you visited prior to coming to our website, information about your browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), information about how you interact with the Services (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times, and problems you may encounter, such as loading errors).
Information we get from our partners to support our marketing initiatives, improve our Services and better monitor, manage and measure our ad campaigns, such as details about when our partner shows you one of our ads on or via its advertising platform.
Other information you submit to us directly.
The items so collected shall constitute “Personal Data”, which is defined under the Personal Data Protection Act of Singapore (the “PDPA”) to mean any data, whether true or not, about an individual who can be identified from that data or from that data and other information to which an organisation has or is likely to have access. Personal Data collected by the Company shall be subject to complete protection by the Company in accordance with applicable law.
COLLECTION OF PERSONAL DATA
Generally, the Company will collect Personal Data when You:
register on the Platform;
submit Personal Data to us voluntarily;
make payments to us, through our Platform or otherwise;
use the Services; or
establish contact with us through the site, by telephone, post, e-mail or through any other means.
When You browse our Platform, You generally do so anonymously. You will not be required to provide any personal details while browsing the Platform.
The Company collects Personal Data in two ways. The first is when You provide us with information while using the Platform, including filling out forms or contacting the Company using the given contact details. The second is when You browse the Platform, where technical non-identifiable data is collected.
You should ensure that all Personal Data that You submit to us is complete, accurate, true and correct. Failure on Your part to submit this information accurately may result in our inability to provide You with the best possible experience while using our Platform and any of our products.
Browsing the Platform will not require You to provide any personal details, so no sensitive Personal Data is automatically collected. You will remain anonymous and You will remain unidentified until You choose to register an Account on the Platform.
The Company will protect Your Personal Data in strict accordance with applicable laws, including in accordance with the provisions of the PDPA. Nevertheless, You acknowledge and agree that communications through the Internet are not entirely secure and that any information transferred to the Company is done so at Your own risk. The Company does not warrant or guarantee that the information You provide will not be accessed, copied, used, or disposed of in breach of its security measures, and You agree not to hold us liable or responsible for any loss or damage resulting therefrom. In the event of such a breach, the Company will, as far as reasonably possible, promptly notify all affected persons.
Unless required by law or a Court order or direction, or unless as relevant for the purpose stated:
The Company will not sell, share or trade Your Personal Data collected online with third parties, except unless strictly necessary to complete a payment or under a direction by a court of law or judicial authority; and
Personal Data collected online will be for internal Company use only, and will be viewed by Company employees on a strict need to know basis only.
By accepting these conditions, and by continuing to use the Platform, You agree and accept that all information provided by You will be true and will be kept up to date during Your continuing use of the Platform.
Customers and Users agree to provide up to date, accurate and correct personal information details, as requested by the Company. You agree that the Company shall not be liable for the misuse of any such details unless the misuse is as a result of the Company’s actions or proven gross negligence.
AGE OF CONSENT
By using the Platform, You represent that You are at least the age of 18 years old, or you have given us your consent to allow any of your minor dependents to use the Platform as the case may be.
The Company strongly encourages parents and guardians to supervise the online activities of their minor children and consider using parental control tools available from online services and software manufacturers to help provide a child-friendly online environment. These tools also can prevent minors from disclosing their name, address, and other personally identifiable information online without parental permission. Although the Platform are not intended for use by minors, the Company respects the privacy of minors who may inadvertently use the internet or the mobile application.
The Company will endeavour to ensure that all information collected is safely stored. The Company will protect all information by:
Implementing and maintaining security measures adequate to prevent the unauthorised collection, use, disclosure, copying, modification, and disposal of Your information;
Restricting third party access to Your Personal Data unless absolutely necessary; and
Not retaining Your Personal Data for any time period longer than required to fulfil the purpose(s) listed below.
COLLECTION AND USE OF DATA
The Company may use Your Personal Data for the purposes below if we deem it necessary to do so for its legitimate interests. If You are not satisfied by this, You have the right to object in certain circumstances (see the Section headed “Data Protection Rights” below).
Purposes for Collecting Personal Data
Generally, the Company may use Your information for the following:
Provision of the Services. Create and manage your Account, provide and personalise our Services, process payments and respond to your inquiries.
Communicating with you. Communicate with you, including by sending you emails about your transactions and Service-related announcements.
Surveys and contests. Administer surveys, contests and other promotions.
Promotion. Promote our Services and send you tailored marketing communications about products, services, offers, programs and promotions of Squarespace and our partners and measure the success of those campaigns. For example, we may send different marketing communications to you based on your subscription plan or what we think may interest you based on other information we hold about you.
