Privacy policy

Last Revised: April 04, 2023

Here CRREO (also referred to herein as “we”, “us”, or “our”), protecting your privacy is our priority. For this reason, we collect and use personal information only as it might be needed for us to provide our users (collectively our “Users”) access to our website and its features, payment platform, marketing and analytics tools, and content creation and publication features (the “Site”), to improve the user experience for you and other Users of the Site, and to provide Users with opportunities to discover and interact with each other (collectively the “Services”).

Our Privacy Policy is intended to describe what data we collect, how we collect it, and how, when, and why we use your personal data. It also describes options we provide for you to access, update, or otherwise assume control of your personal data that we process.

By providing us with your personal information, you are consenting to the terms and conditions of this Privacy Policy. Please read it carefully. If you have any questions about our data collection or use practices or want to better understand your rights under this Privacy Policy, please contact our Data Protection Officer (“DPO”) at dpo@crreo.co.

If your content is listed on the Site without your knowledge or consent, please reach out to us as soon as possible at hello@crreo.co or follow the DMCA procedures outlined in our Terms of Service.

Compliance Statement

We at CRREO strive to uphold the highest standards of data and privacy protections. Regardless of where our customers are, we strive to adopt the principles and safeguards of both the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act of 2018 (CCPA). Your individual rights may be determined by the laws and regulations of the state and country in which you reside.

While we strive to materially comply with all federal, state, and local laws, you are personally responsible for ensuring that your use of the Site and our Services complies with all laws of the jurisdiction in which you reside.

How and why we collect your personal information

We at CRREO are defined by the General Data Protection Regulation (GDPR) as a “data controller”. This means that we collect your personal information for our own use in order to provide you full access to the Site and to provide our Services to you or for your benefit. Most of the personal information we collect is provided directly by you when you create an account through the Site or when you otherwise provide information to us when registering for our Services. For example, we may collect your email address if you register for our mailing list. This information is used to send you emails via a general mailing list which you are voluntarily subscribing to. As another example, we may collect your name, email address, your chosen username and password, payment information, and verification of your age. This information is used to create your user account, to verify your eligibility to receive the Services, and to provide you with the Services. As another example, we may collect your location data to allow us to comply with federal, state, and local laws, to improve the Site, and to tailor future design implements to our Users’ unique needs. As one final example, we may collect information pertaining to your unique interests to tailor default behaviors of the Site and the information the Site displays to you by default.

Information you might be expected to provide includes, without limitation:

- Full Name
- Username
- Password
- Age range
- Email address
- Phone number
- Samples or examples of prior created content
- Credit card or other payment information
- Information relating to the content (or types of content) you are creating or seeking

We collect your personal information for the limited purpose of providing the Services to you and our other Users. We also collect your personal information to allow us to tailor our current and future Services to better meet your needs and preferences, as well as to better understand how you and others use the Site so as to refine it and create an ever-improving user experience. Lastly, we may collect your personal information to provide targeted advertisements to you based on criteria provided by selected advertisers. We do not market or sell your personal information to advertisers or to other third parties.

Information Collected Automatically

As you use and access the Site, we (including any third parties providing web design, hosting, and related services to us) may use a variety of technologies to automatically collect information, including, without limitation:

- Usage Information. The Site collects usage data such as the source address from which a page request originates (i.e., your IP address, domain name, type of computer), date and time of the page request, the referring web site (if any), and other parameters in the URL (e.g., search criteria). We use this data, for example, to better understand the Site usage in the aggregate so that we know what areas of our Site users prefer based on the number of visits to those areas. This information is stored in log files and is used for aggregated and statistical reporting. It is not attributed to you as an individual – meaning log files are not associated with any particular user, computer, or browser.

- Location Information. We collect and process general information about the location of the device from which you are accessing the Site (e.g., your approximate geographic location as inferred from your IP address). This information may be used to, without limitation, verify your legal eligibility to use the Site or otherwise receive the Services.

- Cookies and Browser Information. The Site uses cookies for a variety of purposes as further described below and in our Cookie Policy.

