Privacy Policy of SendPilot

SendPilot collects some Personal Data from its Users.

Personal Data collected for the following purposes and using the following services:

    • Analytics

      • Google Analytics and SumoMe Content Analytics

        Personal Data: Cookies; Usage Data

    • Contacting the User

      • SumoMe Mailing List or Newsletter

        Personal Data: company name; email address; first name; last name; phone number; website

    • Data transfer outside the EU

      • Data transfer from the EU and/or Switzerland to the U.S based on Privacy Shield

        Personal Data: various types of Data

    • Heat mapping and session recording

      • SumoMe Heat Maps

        Personal Data: Cookies; Usage Data

    • Interaction with external social networks and platforms

      • Facebook Like button and social widgets

        Personal Data: Cookies; Usage Data

      • Buffer button and social widgets

        Personal Data: Usage Data

Further information about Personal Data

    • Webflow

      Effective date: May 25, 2018

      Welcome to the Webflow, Inc., (hereinafter, “Webflow,” “Company,” “us,” “our,” or “we”) EU & Swiss Privacy Policy (the “Policy”).

      This Policy governs our information-handling practices as applicable to residents in the European Union (“EU”), European Economic Area (“EEA”), and Switzerland (collectively, the “Data Subjects”) that are visiting our website,, and the other websites under the domain (collectively, the “Sites”), or are customers who use our SaaS product, web design software, tools, and related services (together with the Sites, the “Service”).

      This Policy explains how we collect, use, disclose, and protect Data Subjects’ information as part of the Service in accordance with data-protection laws in the EU, EEA, and Switzerland (collectively the “Data Protection Laws”). Any discussion of your use of the Service in this Policy is meant to include your visits and other interactions with the Sites and Services, whether or not you are a user of Webflow’s SaaS product.

      Capitalized terms that are not defined in this Policy have the meaning given them in our Terms of Service or Global Privacy Policy.

      By accessing and using the Service, you signify your acceptance to the terms of this Policy. If you do not agree with or you are not comfortable with any aspect of this Policy, our Global Policy or the Terms of Service, you should immediately discontinue access or use of our Services. In the event of a conflict between the Global Privacy Policy and this Policy, this Policy supersedes the Global Privacy Policy.

      1. Our relationship to you
      In order for you to understand Webflow’s data protection obligations and your rights to your Personal Information under this Policy, it is important that you identify which relationship(s) you have with Webflow.

      A “User” is an individual providing personal data to us via our website or other services, products or platforms, such as by signing up for our newsletter or making an account and posting on the Forums. Webflow is in a “data controller” relationship with Users.
      A “Customer” is a specific type of User that has engaged us to act as an agent (or, as a “Data Processor”) by obtaining our Services. Webflow is in a “data processor” relationship with Customers.
      Webflow does not have a direct relationship with Customers’ End Users. A “Customer End User” is an individual that provides their Personal Information to our Customers. We do not control the purposes nor the means by which this Personal Information is collected, and we are not in a direct relationship with Customer End Users.
      Hereinafter we may refer to Customers and Users collectively as “you.”

      2. Notice
      Webflow provides notice to you through posted privacy policies and may provide additional "just-in-time" disclosures about the data collection, use, and sharing practices of specific Services. The Global Privacy Policy generally describes our privacy practices, while this Policy is specific to Users and Customers located in the EU, EEA, and Switzerland while using our Services. This Policy describes how we process Personal Information from the EU, EEA, and Switzerland in accordance with Privacy Shield and applicable data protection law.

      As a data processor, Webflow is not able to provide notice to or obtain consent from Customer End Users. To the extent required by law, Webflow supports Customers’ data-protection compliance efforts, but it is up to the Customer to ensure the appropriate data protection safeguards are in place before processing Personal Information from Customer End Users.

      3. Collection of Personal Information
      As described in the Global Privacy Policy, Webflow collects various types of Personal Information about you while you are using the Services. Information that is anonymized or aggregated is not “Personal Information.”

      In general, we collect the following types of Personal Information:

      Registration data: full name, email address, and optional social media account information (e.g., if logging in through your Google account).
      Profile data: biographical information, avatar, portfolio of work, skills, and/or freelance availability.
      Financial data: bank account information, payment card information, transaction history, and/or company billing information.
      Transaction data: information about the transactions you make on our Services, such as the names of your clients, the projects you complete, when projects are published, and/or timestamps of certain actions.
      Online identifiers: geolocation/tracking details, browser fingerprint, OS, browser name and version, and/or IP addresses.
      Interaction data: survey responses, forum or blog posts, authentication data, security questions, public social networking posts, user ID, click-stream data, and other data collected via cookies and similar technologies. Please read our Cookie Policy for more information.
      Any information that is disclosed in the forums or our blog becomes public information. This means that your posts are available to the public and may appear in search engines or other publicly available platforms, and may be “crawled” or searched by third parties. Your public posts can also be read, collected, or used by others to send you unsolicited messages. Be careful when posting on public parts of our Services and do not post any information that you are not comfortable sharing publicly.

      4. Purposes of processing
      Under the Data Protection Laws, we are required to notify you about our purposes of processing your Personal Information, as well as the legal basis for such processing.

      Unless otherwise permitted by law, we may process your Personal Information:

      If you consent to the processing
      To satisfy our legal obligations
      If it is necessary to carry out our obligations arising from any contracts we entered with you or to take steps at your request prior to entering into a contract with you
      In the public interest
      In your vital interests, or
      For our legitimate interests, such as to protect our property, rights, or the safety of Webflow, our customers, or others

      Purpose of processing
      Legal basis
      To ensure network and information security.

      ‍We process your Personal Information to:

      Enhance the security of our Services
      Combat spam or other malware or security risks
      Monitor and verify identity or service access
      To comply with applicable security laws and regulations
      Without processing your Personal Information, we may not be able to ensure the security of our Services.

      Processing is necessary for compliance with a legal obligation.

      To enforce Webflow’s terms and agreements.

