Privacy Policy for Flattr

Privacy Policy
Declaration of Consent
Annex to Declaration of Consent: List of domains


Your protection and data confidentiality is of utmost importance to us (“Flattr” “we” “our”); that is why we take protecting your personal data very seriously. Nevertheless, some personal data is necessary to provide the services of our website flattr.com (hereinafter referred to “Website”), and our extension (hereinafter referred to as “Extension”, Website and Extension hereinafter referred to as “Services”). This Privacy Policy shall inform you about the personal data we collect and how exactly that data is used. We gather and use personal data firmly within the provisions of the data protection laws of Sweden. In the following text we will inform you about the specific data, the scope and the purpose of the collection and use of personal data by us when using the Services.
The Privacy Policy does not apply to the practices of third parties that Flattr does not own or control, or to individuals that Flattr does not employ or manage.
You”, “Your” and “Yourself” refer to anyone visiting our Website or using the Extension.

Who is responsible for the data processing?

The legal person responsible for the collection, processing and / or use of personal data in connection with all Flattr Services (“Controller”) is:

Flattr AB
Box 4111
20312 Malmö
Sweden

If you have any questions regarding your personal data, please contact us at flattr.com/contact.

What is personal data?

The purpose of data protection is to protect personal data. Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This information includes, for example, details such as name, postal address, email address or telephone number, but also nicknames and / or information about your interests.

What kind of data do we collect and process and how?

We collect as little data as possible to provide our services sufficiently. We do collect some, but very little data on (i) the Website and (ii) the Extension.

Website

Website logs

When you use the Website, we automatically record website logs and thereby collecting the following traffic data for technical and for security reasons only:

  • IP address
  • Internet Service Provider (ISP) information
  • Date and time of access
  • Operating system
  • Browser type / version
  • URL of previously visited webpage
  • Amount of data sent
This data is stored purely for technical reasons and cannot be linked to any individual person. We are not combining the website log data with any other information about you.

Your Flattr account

As the Extension’s main functionality is to contribute to the content that you love and for content creators or publishers to receive this money, to make use of all its advantages, independent from your role, you have to register by adding an email address and choosing a password. We may use your email address to verify it, to respond to your requests, send you reports, transfer subscription payments, etc.

To create your account, you further need to enter your name and, if applicable, the name of your business, date of birth, nationality and your country of residence. This data is needed for processing transactions.

Depending on your role, you need to provide us with additional personal data:

Contributor accounts

As a user who is only using the Services for contributing to content (hereinafter referred to as “Contributor”), you must provide us with your payment information (as credit card) in order to process your contributions to content creators or publishers you have flattred.

Individual creator accounts

As a individual content creator who can both receive payments and contribute to content, you must also enter payment information in order to process your contributions to content creators you have flattred. For regulatory reasons, our payment provider must verify your account before you can withdraw any contributions. In this case, you need to provide our payment provider with a copy of your passport and a postal address. If you are representing a registered business, our payment provider will need further information in order to verify your account.

For receiving contributions, you must also enter the website(s) where your content is published and / or log in to the respective social media platforms and create a public profile to help Flattr users to identify you more easily.

Content creators can be individuals, organizations or businesses.

Publisher accounts

As a business or organization publishing content, you must enter the website(s) where your content is published and / or connect any social media platforms you produce content on, as well as bank information, in order to receive contributions. This includes your postal address and details of your bank account.

For regulatory reasons, our payment provider must verify your account before you can withdraw any contributions. This requires you to provide the payment provider with further information.

You also need to create a public profile to help Flattr users to identify you more easily.

Profiles

In order to help Flattr users to identify you more easily when contributing to your content, you need to create a public profile where you may enter a name, which will be displayed in connection with your profile, a profile headline and a description about you or the company you are representing. Further, you may upload a company logo and / or a cover image.

Transactions and collection of data

All transactions will be carried out by an external payment provider via the payment provider’s system (currently MANGOPAY SA, seated in Luxembourg). Flattr will have access to those transactions for support reasons.

Verification information

Because of legal obligations related to the payment provider’s license as an Electronic Money Issuer, the payment provider must verify your account before you can withdraw any money. These verification obligations are necessary in order to fight fraud, money laundering and the financing of terrorism.
The verification process requires you to upload specific information and / or documents, which will be stored on our payment provider’s systems.
The information / documents you must upload include:

  • A copy of your or your legal representative’s passport
  • A copy proving your registration as a company
  • A copy of the articles of association
  • A shareholder declaration
  • Other documents proofing the identity, if required

Waiting list for beta access

We are currently working on a new version of Flattr. If you want to get early access to this product and / or release information, you can sign up for the waitlist. We need your email address in order to send you the invite once you can get access to the beta. You can enter your email address on our Website's homepage, which is available at flattr.com. We will store and use your email address solely to send you this invite and / or release information.
For the provision of our waitlist service for early access at flattr.com, we use the beta management tool Prefinery which is provided by the service provider Compulsivo, Inc., 1108 Lavaca St Ste 110-318, Austin, TX 78701 (“Compulsivo”). Compulsivo is certified under the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Compulsivo uses your email address solely for the purposes stated in this privacy policy and in accordance with our instructions.