- Web Beacons. Web beacons (also known as “web bugs”) are small strings of code that provide a method of delivering a graphic image on a web page or in an e-mail message for the purpose of transferring data. We may use web beacons (or clear GIFs) on our Site or include them in the e-mail messages we send you for many purposes, including site traffic reporting, unique visitor counts, advertising e-mail auditing and reporting, and personalization. Information gathered through web beacons may be linked to your Personal Information.

- IP Addresses and Log Files. An Internet Protocol (“IP”) address is a number assigned to each computer on a network to identify your computer every time you log on to the Internet. We may keep track of IP addresses to troubleshoot technical concerns and to maintain the safety and security of our Site (e.g., by reviewing your IP address in combination with your Personal Information for credit fraud protection and risk reduction.) In addition, we may use IP addresses to analyze trends, administer the Site, track traffic patterns, and gather demographic information for aggregate use.

Use of Cookies

Our website may use “cookies” to help personalize and enhance your online experience. Cookies are small text files, generally made up of letters and numbers, that are placed on your computer, tablet, mobile phone, or other device when you visit a web page. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

When you visit a webpage and enter personal information (e.g., your name, email address, etc.), that information is packaged into a cookie which is then sent to your browser and saved for later use. On subsequent visits to the same website, your browser will send that cookie back to the web server that issued it, thus identifying you and the information you already provided to that website on previous visits. Cookies exist largely as a convenience feature, though websites and internet-based services may use cookies for purposes such as tracking customer use of their services and providing targeted advertising to customers based on the data contained in cookies.

You have the ability to accept or decline cookies by activating the setting on your web browser that allows for you to refuse some or all cookies. Most web browsers automatically accept cookies by default, but almost all web browsers allow for limiting cookies to select websites or declining cookies altogether. If you choose to decline cookies issued by our website or by all websites, you may not be able to fully experience the interactive features of our website, including the ability to “log in” and remain logged in as a registered user.

For more information, please refer to our Cookie Policy.

Certain disclosures not covered by this Privacy Policy

This list of personal information and our Privacy Policy does not include or contemplate information you voluntarily disclose through responses or replies to any blog or public forum that we may decide to implement in the future or that is provided by a User on their own website or other venue. When you make such disclosures, you are providing your personal information to any user or other third party with access to those features, including, potentially, the general public. Any use of such information by third parties is beyond our ability or responsibility to control.

We encourage you to review the privacy policies of websites you choose to visit so that you can understand how those other websites collect, use, and share your information. Here at CRREO, we take commercially reasonable steps to ensure that our data processing partners handle your personal information responsibly and in compliance with all applicable laws and regulations. However, we are not responsible for the privacy policies or other content of websites unrelated to or uncontrolled by CRREO, including, without limitation, Chekr, LinkedIn, Twitter, Facebook, Google, Bing, and other websites owned, operated by, or created by third parties.

How and why we use your personal information

We strongly believe in using personal information only as necessary to provide you with our Services and with the best possible user experience. To that end, we may use your personal information to provide you with Services, to allow you to discover and reach out to other Users, to tailor our current and future Services to your needs by offering more relevant Services in the future, and to understand how you and others use our Site so that we can improve it and provide a better user experience for you and others.

We may share your data with our trusted partners, considered by the General Data Protection Regulation (GDPR) to be “data processors”, to help facilitate payments, perform statistical analysis, send you email or postal mail, or provide technical support. Any third parties with whom we share your personal information are prohibited by contract from using your personal information for any purpose other than to provide these services to us or to you on our behalf, and such third parties are required by contract to maintain the confidentiality of your personal information.

In order to tailor our services to your needs, we may use your personally identifiable information to inform you of other products or services available from us and our affiliates, including, potentially, other Users. We may also contact you via surveys to conduct research about your opinion on our current Services or potential new services that we may offer. We respect your privacy and give you an opportunity to opt-out of receiving these communications. You may, at any time, opt out of receiving any or all marketing communications from us by writing to us at hello@crreo.co.