      We have Terms of Service and other policies that define how you can use our Services. To ensure that you and others are using our Services in accordance with such terms and policies, we may process your Personal Information to:

      Investigate, prevent and mitigate any potentially prohibited or illicit activities
      Enforce our agreements with third parties, and/or
      Collect fees based on your use of our Services
      We collect information about your account usage and monitor your interactions with our Services. We may use any of your Personal Information collected on our Services for these purposes. The consequences of not processing your Personal Information for such purposes is the termination of your account, as we cannot perform our Services in accordance with our terms.

      Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.

      To provide our Services.

      We process your Personal Information to provide the Services. For example, when you want to bill a client for your work, we collect registration, financial, transaction, and interaction data to send the bill to the client and obtain payment. We cannot provide you with Services without such information.

      Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.

      To provide Service communications.

      We may reach out to you to send you administrative or account-related information to keep you in the loop about our Services, alert you of relevant security issues or updates, or provide other transaction-related information to you. While we generally use your registration data for this purpose, we may send personalized Service communications to you based on other Personal Information, such as interaction, payment, or transaction data. Without such communication, you may miss out on important developments relating to your account that may affect how you can use our Services.

      Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.

      To ensure quality control.

      We process your Personal Information for quality control and staff training to make sure we continue to provide you with accurate information. Without our quality-control measures, you may experience issues while using the Services. For example, you may not be able to bill clients accurately or in a timely fashion, or you may encounter interruptions on our Services.

      Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.

      To provide customer service.

      When you contact our customer service channel, we process your Personal Information to respond to your questions, disputes, feedback, or issues with our Services. We may process your Personal Information in response to another customer’s request, as relevant. Without processing your Personal Information for such purposes, we cannot respond to your requests.

      Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.

      To enhance your experience on our Services.

      We process your Personal Information to provide a personalized experience on our Services and to implement your feedback or the preferences you request. For example, you may share parts of your social media account information with us for authentication. Without such processing of your Personal Information, we may not be able to ensure your continued enjoyment of part or all our Services.

      Processing is necessary for the purposes of the legitimate interests pursued by Webflow.

      For research and development purposes.

      We process your Personal Information to better understand you and the way you use and interact with our Services. For example, interaction data can provide helpful insights that assist us with measuring, customizing, or improving current Services. In addition, such information can help us develop new Services for your enjoyment. Without such processing, we cannot ensure your continued enjoyment of our Services.

      Processing is necessary for the purposes of the legitimate interests pursued by Webflow.

      To facilitate acquisitions, mergers, or other business transactions.

      We may process any of your Personal Information as is necessary in the context of acquisitions, mergers, or other business transactions. We will try to notify you in advance if we intend to process your Personal Information for this purpose. You will have the option of terminating your account if you do not wish to have your Personal Information processed for such purposes.

      Processing is necessary for the purposes of the legitimate interests pursued by Webflow.

      To engage in marketing activities.

      We may send you marketing communications from time to time. Such marketing communications may contain information about our events, partner events, or promotional offers. We may use your interaction and/or transaction data to provide you with targeted marketing communications. You can opt out of our marketing communications at any time and free of charge.

      Processing is based Processing is necessary for the purposes of the legitimate interests pursued by Webflow.

      We will only use your Personal Information for the purposes above or for compatible purposes.

      If we wish to share your Personal Information with third parties that are not described in this Policy or the Global Privacy Policy, we may request your permission as required by Data Protection Law. You may opt out of having your Personal Information shared with third parties, or from allowing us to use your Personal Information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. However, if you limit the way we use your Personal Information, certain features or Services may not be available to you.

      5. Third party sources of information
      We only collect Personal Information about you from third parties that you voluntarily choose to connect with our Services. For example, you can share Personal Information with us when you access our Site or Service through a third-party connection, or when you log in or connect an application to Webflow. We process this information for the purposes of performance of our contracts with you. For more information, please see Section 2(c) of the Global Privacy Policy.

      6. Third party recipients
      Webflow conducts the majority of data processing activities required to provide you with the Services. However, we do engage third-party service providers to assist with supporting our Services, including vendors in the following areas:

      Credit card or payment processors
      Cloud storage providers
      Customer support tools
      Product development tools
      IT and security service providers, and
      Marketing or analytics tools
      Each service provider is vetted and bound by contractual obligations that are equivalent to the provision of this Policy or more stringent. See the “Accountability for Onward Transfers” section below for more information about our agreements with third parties.

      7. Retention
      We are committed to keeping your Personal Information secure on our Services. We limit our storage of your Personal Information to the amount of time necessary to fulfil the purposes for which we collected the Personal Information, including for the purposes of satisfying any legal, accounting, or reporting obligations, or to resolve disputes. Although retention laws and requirements vary by jurisdiction, we have some standard retention periods for parts of your Personal Information which are described below:

      Contact information collected for marketing purposes, such as your name and email address, is retained on an ongoing basis until you unsubscribe from our marketing communications. Thereafter we will add your contact information to our suppression list indefinitely to respect your unsubscribe request.
      Browser interaction data, such as cookies and trackers, is kept for a period of up to one year from expiry of the cookie or date of collection.
      Product analytics data is kept for up to 5 years, and automatically deleted on an ongoing basis.
      If you have questions about retention periods that apply to any other data, please contact us at

      8. International transfers
      Webflow uses approved data transfer mechanisms to transfer your Personal Information in and out of the United States and other jurisdictions. We rely on European Commission–approved Standard Contractual Clauses as a legal mechanism for any data transfers from the U.S. to a country outside the EU, EEA, or Switzerland to the extent that any such transfers occur.

