{"app":{"pageTitle":"Privacy Policy","viewComponent":"view-markdown","banners":[]},"view":{"markdown":"# Privacy Policy for Flattr [Privacy Notice (short version)](#Privacy-Notice) [Privacy Policy (long version)](#Privacy-Policy) [Privacy Information](#opt-in): Voluntary opt in to send anonymized data to us * [Declaration of Consent](#consent) * [Annex to Declaration of Consent: List of domains](#domains) ## Privacy Notice (short version) The following privacy notice shall provide you with a general overview about the collection and processing (hereinafter together referred to as "processing") of your personal data. For more information regarding our processing activities, please view our complete [Privacy Policy](#Privacy-Policy). [//]: # (Editor comment: The second level numbered list is styled to display letters instead of digits. Don't change that here.) ### What kind of personal data do we process? 1. While using the Flattr Extension (automatically). All data is saved locally in the Extension in your browser (**and will - without your prior consent - never be transferred to and/or accessed by us**) * Information relating the Extension itself: * Operating system * Extension state changes: * authentication * update and reason for update * Startup * Your interaction with the Extension: * Adding or removing domains to or from your own [flattr enabled/ disabled lists](https://flattr.com/faq) * Manually flattring URLs * Looking at your list of flattrs within the icon popup * Dismissing a notification * Your browsing behavior: * Interaction data * Browsing data * Navigation data 2. While using our websites: * Automatically: * The referrer URL, only when accessing our website via an Affiliate link * Aggregated analytics data * Voluntary: * Account registration data * Profile data * Bank details * Transaction data * KYC data * Anonymized Extension data (with prior opt-in only) * social media channels added to your profile * Newsletter: * Name * Email address 3. On our social media pages * Usage profiles ### How do we collect data? List of techniques and tools we use for data collection: 1. In connection with our Extension: * HTTP requests to the server 2. On our websites: * Cookies * Newsletter sign-up form 3. Data you provide to us via social media 4. In connection with our social media pages: * Cookies ### How and why do we process your data? * To provide our services to you * To improve and to evaluate Flattr * To create flattrs and contribute them * To analyze aggregated website logs to improve our website * To create custom ad audience and audience targeting, measure conversion rates and determine the effectiveness of marketing campaigns. * To send you newsletters, if requested * In connection with our social media pages, social networks use the data for market research and advertising purposes. ### How long do we keep data? #### Extension data: * Deleted in connection with Extension deletion: * Events, unless submitted to us * Flattrs * Session data * Domains (black-/whitelisted) * Events, you have actively submitted to us: 35 days after each beta feedback submission. * Daily deletion after history processing (unless it fails): * Session * Visits #### User profiles Kept for the term of the agreement, except for * number of flattrs, which are retained for a period of six (6) months after deletion of the account. * flattr with a receiving creator or publisher: connection to a Contributor automatically deleted after three (3) months after respective flattr. * unclaimed flattrs will be anonymized after one (1) month after used in a distribution. * profile name, flattred URL, except for domain and day of flattr, and the public profile of creators and publishers for a period of three (3) months. * URLs without a recipient for one (1) month after subscription period. #### Transaction data: * historic data for three (3) months * basic transaction data for tax purposes in accordance with tax retention periods #### Analytics data For 180 days. #### Data sent with your consent: Identifier will be removed three (3) months after submission. ### What is the legal basis of data processing? We process your personal data in compliance with the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the applicable EU laws and Swedish and German national data protection laws. ### Our values We collect as little data as possible. As far as anonymous or pseudonymous use is possible we anonymize or pseudonymize your data. ### What rights do you have? * Receiving and accessing information about the personal data stored by us about you. * Rectification of inaccurate personal data and restricting details. * Receiving your personal data in a structured, commonly used and machine-readable format, as well as having such data transmitted to another controller (‘data portability’). * Request erasure of your data, unless such data needs to be retained for legal purposes. * Object to the processing of your data. * including withdraw your consent at any time, when you have provided us with your consent to the processing of personal data. * Lodge a complaint with the respective supervisory authority. ### Questions? Email our [Data Protection Officer](#dpo) ## Privacy Policy (long version) Your protection and data confidentiality is of utmost importance to us (“**Flattr**” “**we**” “**our**”); that is why we take protecting your personal data very seriously and collect as little data as possible. Nevertheless, some personal data is necessary to provide the services of our website [flattr.com](https://flattr.com) (hereinafter referred to “**Website**”), and our extension (hereinafter referred to as “**Extension**”, Website and Extension hereinafter referred to as “**Services**”). This Privacy Policy shall inform you about the personal data we collect and how exactly that data is processed. We gather and use personal data firmly within the provisions of the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”), the applicable EU Laws and German and Swedish national data