Improving our Services. Analyse and learn about how the Services are accessed and used, evaluate and improve our Services (including by developing new products and services and managing our communications) and monitor and measure the effectiveness of our advertising. We usually do this based on anonymous, pseudonymised or aggregated information which does not focus on you individually. For example, if we learn that most Users of Paid Services use a particular integration or feature, we might wish to expand on that integration or feature.
Security. Ensure the security and integrity of our Services.
Third party relationships. Manage our vendor and partner relationships.
Enforcement. Enforce our Terms of Service and other legal terms and policies.
Protection. Protect our and others’ interests, rights and property (e.g., to protect our Users from abuse).
Complying with law. Comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts and law enforcement requests.
Processing Personal Data
We process your Personal Data for the above purposes when:
Consent. You have consented to the use of your Personal Data in a particular way. When you consent, you can change your mind at any time.
Performance of a contract. We need your Personal Data to provide you with services and products requested by you, or to respond to your inquiries. In other words, so we can perform our contract with you or take steps at your request before entering into one. For example, we need your email address so you can sign in to Account.
Legal obligation. We have a legal obligation to use your Personal Data, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.
Legitimate interests. We have a legitimate interest in using your Personal Data. In particular, we have a legitimate interest in the following cases:
To operate the Company business and provide you with tailored advertising and communications to develop and promote our business.
To analyse and improve the safety and security of our Services - we do this as it is necessary to pursue our legitimate interests in ensuring the Platform is secure, such as by implementing and enhancing security measures and protections and protecting against fraud, spam and abuse.
To provide and improve the Services, including any personalised services - we do this as it is necessary to pursue our legitimate interests of providing an innovative and tailored offering to our Users on a sustained basis.
To share your Personal Data with other Affiliates that help us provide and improve the Services.
To anonymise and subsequently use anonymised information.
Protecting you and others. To protect your vital interests, or those of others.
Others’ legitimate interests. Where necessary for the purposes of a third party’s legitimate interests, such as our partners who have a legitimate interest in delivering tailored advertising to you and monitoring and measuring its effectiveness or our Users who have a legitimate interest in having their sites function properly and securely and analysing the usage of their sites so they can understand trends and improve their services.
The Company is committed in its endeavour to comply with applicable law governing the protection of Personal Data. However, in exceptional circumstances, if the Company is required by law or by a court order or direction to disclose such Personal Data, we will do so.
DISCLOSURE OF PERSONAL DATA
The Company will take reasonable steps to protect Your Personal Data against unauthorised disclosure. Subject to the provisions of applicable law, the Personal Data will be used only for the purposes stated in Clause 6 above or to the following third parties, wherever located:
Company Affiliates. The Company will share information with its affiliates, who help us to provide and support our services and other business-related functions;
Banks, credit cards or service providers. The Company will share information with its third party service providers, who help us provide and support our services and other business-related functions;
Professional advisors such as lawyers or auditors;
Relevant government regulators, authorities, law enforcement agencies or a court of law. The Company will only disclose Personal Data when we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish, or defend our legal rights, or (iii) to protect Your vital interest or those of any other person;
Business transfers. If we're involved in a reorganisation, merger, acquisition or sale of some or all of our assets, your Personal Data may be transferred as part of that deal. You will be notified via email and/or a prominent notice on the Services of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data;
Service Providers, Business Partners and Others. The Company works with third party service providers to provide, hosting, back-up, storage, virtual infrastructure, payment processing and other services for us. These service providers may have access to or process your Personal Data for the purpose of providing those services for us; and
Any other person with Your consent.
We do not share Personal Data about you with third parties for their marketing purposes (including direct marketing purposes) without your permission.
Persons who register and have Accounts to use the Services on the Platform (“Users”) This section applies to all Customers and Users:
All the information provided to us by a User, including Personal Data or any sensitive personal information, is voluntary. You understand that we may use certain information of yours, which has been designated as Personal Data under the PDPA, (i) for the purpose of providing You the Services, (ii) for commercial purposes and in an aggregated or non-personally identifiable form for research, statistical analysis and business intelligence purposes, (iii) for sale or transfer of such research, statistical or intelligence data in an aggregated or non-personally identifiable form to third parties and affiliates. We also reserve the right to use information provided by or about the User for the following purposes:
Responding to queries and questions;
Verifying Your identity;
Providing You with: our software online, login authentication, age verification, remembering Your settings, processing payments and hosting back end infrastructure;
For managing the infrastructure and the business operations of the Company;
Protecting and enforcing the Company’s legal rights and obligations;
Compliance with applicable rules, laws and regulations, codes of practice or guidelines;
To maintain Your Account with us;
To verify Your particulars and payments in relation to the Services we provide to You;
To provide You with the Services You have signed up for and for improving and developing the Company’s software, services and Platform;
Traffic optimisation, data analytics and research, including profiling and the use of services such as Google Analytics, managing landing pages and heat mapping our Platform;
Sending You communications about our services, new content, products and features that You have agreed to receive;
Communicating with You, if required, to inform You of any new services or developments relating to the Company or the services we provide; or
Any purpose relating to the above.