      In relation to transfers of Personal Information to the U.S., Webflow participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (hereinafter, the “Framework” or “Privacy Shield”) as set forth by the U.S. Department of Commerce regarding the collection, use, disclosure, and retention of Personal Information transferred from the EU, EEA, and Switzerland to the United States. Webflow has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

      This EU & Swiss Privacy Policy and the Webflow Global Privacy Policy describe Webflow’s privacy practices. In the event there is a conflict between the terms in the Global Privacy Policy and this Policy, this Policy shall govern for any conflicts related to EU, EEA, or Swiss data subjects. To learn more about the Privacy Shield program, and to view our certification, please visit

      9. Accountability for onward transfer
      Webflow complies with the Privacy Shield Principles and the Data Protection Laws for all onward transfers of Personal Information from the EU, EEA, and Switzerland, including the onward transfer liability provisions. Webflow contractually obligates third-party agents or service providers to provide the same level of protection as required by the Privacy Shield Framework and under the Data Protection Laws. In addition, we limit and specify the purpose(s) for processing your Personal Information consistent with any notice provided to you and your consent.

      Upon request by the United States Department of Commerce, Webflow will provide a summary or representative copy of the relevant privacy provisions of its agreement with a third-party agent.

      In certain situations, Webflow may be required to disclose your Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, to comply with a judicial proceeding or court order, or as otherwise required by law.

      11. Direct marketing
      Direct marketing includes any communications to you that are only based on advertising or promoting products and services. Transactional communications about your account or our Services are not considered “direct marketing” communications.

      We will only contact Customers by electronic means (including email) based on our legitimate interests or the Customer’s consent. When we rely on legitimate interest, we will only send you information about our Services that are similar to those which were the subject of a previous sale or negotiations of a sale to you.

      If you do not want us to use your Personal Information in this way, or to pass your Personal Information on to third parties for marketing purposes, please go to the email settings for your account to opt out, click an unsubscribe link in your emails, or contact us at You can object to direct marketing at any time and free of charge.

      2. Your rights
      You have the rights to your Personal Information that are described below. You can exercise your rights by contacting us at so that we may consider your request under applicable law. When we receive an individual rights request via email, we may take steps to verify your identity before complying with the request to protect your privacy and security.

      Right to withdraw consent. When we rely on your consent for processing of your Personal Information, you have the right to withdraw your consent at any time. However, the withdrawal of your consent will not affect the lawfulness of Webflow’s processing based on consent before your withdrawal.
      Right of access to and rectification of your Personal Information. You have a right to request a copy of your Personal Information stored with Webflow. We will provide a copy to you without undue delay subject to some fee associated with gathering of the information (as permitted by law). We may limit or deny your request if providing you with a copy could adversely affects the rights and freedoms of others. You may also request us to correct or update any inaccurate Personal Information stored by us.
      Right to erasure (or, “The right to be forgotten”). You have the right to request erasure of your Personal Information that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing that you previously consented to, but no longer consent to; or (c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing. Your right to erasure is subject to limitations by relevant Data Protection Laws.
      Right to data portability. If we process your Personal Information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request to receive your Personal Information in a structured, commonly used, and machine-readable format, and to have us transfer your Personal Information directly to another data controller, where technically feasible, unless exercise of this right adversely affects the rights and freedoms of others.
      Right to restriction of processing. You have the right to restrict our processing of your Personal Information where one of the following applies:
      You contest the accuracy of your Personal Information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your Personal Information.
      The processing is unlawful and you oppose the erasure of your Personal Information and request the restriction of its use instead.
      We no longer need your Personal Information for the purposes of the processing, but it is required by you to establish, exercise, or defend legal claims.
      You have objected to processing, pending the verification of whether the legitimate grounds of Webflow’s processing override your rights.

      Restricted Personal Information shall only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if the restriction is lifted.
      Notification of erasure, rectification, and restriction. We will communicate any rectification or erasure of your Personal Information or restriction of processing to each recipient to whom your Personal Information has been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those recipients if you request this information. If we have made your Personal Information public and we are required to erase the Personal Information, we will, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other parties that are processing your Personal Information that you have requested the erasure of any links to, or copy or replication of your Personal Information.
      Right to object to processing. Where the processing of your Personal Information is based on consent, contract, or legitimate interests, you may restrict or object, at any time, to the processing of your Personal Information as permitted by applicable law. We can continue to process your Personal Information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
      Automated individual decision-making, including profiling. You have the right not to be subject to a decision based solely on automated processing of your Personal Information, including profiling, which produces legal or similarly significant effects on you. There may be exceptions or limitations to this right as defined under relevant Data Protection Laws.

      3. Limitations to your rights
      Your rights to your Personal Information are not without limits. Access may be denied when:

      Denial of access is required or authorized by law
      Granting access would have a negative impact on other's privacy
      Doing so protects our rights and properties, or
      Where the request is frivolous or vexatious

      14. Recourse, enforcement, & liability
      We will investigate and work expeditiously to resolve any complaints or disputes in accordance with this Policy and the Privacy Shield Framework. If you have an inquiry or complaint regarding our privacy policies or practices, please contact us first at

      If you have an unresolved complaint or dispute arising under the requirements of the Privacy Shield Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism free of charge. Our independent dispute resolution mechanism is JAMS. For more information and to file a complaint, visit the JAMS website. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Framework.

      Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

      You have also a right to lodge a complaint with a competent supervisory authority situated in a Member State of your habitual residence, place of work, or place of alleged infringement.

      15. Children's data
      We recognize that some Data Protection Laws vary based on the age of consent. Depending on the jurisdiction, the age of consent can be between 13 to 16 years old. We do not knowingly request to collect Personal Information from any Data Subject under the age of consent as defined by the jurisdiction in which the Data Subject resides. If we are aware of or suspect that a Data Subject is under the age of consent, we will require the Data Subject to terminate their account. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of consent using our Services.

      16. Changes to this Policy
      We may change this Policy at any time and the changes will apply to any Personal Information we already hold and to any new Personal Information collected after the change occurs. If we make any material changes to this Policy, we will endeavor to notify you by email or by posting a prominent notice on the Services prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of our Services after the effective date of this Policy constitutes an acceptance of the amended terms. You may refer to the “Last Updated” date of this Policy to determine if the Policy has changed since the date of your last visit.