We will disclose your personal information, without notice, if required to do so by law or in the good faith belief that such action is necessary to (a) conform to the edicts of the law or comply with legal processes to which CRREO may become a party; (b) protect and defend CRREO’ rights under the law; and (c) act under exigent circumstances to protect the personal safety of our other users or the general public. For example, if a visitor to our website submits a comment or inquiry through our website’s built-in contact form expressing an intent to cause physical harm to themselves or others, we may proactively inform law enforcement to protect the public interest.

Security of your Personal Information

We take great effort to secure your personal information and justify the trust you have placed in us. Our website and other data processes meet or exceed industry standards and include the use of at least 256-bit Secure Sockets Layer (SSL) protection. The use of SSL technology encrypts data transmitted between you and our website and other web services. When we transmit your personal information to other websites or web-based services (e.g., payment processors), it is similarly encrypted.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) provides rights to citizens and residents of the European Union (EU) to control their data. We encourage you to learn more about GDPR and, if applicable, better understand your rights by visiting the GDPR Portal at a https://www.eugdpr.org/. The GDPR addresses our responsibilities in handling your personal data (also referred to in this Privacy Policy as your personal information).

Under GDPR and this Privacy Policy, you have the following rights:

1. Right to Access Personal Data. You have the right to access your personal data that has been collected by us. To exercise this right, please contact our Data Protection Officer at dpo@crreo.co. We will respond to any such request within thirty (30) days.

2. Right to Rectification. You have the right to request modification of your personal data to correct any errors or to update incomplete or inaccurate information.

3. Right to Erasure. You have the right to request that we stop using the personal data we collect from you, stop transmitting it to third-party data processors, and erase it from our records and databases. In most cases, we will simply grant this request. In some limited circumstances, such as when we are contractually required to provide Services to you and need the personal information we have collected to do so, we may delay granting your request until such time as it is feasible for us to stop using your personal data and erase it. We may also deny your request if your personal data is the subject of a valid law enforcement request or preservation and/or disclosure of your personal data is required by law or by order of a court of law.

4. Right to Restrict Data Processing. You have the right, in any of the following circumstances, to request that all processing of your personal data be stopped:

  1. you wish to contest the accuracy of your personal data, in which case, we will suspend processing of your personal data for a period while we verify its accuracy;
  2. you believe the processing of your personal data is unlawful but you oppose the erasure of your personal data and request the restriction of its use instead;
  3. you believe we no longer need your personal data for our business purposes, but the personal data must be preserved for the establishment, exercise, or defense of legal claims; or
  4. you have objected to our continued processing pursuant to Article 21 of the GDPR, in which case we will suspend processing of your personal data unless our legitimate need to continue processing it overrides your objection.

5. Right to be Notified. You have the right to be notified of any use of your personal data in a clear and simple manner. This Privacy Policy serves as notification to you of how we intend to collect and use your personal data. If you feel your rights are being impeded, you may contact our Data Protection Officer at dpo@crreo.co to have your concerns addressed. In the event of any rectification or erasure of your personal data, we will provide you written notice within seventy-two (72) hours. Furthermore, in the event of a data breach that includes your personal data, we will inform you and the relevant legal authorities within seventy-two (72) hours after we are made aware of the breach.

6. Right to Data Portability. You have the right to request that your personal data be sent electronically to a third party of your choosing. The personal data must be provided by us in a commonly used, machine readable format if doing so is technically feasible.

7. Right to Object. You have the right to object to any denial by us of your request that we stop processing your data per your Right to Restrict Data Processing.

8. Right to Reject Automated Individual Decision-Making. You have the right to refuse the automated processing of your personal data to make decisions about you if such decisions significantly affect you or produce legal effects concerning you.

Data Retention Policy

We may retain personal information collected from you or from third parties as described elsewhere in this Privacy Policy for an indefinite period of time unless you choose to exercise your Right to be Forgotten.