If You have voluntarily provided your Personal Data to us for any of the purposes stated above, You hereby consent to such collection and use of such information by us.
You are responsible for maintaining the accuracy of the information You submit to us, such as your contact information provided as part of account registration. If your Personal Data changes, You may correct, delete inaccuracies, or amend information by making the change on your Account page or by contacting us at firstname.lastname@example.org. We will make good faith efforts to make requested changes in our then active databases as soon as reasonably practicable. If You provide any information that is untrue, inaccurate, out of date or incomplete (or becomes untrue, inaccurate, out of date or incomplete), or we have reasonable grounds to suspect that the information provided by You is untrue, inaccurate, out of date or incomplete, we may, at our sole discretion, discontinue the provision of our services to You. There may be circumstances where we will not correct, delete or update your Personal Data, including (i) where the Personal Data is opinion data that is kept solely for evaluative purpose; and (ii) the Personal Data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
If You wish to cancel your Account or request that we no longer use your information to provide You services, contact us through email@example.com. We will retain your information for as long as your account with the Services is active and as needed to provide You the services. We shall not retain such information for longer than is required for the purposes for which the information may lawfully be used or is otherwise required under any other law for the time being in force. After a period of time, your data may be anonymised and aggregated, and then may be held by us as long as necessary for us to provide our services effectively, but our use of the anonymised data will be solely for analytic purposes. Please note that your withdrawal of consent, or cancellation of Account may result in us being unable to provide You with our services or to terminate any existing relationship we may have with You.
If You wish to opt-out of receiving non-essential communications such as promotional and marketing-related information regarding the services, You may do so via your e-mail and/or Account.
We do not collect information about the visitors of the Platform from other sources, such as public records or bodies, or private organisations, save and except for the purposes of registration of the Users (the collection, use, storage and disclosure of which each user must agree to in order for us to effectively render the services).
We maintain a strict “No-Spam” policy, which means that we do not intend to sell, rent or otherwise give your e-mail address to a third party without your consent.
We have implemented best international market practices and security policies, rules and technical measures to protect the Personal Data that it has under its control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss. However, for any data loss or theft due to unauthorised access to the User’s electronic devices through which the User avails the services, we shall not be held liable for any loss whatsoever incurred by the User.
We implement reasonable security practices and procedures and has a comprehensive documented information security programme and information security policies that contain managerial, technical, operational and physical security control measures that are commensurate with respect to the information being collected and the nature of our business. The reasonable security practices and procedures implemented by us include, but not limited to: ensuring that any Personal Data is protected by password.
No administrator at the Company will have knowledge of your password. You accept that you are responsible for keeping confidential Your username and password to your Account. Be sure to log off from the Platform when finished. The Company does not undertake any liability for any unauthorised use of your account and password. If You suspect any unauthorised use of Your Account, You must immediately notify the Company by sending an email to firstname.lastname@example.org. You shall be liable to indemnify the Company due to any loss suffered by it due to such unauthorised use of your Account and password.
We take all reasonable steps to ensure that all unsolicited information is destroyed immediately.
Casual Visitors Note:
No sensitive personal data or information is automatically collected by us from any Visitors of the Platform, who are merely perusing the Platform.
If You, as a Visitor, have inadvertently browsed any other page of this Site prior to reading the privacy statements set out herein, and You do not agree with the manner in which such information is collected, processed, stored, used, disclosed or retained, merely quitting this browser application should ordinarily clear all temporary cookies installed by us. All Visitors, however, are encouraged to use the “clear cookies” functionality of their browsers to ensure such clearing / deletion, as we cannot guarantee, predict or provide for the behaviour of the equipment of all the visitors of the Site.
TRANSFER & STORAGE OF PERSONAL DATA
We ensure that Customer Data is secure from any outside intrusion.
The Platform is hosted with Amazon’s cloud service AWS. None of the AWS components or data stores can be accessed directly from outside the Company’s account.
Access to any data is only possible through the GUI or the APIs. Access to Customer Data is only available to limited our staff members. Access to Customer Data is not available to contractors or third parties.