      17. Contact us
      If you have any questions regarding this Policy or about the privacy practices of Webflow, please contact us by email at, or at:

      Webflow, Inc.
      398 11th Street, 2nd Floor
      San Francisco, CA 94103

    • Blockspring

      Blockspring Privacy Policy
      General Information
      Welcome to Blockspring, a website and online service of Grafly, Inc. (“Blockspring,” “we,” or “us”). This page explains how we collect, store, use, and disclose information we receive from or about you through your use of our online and/or mobile services, website, and software provided on or in connection with them (collectively, the “Service”).

      We’re committed to protecting the privacy of all visitors, users, and others who access our application (“you,” or “Users”). This Privacy Policy applies only to the practices of companies we own, control, or are united with under common control. By accessing or using our Service, or by clicking “I Accept” or otherwise affirmatively manifesting your assent to this Privacy Policy, you signify that you have read, understood and agree to our collection, storage, use and disclosure of your personal information as described in this Privacy Policy.

      Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Use Agreement.

      Information We Collect

      We collect various pieces of information (including personal information) from our Users in order to provide you with a personalized, useful, and efficient experience. The categories of information we collect can include:

      Information you provide to us. We may collect and store personal information you enter in our Service or provide to us in some other manner, including your name, email address, mobile phone number, user name, password, the organization you work for, and other credentials such as your Amazon S3 account information or other authentication keys. We may also retain messages you send through the Service, and may collect information you provide in User Content you post to the Service.
      User Content. We collect your personal information contained in any User Content you create, share, store, or submit to or through the Service, which may include photo or other image files, written comments, information, data, text, scripts, graphics, code, and other interactive features generated, provided, or otherwise made accessible to you and other Users by Blockspring via the Service in accordance with your personal settings.
      Information we receive from other sites. When you interact with our site through various other sites, such as when you login through GitHub, we may receive information from such sites, including information posted or otherwise made available on your profile, user name, user ID, and any other information you permit the site to share with third-parties. The data we receive is dependent upon your privacy settings with the other site. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our website or Service.
      Information about others. With your permission, Blockspring may allow you to invite your friends and other contacts to connect with our Service via email or otherwise. We may also collect information about others if you use our Service to upload, share, or distribute User Content that contains information about others, including their name, image or online contact information.
      Metadata. Blockspring may collect metadata associated with User Content. Metadata typically consists of how, when, where, and by whom a piece of User Content was posted and collected and how that content has been formatted. Users can add or may have added metadata added to their User Content including keywords posted with code or comments, including names or other data. This makes your data more searchable and more interactive. However, the metadata may be accessible to others if you share the User Content with others or on third-party social media sites.
      We use this information to operate, maintain, and provide to you the features and functionality of the Service, as well as to communicate directly with you, such as to send you email messages and push notifications, and permit you to share your creations on the Service with your contacts or social media sites. We may also send you Service-related emails or messages (e.g., account verification, order confirmations, change or updates to features of the Service, technical and security notices). For more information about your communication preferences, see “Your Choices Regarding Your Information” below.

      Use of cookies and other technology to collect information

      We automatically collect certain types of usage information when you visit our website or use our Service. When you visit the Service, we may send one or more cookies — a small text file containing a string of alphanumeric characters — to your computer that uniquely identifies your browser and lets us help you log in faster and enhance your navigation through the site. A cookie may also convey information to us about how you use the Service (e.g., the pages you view, the links you click, how frequently you access the Service, and other actions you take on the Service), and allow us to track your usage of the Service over time. We may collect log file information from your browser or mobile device each time you access the Service. Log file information may include anonymous information such as your web request, Internet Protocol (“IP”) address, browser type, information about your mobile device, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information. We may employ clear gifs (also known as web beacons) which are used to anonymously track the online usage patterns of our Users. In addition, we may also use clear gifs in HTML-based emails sent to our Users to track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of the Service. We may also collect analytics data, or use third-party analytics tools such as Google Analytics, to help us measure traffic and usage trends for the Service. These tools collect information sent by your browser or mobile device, including the pages you visit, your use of third-party applications, and other information that assists us in analyzing and improving the Service.

      When you access our Service by or through a mobile device, we may receive or collect and store, either directly or through third-party analytics tools, a unique identification numbers associated with your device (“Device ID”), mobile carrier, device type and manufacturer, phone number, and, depending on your mobile device settings, your geographical location data, including GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your mobile device.

      We use or may use the data collected through cookies, log files, Device IDs, location data, and clear gifs information to: (a) remember information so that you will not have to re-enter it during your visit or the next time you visit the site; (b) provide custom, personalized content and information to our Users; (c) provide and monitor the effectiveness of our Service; (d) monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our website and our Service; (e) diagnose or fix technology problems; and (f) otherwise to plan for and enhance our service.

      Sharing Personal Information with Third-Parties
      We may share your personal information in the instances described below. For further information on your choices regarding your information, see the “Your Choices Regarding Your Information” section below.

      We may also share your personal information with:

      Other companies owned by or under common ownership with Blockspring, which also includes our subsidiaries (i.e., any organization we own or control) or our ultimate holding company (i.e., any organization that owns or controls us) and any subsidiaries it owns. These companies will use your personal information in the same way as we can under this Privacy Policy;
      Third-party vendors, consultants, and other service providers that perform services on our behalf, in order to carry out their work for us, which may include content or service fulfillment or providing analytics services;
      Third-parties at your request (e.g., to other members of your organization in accordance with your and their privacy settings); The public at your request;
      Other parties in connection with any company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third-party or in the event of bankruptcy or related or similar proceedings; and
      Third-parties as required to (a) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (b) enforce our Terms of Use Agreement, including the investigation of potential violations thereof, (c) investigate and defend ourselves against any third-party claims or allegations, (d) protect against harm to the rights, property or safety of Blockspring, its users or the public as required or permitted by law and (e) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
      We may also share information with others in an aggregated and anonymous form that does not reasonably identify you directly as an individual person or entity.