California Consumer Privacy Act of 2018

If you are a California resident, you are afforded special protections under the CCPA, which include:

  1. The right to request disclosure of our data collection and sales practices as they may apply or pertain to your data, including the categories of personal information we collect, the source of that information, our use of the information, and, if the information is to be or has been disclosed or sold to third parties, the categories of personal information that may be or was disclosed or sold to third parties and the categories of third parties to whom such information may be (or was) disclosed or sold (a “Personal Information Request”);
  2. The right to request a copy of the specific personal information collected about you during the twelve (12) months immediately prior to your request (also a “Personal Information Request”);
  3. The right to have any such information deleted, with limited exceptions;
  4. The right to request that your personal information not be sold to third parties; and
  5. The right not to be discriminated against because you choose to exercise any of your newly afforded rights under the CCPA.

Personal Information Requests

To submit a Personal Information Request or to request the erasure of your personal information per the terms of the CCPA, please contact us by using the form on our website’s “Contact Us” page or by emailing our Data Protection Officer at dpo@crreo.co. Please note that the CCPA only affords California residents the right to make Personal Information Requests twice in a rolling 12-month period, we may require you to provide additional information to verify your identity prior to complying with any such request, and we will respond to any such request within forty-five (45) days of receiving it.

Categories of Personal Information

CRREO has collected the following categories of information within the past twelve (12) months or may reasonably expect to collect such information in the future:

  1. Identifiers (e.g., your name, contact information, cookies)
  2. Information protected against security breaches (e.g., your name, financial account information, username, and password)
  3. Commercial information
  4. Internet/electronic activity
  5. Geolocation
  6. Audio/video data
  7. Professional or employment related information
  8. Education information
  9. Biometrics
  10. Inferences from the foregoing

We have collected and/or expect to collect information pertaining to each category from our Users (including you), from third-party websites and data providers (e.g., LinkedIn, Twitter, Facebook, and Google+), and from the websites and social media profiles of vendors who have not themselves registered or created a profile on the Site.

We have not sold any such information within the past twelve (12) months and do not have any plans to sell such information in the future.

We have disclosed within the past twelve (12) months or reasonably expect to disclose in the future, for purposes of providing the Services and/or other business purposes as defined by the CCPA: identifiers, information protected against security breaches, protected classification information, commercial information, internet/electronic activity, geolocation, and inferences from the foregoing. We do not anticipate disclosing biometric data.

Sale of Personal Information; Opt-Out Process

The CCPA requires that any business which provides access to or discloses Personal Information to third parties for monetary or other valuable consideration must provide California residents with a web-based means of opting out of any such sale or disclosure. We at CRREO do not sell or otherwise provide such Personal Information to third parties except as otherwise required for us to provide the Services as otherwise described in this Privacy Policy. If we, in the future, decide to sell or otherwise provide third parties access to Personal Information, we will update this Privacy Policy to include an opt-out process.

Voluntary Disclosure

We at CRREO cannot control the spread or dissemination of any personal information you voluntarily disclose to third parties, whether through the Site or otherwise. While your rights remain effective as to our collection and use of any such information, we cannot and will not act on your behalf in making any requests, whether under the CCPA or otherwise, to any other parties to whom you voluntarily disclosed your personal information.

Persons under Eighteen

We do not knowingly collect personally identifiable information from children under the age of thirteen (13) years. We may collect personally identifiable information from children under the age of eighteen (18) years only with written permission from their parents or legal guardians and in the performance of Services.

Changes to this Privacy Policy

We will occasionally update this Privacy Policy based on user feedback and changes to the legal and regulatory requirements imposed on us. For example, this latest iteration of our Privacy Policy has been updated to comply with the General Data Protection Regulation (GDPR), better explain how we collect and use your data, and inform you of your rights to control your data. While we try to inform our users when we make changes to this Privacy Policy, we encourage you to regularly review it.

Contact Information

We welcome your questions or comments regarding this Privacy Policy. If you have suggestions, if you believe we may have violated this Privacy Policy, if you are a listed content creator and would like to have your data removed from the Site, or for general inquiries, please contact us at hello@crreo.co