1. Introduction
Social Creative (“we”, “our”, “us”) values and protects your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit socialcreative.co, subscribe to our services or purchase our products.
This policy complies with applicable privacy laws in the United Kingdom, the European Union, and Latin America, including but not limited to:
- UK GDPR & EU GDPR
- Brazil’s LGPD (Lei Geral de Proteção de Dados)
- Mexico’s LFPDPPP (Federal Law on Protection of Personal Data Held by Private Parties)
- Argentina’s PDPL and similar LATAM laws
2. Who We Are
Our website address is: https://socialcreative.co
3. Information We Collect
a. Personal Data You Provide
- Account & Subscription Info: Name, email, billing address, payment details (via e.g., Stripe, PayPal), subscription start/renewal/cancellation records.
- Order Data: Name, shipping address, phone number for online order delivery.
- Support Communications: Messages, emails, and inquiries you send to us.
- Comments: When visitors leave comments on the site, we collect the data shown in the comments form, the visitor’s IP address, and browser user agent string to help spam detection. An anonymized string (hash) from your email may be sent to the Gravatar service. The Gravatar privacy policy is available here: https://automattic.com/privacy/. After approval, your profile picture may be visible with your comment.
b. Automatically Collected Data
- Website Usage Data: IP address, device type, browser type, referral data, browsing behavior on our site.
- Cookies:
- If you leave a comment, you may opt-in to saving your name, email, and website in cookies (lasts 1 year).
- Temporary cookie on login page to check browser cookie support (discarded on close).
- Login cookies (2 days), screen settings cookies (1 year), “Remember Me” option (2 weeks).
- Post-edit cookies (expires after 1 day).
- Media Metadata: If you upload images, avoid including location data (EXIF GPS). Visitors can download and extract location data from such images.
c. NFC Wristband Data (if linked to our systems)
- Wristband serial/UID (not inherently personal).
- Interaction logs (e.g., taps, timestamps, location if enabled).
- Profile data you upload when configuring your wristband.
d. Embedded Content from Other Websites
Articles on this site may include embedded content (e.g., videos, images, articles). Embedded content behaves as if you visited the source website, which may collect data, use cookies, and track interactions.
4. How We Use Your Data
| Purpose | Legal Basis |
|---|---|
| Process subscriptions, orders, and payments | Contract performance |
| Ship products and provide services | Contract performance |
| Customer support and communication | Contract performance / Legitimate interests |
| Marketing emails (if opted in) | Consent |
| Website analytics & performance improvement | Legitimate interests / Consent (where required) |
| Fraud prevention, legal compliance | Legal obligation / Legitimate interests |
| Spam detection on comments | Legitimate interests |
5. Legal Basis and Consent
For EU/UK users, we rely on Consent, Contract, Legitimate Interests, and Legal Obligations under GDPR.
For LATAM users, we rely on Consent, Contractual Necessity, and other lawful grounds under applicable laws.
You may withdraw consent at any time by contacting us.
6. Your Privacy Rights
Depending on your country of residence, you may have the right to:
- Access your personal data.
- Rectify incorrect or outdated data.
- Cancel/Delete your data.
- Object to certain types of processing.
- Port your data to another service.
- Withdraw consent at any time.
For users in Mexico and certain LATAM countries, these are known as ARCO Rights (Access, Rectification, Cancellation, Opposition).
If you have an account on this site, or have left comments, you can request an exported file of your personal data, including any data you provided. You can also request erasure of your data, except where we must keep it for administrative, legal, or security purposes.
7. Data Sharing and Transfers
We may share your data with:
- Payment Processors (e.g., Stripe, PayPal)
- Shipping and Logistics Providers
- Analytics and Marketing Services (e.g., Google Analytics)
- Hosting and Technical Service Providers supporting our WordPress site
If you request a password reset, your IP address will be included in the reset email.
If your data is transferred internationally, we will ensure adequate safeguards under GDPR, LGPD, and other applicable laws.
8. Data Retention
- Comments and metadata: Retained indefinitely to recognize and approve follow-up comments automatically.
- Registered user profiles: Stored until the user deletes their account (except username, which cannot be changed).
- Account and order data: Retained as long as required for legal, tax, and service provision.
- Support communications: Stored for up to 2 years.
- Analytics logs: Aggregated/anonymized after approximately 12 months.
9. Security Measures
We use encryption (SSL/TLS), secure hosting, restricted access, and other measures to protect your data from unauthorized access, loss, or alteration.
10. Children’s Privacy
Our services are not directed to children under 16. We do not knowingly collect data from minors. If we become aware of such data, we will delete it promptly.
11. Where Your Data Is Sent
Visitor comments may be checked through an automated spam detection service.
12. Complaints
If you believe we have mishandled your data, contact us at info@socialcreative.co.
You may also file a complaint with your country’s Data Protection Authority, Brazil’s ANPD, Mexico’s INAI, or other relevant LATAM authority.
13. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Effective Date” at the very top of the page.