      Your Choices Regarding Your Information
      Promotional Communications. If you do not wish to receive promotional emails, you can click the “unsubscribe” button on promotional email communications. Note that you are not permitted to unsubscribe or opt out of non-promotional messages regarding your account, such as account verification, password, or local area number requests, order confirmations, change or updates to features of the Service (including this Privacy Policy or our Terms of Use Agreement), or technical and security notices.

      Data Retention: We will retain your information for as long as your account is active or as needed to provide you services. Following termination or deactivation of your account, Blockspring may retain information (including User Content) for a commercially reasonable time for backup, archival, and/or audit purposes. Please contact us at if you wish to delete your account. Please be aware that we will not be able to delete any content you have shared with other Users or with third-parties.

      Security and Storage of Information
      Blockspring cares about the security of your information and uses commercially reasonable physical, administrative, and technological safeguards to preserve the integrity and security of all information we collect and that we share with our service providers. However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps in accordance with any applicable laws and regulations.

      Your information collected through the Service may be stored and processed in the United States or any other country in which Blockspring or its subsidiaries, affiliates or service providers maintain facilities. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction, and you consent to the transfer of information to the U.S. or any other country in which Company or its parent, subsidiaries, affiliates or service providers maintain facilities and the use and disclosure of information about you as described in this Privacy Policy.

      Persons Under Age of 13
      Blockspring does not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to register for the Service. The Service and its content are not directed at children under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information collected from a child under 13, please contact us at

      Links to Third-Party Websites
      The Service may contain links to and from third-party websites of our business partners, advertisers, and social media sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check the individual policies before you submit any information to those websites.

      Updates to this Policy
      We reserve the right to modify this Policy from time to time. If we make any changes to this Policy, we will change the "Last Revision" date below and will post the updated Policy on this page.

      Contacting Us
      If you have questions about this Policy, please contact us at or by writing to us at:

      767 Bryant St #406
      San Francisco, CA 94107

      Last Revision Date
      This Policy was last revised on, and effective as of, November/20014.

    • Bubble

      Last revised: May 21, 2018.

      Effective date: May 25, 2018.

      Bubble Group, Inc. (“Bubble” or “we” and its derivatives) is committed to safeguarding your privacy. This Privacy and Cookie Policy (the “Policy”) describes our policies and procedures regarding the collection, use and disclosure of information we obtain through the website at, sites created by users and hosted by Bubble (“Bubble Sites”), the marketplace we operate for the convenience of our users that lets them license templates and plugins from each other for use with Bubble Sites (“User Components”), and any other online or mobile services we may provide (all the above, collectively, the “Bubble Service”). Please read the following information carefully to understand our views and practices regarding your Personal Data and how we will treat it.

      To use the Bubble Service, you must consent to the terms of this Policy and the Bubble Terms of Service, which is incorporated by reference, by clicking the button “I agree” to accept the Bubble Terms of Service and Privacy Policy below.


      As used in this Policy, a “Direct User” is an individual who has an account with Bubble and can build a Bubble Site, and an “End User” is an individual who visits a Bubble Site or, but who has not registered with Bubble. Except where specified below, this Policy applies equally to both Direct and End Users.

      “Personal Data,” as used in this Policy and as defined in the General Data Protection Regulation 2018 and any successor legislation, includes information which, either alone or in combination with other information we hold about you, identifies you as an individual, including, for example, your name, postal address, email address and telephone number.

      “Anonymous Data” means data that is not associated with or linked to Personal Data and that does not permit the identification of individual persons, either alone or when combined with any other information available to a third party. We collect Personal Data and Anonymous Data, as described below.


      WHO WE ARE. For the purpose of applicable data protection legislation, the data controller of your Personal Data is Bubble Group, Inc. of 1811 Silverside Road, Wilmington, New Castle County, Delaware 19801.

      MUST READ SECTIONS: We draw your attention in particular to the sections entitled “INTERNATIONAL DATA TRANSFER” and “YOUR RIGHTS.”

      CHANGES TO THIS POLICY: We will post any modifications or changes to the Policy on the Bubble Service. We reserve the right to modify the Policy at any time, so we encourage you to review it frequently. The “Last Updated” legend above indicates when this Policy was last changed. If we make any material change(s) to the Policy, we will notify you via email or post a notice on our Site prior to such change(s) taking effect.


      Why do we need your Personal Data? We collect information about you in a range of forms, including Personal Data. We will only process your Personal Data in accordance with applicable data protection and privacy laws. We need certain Personal Data in order to provide you with access to the Bubble Service.
      If you created an account with us, you will have been asked to click “I agree” to agree to provide this information in order to access our services. This consent provides us with the legal basis we require under applicable law to process your data. You may withdraw such consent at any time. If you do not agree to our use of your Personal Data in line with this Policy, please do not use the Bubble Service.


      Bubble is currently in the process of self-certifying to the EU-US and Swiss-US Privacy Shield Framework and intends to complete the process as soon as practicably possible. In the interim, Bubble agrees to conduct its activities in accordance with the requirements of the Privacy Shield Principles as laid out below. To the extent that Bubble processes any personal data protected by EU Data Protection Law under the Agreement and/or that originates from the EU and Switzerland, Bubble agrees to protect such personal data in accordance with the requirements of the Privacy Shield Principles. Bubble shall inform you if it is no longer able to comply with this requirement.

      To learn more about the Privacy Shield Framework, please visit Below is additional information on your rights under the Privacy Shield Framework, which will come into effect following Bubble’s certification.

      As described in the Privacy Shield Principles, Bubble is accountable for Personal Data that it receives and subsequently transfers to third parties. If third parties that process Personal Data on our behalf do so in a manner that does not comply with the Privacy Shield Principles, we are accountable, unless we prove that we are not responsible for the event giving rise to the damage. The types of third parties with which we may share your Personal Data are set out in the section of this Policy entitled “HOW BUBBLE MAY SHARE YOUR INFORMATION.” The categories of Personal Data Bubble may receive, as well as the purposes for which Bubble collects and uses the Personal Data, are set out in other sections of this Policy, including in those entitled “HOW WE COLLECT YOUR INFORMATION” and “HOW BUBBLE USES YOUR INFORMATION.”