protection. In the following text we will inform you about the specific data, the scope and the purpose of the collection and use of personal data by us when using the Services, the legal basis for such collection and processing as well as your rights to protect your personal data. The Privacy Policy does not apply to the practices of third parties that Flattr does not own or control, or to individuals that Flattr does not employ or manage. “**You**”, “**Your**” and “**Yourself**” refer to anyone visiting our Website or using the Extension. ### Who is responsible for the data collection and processing (contacts)? #### Controller The legal person responsible for the collection, processing and / or use of personal data in connection with all Flattr Services (“**Controller**”) is: Flattr AB Box 4111 20312 Malmö Sweden ### Contact our Data Protection Officer If you have any questions regarding your personal data, please contact our Data Protection Officer: Cornelius Witt **Phone**: +49 (0) 221 / 6430 6371 **Email**: privacy {@} flattr.com **Fax**: +49 (0) 221 / 6430 6372 ### What is personal data? The purpose of data protection is to protect personal data. Personal data means any information relating to an identified or identifiable natural person (“**data subject**”). An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This information includes, for example, details such as name, postal address, email address or telephone number, but also nicknames and / or information about your interests. ### What kind of data do we [Collect](#definitions) and [Process](#definitions) and how? We [Collect](#definitions) and [Process](#definitions) as little data as possible to provide our services sufficiently. We do [Collect](#definitions) some, but very little, and not more than needed, (personal) data on (i) the Website and (ii) the Extension. PLEASE NOTE: “Collection” and “Processing” of personal data does not mean, that the data leaves your device. Most of the data the Extension [Collects](#definitions) and/or [Processes](#definitions) stays in your browser and remains under your control. As described in this Privacy Policy only a small amount of data and (wherever possible in pseudonymised form), will be transferred to us. We nevertheless, would like to inform you about every single details in connection with your personal data. #### Definitions “**Collection**” of/ To “**Collect**” personal data means any acquisition of data about you, including any accessing of personal data. “**Processing**” of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. ### [Collection](#definitions) and [Processing](#definitions) on our Website #### Affiliate program (automatically) When you enter via a link from one of our affiliate partners profile pages on Flattr.com, we also [Collect](#definitions) the profile on Flattr.com from which you are visiting us (referrer profile). This referer profile will only be [Processed](#definitions) for payouts to the respective affiliate under our affiliate program. #### Your Flattr account (mandatory) As the Extension’s main functionality is to contribute to the content that you love and for content creators or publishers to receive this money, to make use of all its advantages, independent from your role, you have to register by adding an email address and choosing a password. We may use your email address to verify it, to respond to your requests, send you reports, transfer subscription payments, etc. To create your account, you also need to enter your name and, if applicable, the name of your business, date of birth, nationality and your country of residence. This data is needed for [Processing](#definitions) transactions. Depending on your role, you need to provide us with additional personal data: ##### Contributor accounts / profiles As a user who is only using the Services for contributing to content (hereinafter referred to as “**Contributor**”), you must provide us with your payment information (e.g. credit card) in order to set a subscription and [process your contributions](#transactions) to content creators or publishers you have flattred. You can also use the automatic flattering of new content from content platforms and social networks. Therefore, you can grant us access to you list of social media subscriptions (for each social media network you would like to flattr channels automatically) and a the respective channel you wish to be flattred automatically. We do not store your list of subscriptions you have on the respective platform or social network. We are only storing the information about the channels you have added. You can remove channels at any time. The connection to a you as a Contributor to a flattr with a receiving creator or publisher will be deleted automatically three (3) months after you have flattred the respective content. We delete unclaimed flattrs after a second cycle, so users can see them for one (1) more month after they were used in a distribution. After, we only keep the anonymized statistics on a domain level. ##### Individual creator accounts As an individual content creator who can both receive payments and contribute to content, you must also enter payment information in order to [process your contributions](#transactions) to content creators you have flattred. For regulatory reasons, our payment provider must verify your account before you can withdraw any contributions. In this case, you need to provide our payment provider with a copy of your passport and a postal address. If you are representing a registered business, our payment provider will need further [information](#verification) in order to verify your account. For receiving contributions, you must also enter the website(s) where your content is published and / or log in to the respective social media platforms and create a public [profile](#profiles) on Flattr to help Flattr users to identify you more easily. Content creators can be individuals, organizations or businesses. ##### Publisher accounts As a business or