Flattr Extension

For the purpose of providing the Services, which includes what content will be flattred, the Extension automatically collects data. The Extension runs in your browser on your device. All data collected when using the Extension will be stored and used in the Extension itself and will not be transferred to Flattr and / or eyeo GmbH (Flattr’s parent company) and, of course, not to any other third party, except for the URL you have flattered, which will be transferred to Flattr. This data is used by the Extension to decide automatically when and what will be flattred. The Extension collects and uses the following data to flattr the respective content:

Information related to the Extension

When using the Extension, we will automatically collect the following data:

  • Extension ID and version
  • Operating system
  • Extension state changes
    • authentication
    • update and reason for update
    • startup
This information will be used for improving our Services and for security purposes.

Extension ID and version will be exchanged with flattr.com for the purposes of transferring flattrs.

Your browsing behavior in the Extension

Please note that we never record your mouse positions and / or the exact keys you press when interacting with the Extension. We only record the fact that these events have occurred and only within the Extension. Navigation, movements and clicks will be recorded within the extension, including time stamps. This includes the following data:

  • URLs you visit, including ones that were open when enabling the Extension and the page title
  • Author of the respective website (if applicable)
  • Interaction with Website
    • mouse movement
    • mouse clicking
    • scrolling, including beginning and end scroll positions, as well as page width / height
    • zooming, including the zoom level
    • keys pressed
  • Creating, selecting, moving or closing tabs in the User Interface, including which window and at which position the tab was created, as well as which window created it in case of popups
  • Browser idle state changes

Recording of your interaction with the Extension

Further, the Extension records your interaction with the Extension, including time stamps, as follows:

What happens when you flattr content?

Content creators and publishers will be provided with information about the country where the Contributor flattered the respective content is seated, as well as the amount of the contribution in order to fulfil tax law requirements and for reporting reasons. We will transfer this data in data sets; not individually and not containing any other information about you.

What will happen if I opt in to provide beta feedback to Flattr?

We are continuously improving the Extension. If you want to support us in improving the Extension, you can allow the Extension to transfer the above mentioned data to Flattr and eyeo GmbH by explicitly opting in to such a transfer. Depending on the status of our improvement, we may need different data. Such data will be restricted to the data listed in the declaration of consent and will be only transferred if you opt in to provide us with beta feedback. Please find the respective declaration of consent here. You can opt out from this at any time in the settings of the Flattr extension.

Anonymization of your data when providing feedback

In order to protect your personal data, all URLs, page titles, domains (except the ones stated below) and authors of the content viewed on the respective domain will be replaced by an increasing series of numbers before sending the information to our servers, which are protected by TLS encryption. Thus, we do not know what you have been surfing, only the fact that you have been surfing.

Because we might develop customized solutions for multi-author platforms in order to pay out the respective author which has been flattered, the domains (and only the domains, not the URLs) of multi-author platforms, as but not limited to Youtube.com and Wordpress.com (full list here), will not be replaced by an increasing series of numbers.

We do not combine the collected data with any other information about you. The data we collect is statistical data, therefore we do not know who generated it.

Google Analytics

We use Google Analytics on our Website, a web analysis service of Google Inc. ("Google"). Google Analytics uses so-called "cookies" (text files that are stored on your computer and enable you to analyze your use of our Website). The information generated by the cookie on your use of our Website (including your abbreviated IP address) is transmitted to a Google server in the United States and are stored there. Google will use this information to assess your use of our Website, to compile reports on the activities for us and to provide more services connected with use of our Website and the internet. It is also possible that Google may transmit this information to third parties if this is required by law, or if third parties process this information on behalf of Google.
You can deactivate Google Analytics by means of a browser add-on if you do not want to participate in Website analysis. You can download this here:
http://tools.google.com/dlpage/gaoptout?hl=de

Cookies

Flattr may store cookies in order to provide you with comprehensive features and improved ease of use when navigating our Website. Cookies are small files that are stored on your computer with the help of your internet browser. If you do not want to enable cookies, you can opt against using them by selecting the appropriate settings on your internet browser. Please note that the efficiency and range of our services may be restricted as a result.

Do we disclose any personal data?

We will not transfer your personal data to third parties as a matter of course without letting you know in advance or asking for your prior permission. We may only transfer your personal data to third parties without informing you separately beforehand in the following exceptional cases as explained below:

  • If required for legal proceedings / investigations, personal data will be transferred to the criminal investigation authorities and, if appropriate, to injured third parties. We will only do this if there are concrete indications of illegal and / or abusive behavior. We are also legally obliged to give certain public authorities information. These are criminal investigation authorities, public authorities who prosecute administrative offences entailing fines, and finance authorities.
  • As part of the further development of our business, it may happen that the structure of Flattr AB changes. The legal structure may be adapted, subsidiaries, business units or components may be created, bought or sold. In such transactions, customer information may be shared with the transmitted part of the company. In the event of a transfer of personal information, Flattr will ensure that it is done in accordance to this Privacy Policy and Swedish data protection laws.

What rights do you have?

Naturally you have the right to receive, upon request, information about the personal data stored by us about you. You also have the right to correct inaccurate personal data and – to the extent legally permitted – to block and delete details. To do so, please contact us via flattr.com/contact or write to us at the above address.

Deletion of your data

If we no longer need your personal data for the aforementioned purposes, we will delete it and it will be no longer available for further use. Please note, if data needs to be retained for legal purposes we will block the respective data.
You can also delete all data stored in the Extension yourself by uninstalling the Extension.

Changes to the Privacy Policy

As our Services evolve, we may change this Privacy Policy from time to time. The respective current version is available at https://flattr.com/privacy. We encourage you to check the Privacy Policy frequently to see if it has changed.

May 2017