      With respect to Personal Data received or transferred pursuant to the Privacy Shield Framework, Bubble will be subject to the regulatory enforcement powers of the U.S. Federal Trade Commission upon certification. In certain situations, Bubble may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

      You may have the right to access your Personal Data and request that we correct, amend, delete it if it is inaccurate or processed in violation of the Privacy Shield Framework. These access rights may not apply in some cases, including where providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of a third party. To request access to, correction, amendment, or deletion of your Personal Data, submit a written request to the contact information provided below. We may request specific information from you to confirm your identity.
      You may also choose to change Personal Data or deactivate your account by contacting us using the contact details below. You can also unsubscribe from our marketing communications by following the instructions or unsubscribe mechanism in our marketing e-mails.

      In compliance with the Privacy Shield Principles, Bubble commits to resolve complaints about our collection or use of your Personal Data. EU and Swiss users with inquiries or complaints regarding this Policy should first contact us by email at, or please write to the following address:

      Bubble Group, Inc.
      1114 Avenue of the Americas, 46th Floor
      New York,
      NY 10036
      ATTN: Jeff Laretto.

      Upon certification, Bubble further commits to refer unresolved Privacy Shield complaints to TrustArc, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please visit for more information or to file a complaint. The services of TrustArc are provided at no cost to you. Additionally, under certain conditions, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. These conditions are more fully described on the Privacy Shield website,

      We may amend this Notice on EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield from time to time consistent with Privacy Shield requirements.


      Information You Provide.

      We collect Personal Data from Direct Users when they register to use the Bubble Service, post content on the Bubble Service (such as in forums), or communicate with us (e.g., through the “Contact” page on our site, or when requesting customer service or technical support), make purchases through the Bubble Service, or provide us with feedback about the Bubble Service.

      We may also collect Personal Data at other points in the Bubble Service when clearly identified.

      We do not collect Personal Data directly from End Users unless they contact us (i.e., through the “Contact” page on our site or to provide feedback about the Bubble Service). Each individual operator of a Bubble Site determines what End User information is required to operate their Bubble Site, is required to comply with all applicable laws respecting the treatment of such information and is responsible for all use of such information. However, because Bubble Sites run on our infrastructure, the “Information Collected via Technology” section below applies equally to End Users and Direct Users.

      Registration. To create an account, Direct Users need to provide an email address and password. Direct Users may provide other optional information, such as profile photos, their location, or job title, and, if signing up for a paid account, will have to provide payment information to our third party payment provider, subject to the terms below. Direct Users may always go to the “My account” section of the Bubble Service to update, change, or remove their information.
      Forum Use. To post on our Forum, Direct Users need to provide their email address, password, a username and may provide other optional information, such as profile photos. Direct Users may always go to their “Account Preferences” page to update or change their information.
      Bubble Sites. We do not collect or use End User Personal Data, except to provide customer support, respond to direct requests, or as automatically collected through technical means as set forth below. As noted above, the operators of Bubble Sites may collect and use the information of End Users of their sites, including Personal Data and content posted to Bubble Sites. Bubble does not control or monitor such collection and usage.

      Bubble Marketplace. We do not collect any Personal Data in the course of operating the Bubble Marketplace, but in order to make available or license User Components on the Bubble Marketplace, you must be a Direct User who has submitted payment information to our third party payment processor. Certain Direct User account information (including account name or other Personal Data) may be made available to the buyer and seller involved in a Bubble Marketplace transaction. Bubble does not control or monitor the use of such information by participants in a Bubble Marketplace transaction.

      Information Collected via Technology

      Information Collected by Our Servers. To make the Bubble Service more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, which may include your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.

      Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information may include IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, data typed into the site, and clickstream data. We use this information to analyze trends, administer the Bubble Service, track users’ movements around the Bubble Service, gather demographic information about our user base as a whole, and better tailor the Bubble Service to our users’ needs. For example, certain information may be collected so that when you visit the Bubble Service again, it will recognize you and remember preferences (such as previous User Components viewed or licensed from the Bubble Marketplace). Except as noted in this Policy, we do not link this automatically-collected data to Personal Data.

      How We Respond to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable you to opt out of tracking on our site. To find out more about “do not track,” please visit

      Mobile Services. We may also collect non-Personal Data from your mobile device if you access the Bubble Service from your mobile device. This information is generally used to help us deliver the most relevant information to you. Examples of information that may be collected and used include your geographic location and information about the type of device you use. In addition, if the Bubble Service crashes on your mobile device, we may receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise improve the performance of the service. This information is sent to us as aggregated information and cannot be used to identify an individual.

      Analytics Services. In addition to the tracking technologies we place, other companies may set their own Cookies or similar tools when you use the Bubble Service. This includes third party analytics services, such as Google Analytics (“Analytics Services”), that we engage to help analyze how users use the Bubble Service, as well as third parties that deliver content or offers. We may receive reports based on these parties’ use of these tools on an individual or aggregate basis. We use the information we get from Analytics Services only to improve the Bubble Service. The information generated by the Cookies or other technologies about your use of the service (the “Analytics Information”) is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on user activity. The Analytics Services may also transfer information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Services’ ability to use and share Analytics Information is restricted by such Analytics Services’ Terms of Use and Privacy Policy. By using the Bubble Service, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above. See for a full list of Analytics Services. We may also partner with ad companies to support our marketing efforts, including by serving you ads better tailored to your likely interests. If you don’t want to take advantage of these services, you can opt-out by visiting or, or if you are located in the EU,

      SNS Log In. Direct Users may use certain social media site (“SNS”) credentials to log into the Bubble Service. In such case, we collect Personal Data from the social media website. For example, when you log in with your Google credentials, we may collect the Personal Data you have made publicly available in Google, such as your email address, name, and profile picture or logo. You agree that you are solely responsible for your use of an SNS and that it is your responsibility to review the terms of use and privacy policy of such SNS. Any information that we collect from an SNS account will depend on the privacy settings you have with that SNS, so please consult the SNS’ privacy and data practices. We will not be responsible or liable for: (a) the availability or accuracy of such SNS; (b) the content, products or services on or availability of such SNS; or (c) your use of any such SNS. You can revoke our access to this information anytime by amending the appropriate settings from within your account settings on the applicable SNS.