organization publishing content, you must enter the website(s) where your content is published and / or connect any social media platforms you produce content on, as well as bank information, in order to receive contributions. This includes your postal address and details of your bank account. For regulatory reasons, our payment provider must verify your account before you can withdraw any contributions. This requires you to provide the payment provider with further [information](#verification). You also need to create a public [profile](#profiles) to help Flattr users to identify you more easily. ##### Profiles In order to help Flattr users to identify you more easily when contributing to your content, you need to create a public profile where you may enter a name, which will be displayed in connection with your profile, a profile headline and a description about you or the company you are representing. Furthermore, you may upload a company logo and / or a cover image. We delete the profile name, flattred URL, except for domain and day of flattr, and the public profile of creators and publishers after a period of three (3) months. URLs without a recipient will be deleted after one (1) month after the end of a subscription period. #### Transactions and [Collection](#definitions) of data (mandatory) All transactions will be carried out by an external payment provider via the payment provider’s system (currently MANGOPAY SA, seated in Luxembourg). Flattr only has access to those transactions for support reasons. Transaction data of contributions from Contributors to a publisher or a creator are deleted as follows: Historic data are kept for three (3) months and basic transaction data are kept in accordance with tax retention periods for tax purposes only. ##### Verification information (mandatory for payouts) Because of legal obligations related to the payment provider’s license as an Electronic Money Issuer, the payment provider must verify your account before you can withdraw any money. These verification obligations are necessary in order to fight fraud, money laundering and the financing of terrorism. The verification process requires you to upload specific information and / or documents, which will be uploaded and stored on our payment provider’s systems only. The documents will be solely used for authentication purposes. We do not have access to those documents. The information / documents you must upload include: * A scan of your or your legal representative’s passport/ID or other identification document. **For German users:** You are entitled, at your sole discretion, to redact the serial number and the access number on your ID and/or passport before uploading it. * A scan proving your registration as a company * A scan of the articles of association * A shareholder declaration #### Deletion of accounts When deleting an account, all account data will be deleted directly, except for the following data, which must be retained for accounting purposes and/or for providing the Flattr service for a short period and will be automatically deleted at the end of the respective period: 1. **Contributors**: Flattrs, meaning the number of flattrs including the flattred URL, will be retained for a period of six (6) months after deletion of the account. This is required for content creators’ and/or Publisher’s accounting. The flattrs cannot be connected to you. URLs without a recipient will be retained for one (1) more month after the end of the subscription period. 2. **Content creators/Publishers**: For accounting reasons the profile name, flattred URL and the public profile will be retained for a period of three (3) months. To address issues related to (suspected) fraud, messages to our support can be retained for a maximum period of six (6) months, including messages of an account deleted in the meantime. ### Newsletter Flattr provides You with various newsletter services free of charge. We use the newsletter to inform you about new products and send you general information about Flattr. You can choose which newsletters you would like to receive by ticking the respective boxes in your settings. **Of course you can unsubscribe the newsletter at any time by opting-out in your account settings. In addition, every newsletter contains the information on how you can unsubscribe the newsletter with effect for the future.** ### [Collection](#definitions) and [Processing](#definitions) in the Flattr Extension (automatically) For the purpose of providing the Services, which includes what content will be flattred, the Extension automatically [Collects](#definitions) data. The Extension runs in your browser on your device. **All data [Collected](#definitions) when using the Extension will be stored and [Processed](#definitions) in the Extension itself and will NOT be transferred to Flattr and / or eyeo GmbH (Flattr’s parent company) and, of course, not to any other third party, except for the URL you have flattered, which will be transferred to Flattr.** This data is used by the Extension to decide automatically when and what will be flattred. The Extension [Collects](#definitions) and [Processes](#definitions) the following data to flattr the respective content: #### Information related to the Extension (automatically) When using the Extension, we will automatically [Collect](#definitions) the following data: * Operating system * Extension state changes * authentication * update and reason for update * startup This information will be used for improving our Services and for security purposes. When connecting the Extension with your account, Extension ID and version will be exchanged with [flattr.com](https://flattr.com) for security reasons. #### Your browsing behavior in the Extension (automatically) The function of the extension is to determine what content (normally a URL) to flattr. **Within the Extension only**, we record interaction, browsing and navigation data to identify the content to flattr so your flattrs are actually given to the content you consume, you engage with and you pay attention to. This is only done locally in your browser and this data is never sent to us. **Within the Extension, meaning in your browser, under your control and not being sent to us**, current measures to detect activity / inactivity are * browsing data and timestamps, specifically URLs you visit (including previously visited pages) and the page title, on some multi-author pages (currently youtube.com only) the author of the respective webpage, * information about tabs (creating, selecting, moving or closing tabs in the user interface, including which window and at which position the tab was created, as well as which window created it in case of popups, and whether a tab is audible and/or muted and also when this status changes), * page load statuses to identify error pages, and browser idle state changes. Also **within the Extension, meaning in your browser, under your control and not being sent to us**, we record * interaction data and timestamps, specifically * the occurrence of mouse movement, * clicking, scrolling (including beginning and end scroll positions, as well as page width / height), * zooming (including the zoom level) and * the occurrence of keys being pressed. Even within the Extension, we never record your mouse position and / or the exact keys you press. Again please note, that this data is recorded only in the Extension and thus only on your device. **This data will never be sent to us or any other party.** It is used to determine your activity and engagement with sites and which sites will get your flattrs. This is how we guarantee the proper functioning of the extension and the payment to content creators. Only the information about which sites should receive your flattrs will be transferred and [Processed](#definitions) for the payment of the content creators. #### Recording of your interaction with the Extension The Extension (meaning in your browser, under your control and not being sent to us) records your interaction with the Extension, including timestamps, as follows: * Adding or removing domains to or from your own [flattr enabled/disabled lists](https://flattr.com/faq) * Manually flattring URLs * Looking at your list of flattrs within the icon popup * Dismissing a notification #### What happens when you flattr content? Content creators and publishers will be provided with information about the country where the Contributor that flattred the respective content is seated, as well as the amount of the contribution in order to fulfil tax law requirements and for reporting reasons. We will transfer this data in data sets; not individually and not containing any other information about you. #### Deletion of Extension data We delete all data collected in connection with the Extension as follows: Events, flattrs, session data and the domains, which you have black- and/or whitelisted will be deleted in connection with the deletion of the Extension. In case you should have actively submitted those data to us, we will delete the submitted data 35 days after successful submission. On a daily basis, we delete sessions and visits after the processing of the history, unless it fails. ### Necessary cookies We use cookies to recognize signed-in users or to store your privacy preferences. Cookies are small files that are stored on your computer with the help of your internet browser. These cookies are necessary to provide you with our services, are not evaluated in any other manner, and are never used to track Website visitors. If you do not want to enable cookies, you can opt against using them by selecting the appropriate settings on your browser. Please note that the efficiency and range of Flattr's services may be restricted as a result. ### [Collection](#definitions) and [Processing](#definitions) on our social media presence In order to communicate with you, and to inform you about our activities and offers on social networks, we are active on Facebook, Instagram, Pinterest, Twitter and LinkedIn. In terms of Facebook, both Facebook and eyeo are jointly responsible for the processing of your personal data (“joint controller”, GDPR Art. 26), even if it is stored exclusively by the respective social network. Therefore, we still inform you about the data processing processes in connection with our presence on the respective social network as follows. If you follow our respective online presence on one or more of the social networks used by us, please note that your data may be processed outside the European Union / the European Economic Area. However, all the networks we use have agreed to comply with EU data protection standards. The social networks we use also process your data regularly for market research and advertising purposes. Based on your usage behavior and interests, the networks may create usage profiles which are used, for example, to place advertisements corresponding to your potential interests within and outside of the networks. For these purposes, cookies, which store your usage behavior and interests, as well as possibly also the devices you use, are regularly stored on your computer. For a detailed overview of the respective processing operations and opt-out options, please visit the website of each social network, listed below. For the assertion of your rights and requests for information, we also refer you to the respective social networks, where you can exercise your rights most effectively. This is because the social networks have access to your data and can therefore directly take appropriate measures and provide you with the respective information: * **Facebook** (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), Facebook Fan Page based on a joint controller agreement – Privacy Policy: https://www.facebook.com/about/privacy/, Opt-Out: https://www.facebook.com and http://www.youronlinechoices.com * **Instagram** (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Privacy Policy / Opt-Out: http://instagram.com * **Pinterest** (Pinterest Europe Ltd., Palmerston House, 2nd Floor, Fenian Street, Dublin 2, Ireland) – Privacy Policy: https://policy.pinterest.com/de/privacy-policy, / Opt-Out: https://policy.pinterest.com/de/privacy-policy#section-your-options * **Twitter** (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Privacy Policy: https://twitter.com, Opt-Out: https://twitter.com/personalization * **LinkedIn** (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) – Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out ### What is the purpose of data processing and what is the legal basis? We process personal data in compliance with the European General Data Protection Regulation (Regulation (EU) 2016/679) (“**GDPR**”) and the applicable German and Swedish national data protection laws: #### Processing is necessary for taking steps prior to enter into a contract (Art. 6 (1) b GDPR) All data you provide us with in connection with the use of Flattr, including your account and when using the Extension, is necessary for the sole purpose of providing you with our services, as transferring the contributions to the Creators and Publishers. If you do not open an account or - as a Contributor - do not install the Extension you cannot fully use our services. #### Collection and processing is necessary for compliance with a legal obligation to which the controller is subject – Art. 6 (1) c GDPR Collection and processing of your personal data may be necessary for compliance with a legal obligation to which we are subject under EU laws or the laws of a EU Member State. #### Processing is necessary for the purposes of eyeo’s legitimate interests (Art. 6 (1) f GDPR) The collection and processing may be necessary for the purposes of our legitimate interests. If this will be the case we will inform you accordingly. #### Processing is based on your consent (Art. 6 (1) a GDPR) When subscribing for our [newsletter](#newsletter), you provide us with your consent, which legitimizes the use of your email address in accordance and to the extent of your consent. ### International data transfers For some parts of our hosting we use a non-EU/EEA service provider called Cloudflare, Inc., seated in San Francisco (United States). We have carefully selected Cloudflare and review it regularly to ensure that your privacy is preserved. The service provider provides sufficient guarantees to ensure an adequate level of data protection and may only use the personal data for the purposes stipulated by us and in accordance with our instructions. We also contractually require the service provider to treat your personal data solely in accordance with this Privacy Policy and the European data protection laws. In order to ensure an adequate level of data protection, we have entered into the EU Standard Contractual Clauses (processors) - Commission Decision 2021/914. You can request a copy by contacting us at privacy[at]flattr.com. ### Do we disclose any personal data? Except as explicitly mentioned in this Privacy Policy, we will not transfer your personal data to third parties as a matter of course without letting you know in advance or asking for your prior permission. We may only transfer your personal data to third parties without informing you separately beforehand in the following exceptional cases as explained below: * For hosting purposes, we work with service providers, who will only access and process any of your personal data to the extent required for support purposes and only under our instructions. This is safeguarded by data processing agreements. * If required for legal proceedings / investigations, personal data will be transferred to the criminal investigation authorities and, if appropriate, to injured third parties. We will only do this if there are concrete indications of illegal and / or abusive behavior. We are also legally obliged to give certain public authorities information. These are criminal investigation authorities, public authorities who prosecute administrative offences entailing fines, and finance authorities. * As part of the further development of our business, it may happen that the structure of Flattr AB changes. The legal structure may be adapted, subsidiaries, business units or components may be created, bought or sold. In such transactions, customer information may be shared with the transmitted part of the company. In the event of a transfer of personal information, Flattr will ensure that it is done in accordance to this Privacy Policy and Swedish data protection laws. ### What rights do you have? In compliance with the GDPR and the applicable EU laws and German national data protection laws and to the extent legally permitted, you have the following rights to protect your personal data collected and processed by us: #### Information, access, rectification and restriction rights Naturally you have the right to receive, upon request, information about the personal data stored by us about you and how we [Process](#definitions) your personal data. Where that is the case, you have the right to gain access to such personal data stored by us. You have the right to request from us the rectification of inaccurate personal data, if any. Taking into account the purposes of [Collecting](#definitions) and [Processing](#definitions) your data, you have the right to have incomplete personal data completed. You also have the right to request restriction of [Processing](#definitions). #### Data portability You also have the right (1) to receive all personal data concerning you and which you have provided to us, in a structured, commonly used and machine-readable format and (2) to transmit those data to another controller. #### Erasure of your data You have the right to demand from us the erasure of your personal data, where - inter alia - one of the following grounds applies: * If we no longer need your personal data for the aforementioned purposes. * If you withdraw your consent on which the collection and processing is based on Article 6 (1) a GDPR and where there are no other legal grounds for collection and processing. * If you object to the collection and processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for collection and processing. Please note, if data needs to be retained for legal purposes we will restrict the respective data. #### Right to lodge a complaint with a supervisory authority You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR. #### Right to object to the processing of your data You have the right to object at any time to the collection and/or processing of your personal data on grounds relating to your particular situation, where collection and processing is based on our legitimate interest (Art. 6 (1) f GDPR). #### Right to withdraw your consent at any time You have the right to withdraw your consent at any time, if you have provided us with your consent to the collection and processing of your personal data for one or more specific purposes. The withdrawal of your consent does not affect the lawfulness of processing based on the consent before its withdrawal. #### How to exercise your rights To exercise your rights, please contact us via or mail to: Flattr AB Box 4111 20312 Malmö Sweden [flattr.com/contact](https://flattr.com/contact) ### California Privacy Notice This section only applies to California residents. It explains how we collect and use Personal Information as well as the rights available to California residents under the California Consumer Protection Act (“CCPA”). The words in this section have the same meaning given to them in the CCPA. Please note that the words as described under the CCPA may be broader than their common meaning. "**Personal Information,**" for example, refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, to you or your household. Personal Information does not include information that is aggregated or information that cannot be reasonably linked to you. #### What Personal Information we collect and how we use it In order to provide you with our products and services (“Products”), we must process certain Personal Information about you. We do not sell any of your Personal Information, and we never will. For a detailed explanation about the kinds of information that we collect and how we use it, please review the information provided above. Here is a summary of the CCPA categories of Personal Information that we may have collected about you over the past 12 months: * Identifiers; * Internet or other electronic network activity information, including information about your browser, extension, and operating system; * Geolocation data; * Financial information; and * Inferences drawn from any of the information identified that reflect your preferences and attitudes. We may have collected these categories of Personal Information for the following business purposes: * To personalize the Products we provide to you; * To evaluate and improve our Products; * To facilitate transactions in connection to your use of our Products; * To provide limited analytic services; * To communicate with you; * To ensure security and functionality of our Products; and * To perform other business purposes. #### How we share Personal Information Subject to the limitations in this Privacy Policy, we share your Personal Information with external vendors (“Service Providers”) that are contractually prohibited from retaining, using, or disclosing Personal Information for any purpose other than the specific business purposes described in the contract. These Service Providers include: * Service providers that analyze your use of our website and test the accompanying data; and * Service providers that facilitate hosting services in connection with your use of our Products. #### Sources from which we collect Personal Information We receive Personal Information from you, our websites, and our external service providers. The categories of sources from which we have collected or received Personal Information include: * You/Your Flattr accounts and profile: We collect information to register and verify your accounts and profiles, including payment information, a copy of your passport, a postal address, and other information necessary to comply with applicable fraud, money laundering, and anti-terrorism regulations. We may also collect information about the content that you publish in connection with our Products and any information that you volunteer to improve our Products. * Our Websites: We collect information about how you interact with and use our websites. We also collect information related to your Flattr account and profiles and any affiliate programs that you participate in. * Your Social Media Profiles: We collect information about your social media subscriptions, if you choose to contribute to content in that manner. * Service Providers: We engage vendors to perform business purposes on our behalf and share information with them to provide us with such business purposes including, analytics and hosting of Products. #### What are your rights under the CCPA? The CCPA provides you with the following rights: * Right to Know: you have the right to request that we disclose to you the categories of Personal Information that we have collected, the categories of sources from which we have collected the Personal Information, the business purpose for collecting Personal Information, the categories of third parties with whom we have shared Personal Information, and the specific pieces of Personal Information about you that we have collected; * Right to Request Deletion: you have the right to request that we delete any Personal Information about you that we have collected; and * Right to Non-Discrimination: we will not discriminate against you for exercising any of these rights. Please note that we have a duty to verify your identity whenever you exercise your Right to Know and/or your Right to Request Deletion. In order to do so, we will request Personal Information from you to match against the Personal Information in our records. In some cases, we may also request additional documentation to verify your identity. Please also note that the CCPA allows you to exercise these rights yourself or to designate an authorized agent who will exercise these rights on your behalf. In the event that an authorized agent exercises rights on your behalf, we may request a written permission from you that establishes the individual as your authorized agent as well as other information necessary to verify the identity of the authorized agent. To exercise any of these rights, please submit a request to privacy@eyeo.com. #### Contact for more information If you have any questions about this section or how to exercise your rights under the CCPA, please [contact us](#dpo). ### Changes to the Privacy Policy As our Services evolve, we may change this Privacy Policy from time to time. The respective current version is available at [flattr.com/privacy](https://flattr.com/privacy). We encourage you to check the Privacy Policy frequently to see if it has changed. April 2021 ________________ # Privacy Information: Voluntary opt in to send anonymized data to us We are continuously improving the Extension. If you want to support us in improving the Extension, you can allow the Extension to transfer the above mentioned data to Flattr and eyeo GmbH by explicitly opting in to such a transfer. Depending on the status of our improvement, we may need different data. Such data will be restricted to the data listed in the Declaration of Consent and will be only transferred if you opt in to provide us with beta feedback. Please find the respective Declaration of Consent [here](#consent). You can opt out from this at any time in the settings of the Flattr extension. Three (3) months after you have sent it to us, we will delete your email address. ## Anonymization of your data when providing feedback In order to protect your personal data, all URLs, page titles, domains (except the ones stated below) and authors of the content viewed on the respective domain will be replaced by an increasing series of numbers before sending the information to our servers, which are protected by TLS encryption. Thus, we do not know what you have been surfing, only the fact that you have been surfing. Because we might develop customized solutions for multi-author platforms in order to pay out the respective author that has been flattered, the domains (and only the domains, not the URLs) of multi-author platforms, as but not limited to Youtube.com and Wordpress.com (full list [here](#domains), will not be replaced by an increasing series of numbers. We do not combine the [Collected](#definitions) data with any other information about you. The data we [Collect](#definitions) is statistical data, therefore we do not know who generated it. May 2018 ________________ # Declaration of consent This opt in is voluntary and applies only in the instance where you want to provide us with anonymized data to improve our algorithm. **Version** 2.0 **Period** 24 October 2017 until now **Text of declaration of consent** **You can revoke your consent at any time by visiting this page and clicking the button below.** You hereby declare that the following data will be transferred to eyeo GmbH, Germany, and [Processed](#definitions) for the purpose of improving the Extension and the underlying algorithm: * URLs and domains you visit, which will be anonymized before sending * Author of the respective website (if applicable) * Some [domains](#domains), which will not be be anonymized * Interaction with Website * mouse movement * mouse clicking * scrolling, including scroll positions, as well as page width/height * zooming, including the zoom level * keys pressed * Creating, selecting, moving or closing tabs in the User Interface, including which window and at which position the tab was created, as well as which window created it in case of popups * Adding or removing domains to or from your [flattr enabled/disabled list](https://flattr.com/faq) * Browser idle state changes * Manually flattring URLs [https://flattr.com/faq](https://flattr.com/faq)** We do not combine the [Collected](#definitions) data with any other information about you. The data we [Collect](#definitions) is statistical data, therefore we do not know who generated it. 1.0 3 May 2017 until September 30, 2017 **You can revoke your consent at any time with future effect by sending a message to us via [www.flattr.com/contact](www.flattr.com/contact).** **By checking the box, you hereby declare that the following data will be transferred to eyeo GmbH, Germany, and processed for the purpose of improving the Extension and the underlying algorithm**: * URLs and domains you visit, which will be anonymized before sending * Author of the respective website (if applicable) * Some [domains](#domains), which will not be be anonymized * Interaction with Website * mouse movement * mouse clicking * scrolling, including scroll positions, as well as page width/height * zooming, including the zoom level * keys pressed * Creating, selecting, moving or closing tabs in the User Interface, including which window and at which position the tab was created, as well as which window created it in case of popups * Adding or removing domains to or from your [flattr enabled/disabled list](https://flattr.com/faq) * Browser idle state changes * Manually flattring URLs [https://flattr.com/faq](https://flattr.com/faq) We do not combine the collected data with any other information about you. The data we collect is statistical data, therefore we do not know who generated it. ________________ ## List of domains that are not anonymized This only applies if you opt in to voluntarily providing us with anonymized data to improve our algorithm. URLs and authors on those domains will still be anonymized. * 500px.com * deviantart.com * facebook.com * flickr.com * github.com * instagram.com * linkedin.com * livejournal.com * medium.com * soundcloud.com * tumblr.com * twitch.tv * twitter.com * vimeo.com * wordpress.com * youtube.com "},"notifications":[]}