Access to customer data
While we take reasonable efforts to guard your Personal Data, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.
Where data is transferred over the Internet as part of a Website or SaaS Product, the data is encrypted using industry standard SSL (HTTPS).
Note to residents of the European Union (EU)
Whenever the Company needs to transfer Your Personal Data out of the EU, we will require Your explicit consent. Please contact the Company if You want further information on the specific mechanism used by us when transferring Your Personal Data out of the EU.
YOUR DATA PROTECTION RIGHTS
You have the following data protection rights:
Right to Access. The right to request (i) copies of the Personal Data the Company holds about You at any time, or (ii) that the Company modify, update or delete such information. If the Company provides You with access to the Personal Data the Company holds about You, the Company will not charge for this, unless Your request is ‘manifestly unfounded or excessive.’ In situations where the Company is legally permitted to do so, we may refuse Your request. If the Company refuses Your request, we will tell You the reasons why;
Right to Correct. The right to have Your Personal Data rectified if it is inaccurate or incomplete;
Right to Erasure. The right to request that the Company delete or remove Your Personal Data from its systems;
Right to Restrict. The right to request that the Company restrict the processing of Your Personal Data;
Right to Data Portability. The right to request that the Company move, copy or transfer Your Personal Data;
Right to Object. The right to object to the Company’s use of Your Personal Data, including where we use it for its legitimate interests;
Withdrawal of Consent. Similarly, if Personal Data is collected or processed on the basis of consent, You can withdraw Your consent at any time. Withdrawing Your consent will not affect the lawfulness of any processing the Company conducted prior to Your withdrawal, nor will it affect processing of Your Personal Data conducted in reliance on lawful processing grounds other than consent; and
Right to Complain to a data protection authority. The right to complain to a data protection authority about the collection and use of Personal Data. For Singapore residents, please contact the Personal Data Protection Commission. Contact details for data protection authorities in the EEA are available here. For residents of jurisdictions other than Singapore or the EEA, please contact Your local data protection authority.
Please contact the Company at email@example.com if You wish to exercise any of Your rights above.
Furthermore, if You believe, that Your Personal Data may have been, or may imminently be in danger of being breached, or if You have reason to believe that such data may, for some reason, soon be breached please immediately contact the Company.
The Company may need to request specific information from You to help us confirm Your identity and ensure Your Right to Access Your Personal Data (or to exercise any of Your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
The Company will try to respond to all legitimate requests within one (1) month. Occasionally it may take longer than that if the request is particularly complex or You have made a number of requests. In this case, the Company will notify You and keep You updated.
When You interact with us on our Platform, You understand and accept that the Company uses “Cookies”, where a small data file is sent to Your browser to store and track certain anonymous information such as number of users, frequency of use and the number of page views (or page impressions) that occur on the Platform (“Aggregate Information”) about You when You use the Platform. Your Personal Data is not at risk in any way due to the implementation of the Cookies.
You can accept or delete cookies. For security reasons, You may wish to deactivate the storing of cookies or adjust Your browser to inform You before the cookies are stored on Your computer. However, please note that if You do erase or block the cookies, You may not be able to utilise some features on the Platform. In such situations, we shall not be held liable for any loss or damage resulting from your inability to use those features.
The Company may also collect your Internet Protocol (IP) address. Your Internet Service Provider allocates an IP address to your computer in order for it to access the Internet. The IP address is considered to be non-personal information and it may be dynamic (changing every time you connect to the Internet) or it may be static (unique to your computer). The Company collects your IP address in order to facilitate its administration and improvement of the Platform. The information derived from your IP address can help the Company diagnose server problems, report aggregate information, and determine the fastest route from your computer to the Platform.
We use the following cookies:
Strictly necessary cookies. These are cookies that are required for the operation of the Platform. They include, for example, cookies that enable You to log into secure areas of the Platform, using our online payment services;
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the websites when they are using it. This helps us to improve the way the Platform work, for example, by ensuring that users are able to use custom features;
Functionality cookies. These are used to recognise you when you return to our Platform. This enables us to personalise its content for You, greet You by name and remember your preferences (for example, your choice of language or region); and
Targeting cookies. These cookies record your visit to the Platform, the pages you have visited and the links you have followed. We will use this information to make the Platform and the advertisements targeted more relevant to your interests. We may also share this information with third parties for this purpose.
If a registered user uses the Platform; or accesses the Site after a notice of changes has been sent to You, or published on the Platform, You hereby provide your consent to the changed terms.
We will use reasonable efforts to respond promptly to any requests, questions or concerns, which You may have regarding our use of Your Personal Data.