      Like many online services, we use Cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them).

      We use two broad categories of Cookies: (1) first party Cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it revisits the Bubble Service; and (2) third party Cookies, which are served by service providers on the Bubble Service, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.

      Bubble uses Cookies to verify that you are properly signed in, to display information for your primary location, and to provide information about your Bubble Sites (if applicable). We may also use Cookies from time to time to measure your response to new aspects of the Bubble Service and/or emails in an effort to continually improve customer service and the Bubble Service. Please be aware that a Cookie cannot spread computer viruses, retrieve any other data from your hard drive, or capture your email address.

      Cookies we use. The Bubble Service uses the following types of Cookies for the purposes set out below.

      a. Essential Cookies. These Cookies are essential to provide you with services available through our Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.

      b. Functionality Cookies. These Cookies allow our Services to remember choices you make when you use our Services, such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of Services which you can customize. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.

      c. Analytics and Performance Cookies. These Cookies are used to collect information about traffic to Services and how users use our Services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Services.
      We use Google Analytics, Mixpanel, and other third party analytics services for this purpose. Google Analytics and Mixpanel use their own cookies. They are only used to improve how our Services works. You can find out more information about Google Analytics Cookies here: You can find out more about how Google protects your data here:
      You can find out more information about Mixpanel cookies and how they protect your data here:
      You can prevent the use of Google Analytics relating to your use of our Services by downloading and installing the browser plugin available via this link:
      You can prevent the use of Mixpanel Cookies relating to your use of our Services by filling out the Mixpanel opt-out form via this link:

      c. Social Media Cookies. These Cookies are used when you share information using a social media sharing button or “like” button on our Services or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter, or Google+. The social network will record that you have done this.

      Disabling Cookies. You can typically remove or reject Cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept Cookies until you change your settings.
      Further information about Cookies, including how to see what Cookies have been set on your computer or mobile device and how to manage and delete them, visit and

      Direct Users must accept Cookies in order to access certain features of the Bubble Service. You can erase or block Cookies from your computer if you wish to do so (your internet browser help screen or manual will thoroughly explain this process), but certain parts of the Bubble Service will not work correctly or at all if your browser is set to not to accept Cookies.

      We may also use pixel tags (which are also known as web beacons and clear GIFs) on the Bubble Service to track the actions of users on our Services. Unlike Cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of the Bubble Service, so that we can manage our content more effectively. The information we collect using pixel tags is not linked to our users’ Personal Data.

      Automated decision-making or profiling

      We do not use your Personal Data for the purposes of automated decision-making. However, we may do so in order to fulfil obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.


      Personal Data. In general, Personal Data you submit to us is used either to deliver the Bubble Service or respond to requests that you make. We use your Personal Data in the following ways:
      • facilitate the creation and securing of your account (Direct Users only);
      • identify you as a user of the Bubble Service;
      • operate, maintain, and provide improved administration of the Bubble Service;
      • improve the quality of experience when you interact with the Bubble Service;
      • manage your account, including to send you administrative e-mail notifications, such as security or support and maintenance advisories (Direct Users only);
      • respond to your comments and inquiries related to employment opportunities or other requests and to provide customer service; and with your consent, send newsletters, surveys, offers, including information about products and services offered by us and our affiliates, and other promotional materials related to the Bubble Service and for other marketing purposes of Bubble to Direct Users. You may opt-out of receiving such information at any time: such marketing emails tell you how to opt-out. Please note, even if you opt-out of receiving marketing emails, we may still send you non-marketing emails. Non-marketing emails include emails about your account with us (Direct Users only) and our business dealings with you.
      • process payments you make via the Bubble Service
      • as we believe necessary or appropriate (a) to comply with applicable laws; (b) to comply with lawful requests and legal process, including to respond to requests from public and government authorities; (c) to enforce our Policy; and (d) to protect our rights, privacy, safety or property, and/or that of you or others; and
      • as described in the Section entitled “HOW BUBBLE MAY SHARE YOUR INFORMATION” below.

      Anonymous Data. We may create Anonymous Data about both Direct Users and End User by excluding information (such as your name) that makes the data personally identifiable to you. Anonymous Data might include analytics information and information collected by us using cookies. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of the Bubble Service. We may use Anonymous Data and aggregated and other de-identified information for any purpose and disclose Anonymous Data to third parties in our sole discretion.


      With Third Parties designated by you. We may share your Personal Data with third parties where you have provided your consent to do so.

      With Third Parties. We may share your Personal Data with third party service providers (“Subprocessors”) to provide you with the Bubble Service, to conduct quality assurance testing, to facilitate creation of accounts, to provide technical support, to conduct data analysis, to process payments, to provide information technology and related infrastructure provision, customer service, email delivery, and/or to provide other services. These Subprocessors are only permitted to use your Personal Data to the extent necessary to enable them to provide their services to us. They are required to follow our express instructions and to comply with appropriate security measures to protect your Personal Data. Click here for a full list of Subprocessors.

      We use Stripe, a third party payment processor, to process payments made through the Bubble Service and Bubble Marketplace. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all such information is provided directly to Stripe, whose use of your Personal Data is governed by their privacy policy, which may be viewed at

      Posting on the Bubble Service. You may share Personal Data with us when you submit user generated content to the Bubble Service, including via user forums or reviews of User Components within the Bubble Marketplace. Please note that any information you post or disclose on the Bubble Service will become public information, and will be available to other users of the Bubble Service and to the general public.

      We urge you to be very careful when deciding to disclose your Personal Data, or any other information, on the Bubble Service. Such Personal Data and other information will not be private or confidential once it is published on the Bubble Service. Bubble is not responsible for how others use such information. If you post Personal Data, even if you later remove it, other individuals who saw that Personal Data may retain copies of it through other means than the Bubble Service. We or our Direct Users may occasionally reproduce, publish, and distribute content from reviews in the Bubble Marketplace in any forum.

      If you provide feedback to us, we may use and disclose such feedback on the Bubble Service, provided we do not associate such feedback with your Personal Data. If you have provided your consent to do so, we may post your first and last name along with your feedback on the Bubble Service. We will collect any information contained in such feedback and will treat the Personal Data in it in accordance with this Policy.

      With SNS. The Bubble Service or a Bubble Site may also enable you to post content to an SNS. If you choose to do this, we will provide information to such SNS in accordance with your elections. You agree that you are solely responsible for your use of an SNS and that it is your responsibility to review the terms of use and privacy policy of such SNS.

      As Required by Law. We may access, preserve, and disclose your Personal Data, other account information, and content if we believe doing so is required by law or if those actions are reasonably necessary to:
      • comply with legal process, such as a court order or subpoena;
      • enforce this Policy or our Terms of Use;
      • respond to claims that any content violates the rights of third parties;
      • respond to law enforcement;
      • investigate and prevent unauthorized transactions or other illegal activities; or
      • protect our or others’ rights, property, or personal safety.

      Corporate Events. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be sold or transferred as part of such a transaction. We cannot control how such entities may use or disclose such information.

      Other Disclosures. We may share Personal Data as we believe necessary or appropriate: (a) to comply with applicable laws; (b) to comply with lawful requests and legal process, including to respond to requests from public and government authorities; (c) to enforce our Policy; and (d) to protect our rights, privacy, safety or property, and/or that of you or others.
      We may also disclose your Personal Data with your permission.


      The Bubble Service may contain links to third party websites and features. This Policy does not cover the privacy practices of such third parties. These third parties have their own privacy policies and we do not accept any responsibility or liability for their websites, features or policies. Please read their privacy policies before you submit any data to them.


      We seek to use reasonable organizational, technical and administrative measures to protect Personal Data within our organization. Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us using the details in the Section entitled “CONTACT INFORMATION.” By using the Bubble Service or providing Personal Data to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Bubble Service. If we learn of a breach of Personal Data, we may attempt to notify you electronically by posting a notice on the Bubble Service or sending an email to you. You may have a legal right to receive this notice in writing. To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice), please notify us using the details in the Section entitled “CONTACT INFORMATION.”

      10. RETENTION

      We will only retain your Personal Data as long as reasonably required for you to use the Bubble Service and/or to provide you with the Bubble Service unless a longer retention period is required or permitted by law (for example, for regulatory purposes).


      We do not knowingly collect, maintain, or use Personal Data from children under 16 years of age, and no part of the Bubble Service is directed to children under the age of 16. If you learn that a child has provided us with Personal Data without your consent, you should alert us using the details in the Section entitled “CONTACT INFORMATION.” If we learn that we have collected any Personal Data about children under 16, we will delete such information as soon as reasonably practicable.


      If you are a non-U.S. user of the Bubble Service or visitor to a Bubble Site, by providing us with data, you acknowledge and agree that your Personal Data may be processed for the purposes identified in this Policy. Your information, including Personal Data that we collect from you, may be transferred to, stored at and processed by us and other third parties outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By using the Bubble Service, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.


      Subject to the following paragraph, we ask that you not send us, and you not disclose, any sensitive Personal Data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) (“Sensitive Personal Data”) on or through the Bubble Service or otherwise to us.

      If you send or disclose any Sensitive Personal Data to us when you submit user-generated content to the Bubble Service, you consent to our processing and use of such Sensitive Personal Data in accordance with this policy. If you do not consent to our processing and use of such Sensitive Personal Data, you must not submit such user generated content to our Services.

      14. YOUR RIGHTS

      • Opt-out. You may contact us anytime to opt-out of: (i) direct marketing communications; (ii) automated decision-making and/or profiling; (iii) our collection of Sensitive Personal Data; (iv) any new processing of your Personal Data that we may carry out beyond the original purpose; or (v) the transfer of your Personal Data outside the EEA. Please note that your use of some of the Bubble Service may be ineffective upon opt-out.
      • Access. You may access the information we hold about you at any time via your account page or by contacting us directly.
      • Amend. You can also contact us to update or correct any inaccuracies in your Personal Data.
      • Move. Your Personal Data is portable – i.e. you to have the flexibility to move your data to other service providers as you wish.
      • Erase and forget. In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase your data.

      If you wish to exercise any of these rights, please contact us using the details in Section entitled “CONTACT INFORMATION” below. In your request, please make clear: (i) what Personal Data is concerned; and (ii) which of the above rights you would like to enforce. For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.

      15. COMPLAINTS

      We are committed to resolve any complaints about our collection or use of your Personal Data. If you would like to make a complaint regarding this Policy or our practices in relation to your Personal Data, please contact us at: We will reply to your complaint as soon as we can and in any event, within 45 days. We hope to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority.


      Any changes to this Policy will always be posted to this section of the website, along with the effective date of the updated Policy. You should check this page periodically to stay abreast of any such changes. Bubble will never make changes to the Policy that violate any applicable privacy laws. For any material changes to the Policy, we will notify Direct Users via email or by placing a prominent notice on the homepage of our website.


      We welcome your comments or questions about this Policy. If you would like to update or correct any information that you have provided to us through your use of the Bubble Service or otherwise, or if you have suggestions for improving this Privacy Policy, please use the “My account” tab of the Bubble Service or contact us in writing at:

      Bubble Group, Inc.
      1114 Avenue of the Americas, 46th Floor
      New York,
      NY 10036
      ATTN: Jeff Laretto

Contact information

    • Owner and Data Controller

      Cloudoperations PM Limited
      20-22 Wenlock Road
      N1 7GU

      Owner contact email: