We've updated our Privacy Statement.

Our new Privacy Statement took effect on May 25th, 2018. Read More »


This new Privacy Statement took effect on May 25th, 2018.

Looking for our old Privacy Statement? Click Here

Privacy Statement

Effective Date: 5/25/2018

This Privacy Statement highlights how we use the data collected through our website and associated online services.

This Privacy Statement explains what data Commiss.io collects about you, why, and what we do with that data. It also explains the choices available to you regarding our use of your personal data, as well as how you can access and update it. We respect your privacy and believe strongly in providing a safe and secure environment for our users. If you have any questions, you can contact us at any time.

Quick versions,

Summaries are here for your convenience, but you should still read the full statement.

Scope and Updates

This Privacy Statement applies to the Commiss.io services and includes the website, any associated web services, and any native applications we may offer in the future. By registering or using Commiss.io services, you consent to the collection policies outlined in this Privacy Statement.

As the online landscape changes, we may need to make changes to this Privacy Statement. Any changes will be indicated by an update to the effective date listed above. If we make material changes to this statement, we will provide additional notice. This can include sending you an email notification and/or a notification banner on our homepage dashboards and login screens. You should regularly review this statement to ensure you understand our practices.

If at any point you no longer wish to consent to this Privacy Statement, or you do not consent to material changes upon notice, you must notify us and take steps to deactivate your account(s) as outlined below. You can also exercise your rights under the EU General Data Protection Regulation as outlined below.

IN SHORT,

This statement applies to our website and other services. We will notify you if we make substantial changes. You need to deactivate your account if you no longer agree with this statement.

Data You Provide

We collect certain types of personal data in order to provide you with the use of Commiss.io services, and to help us personalize and improve your experience.

Account / Profile Data: We collect data about you when you register for an account, create/modify your profile, make purchases, access, or interact with the Commiss.io services. Data we collect includes:

  • Contact data such as name, email address, and phone number
  • Profile data such as username, profile photo, and biography
  • Preferences data such as site settings, marketing preferences, and notification preferences
  • Billing data such as credit card details and billing address

For creators, additional data may be collected, including:

  • Payment data such as bank account, debit card, or Paypal account
  • Additional contact data for support and identity verification
  • For creators earning over a certain threshold, tax data such as social security number

In general, you provide this data directly to Commiss.io. In the case of billing data and credit card data, this data is provided directly to our payment processor and kept secure. In the case of creator data, this data is immediately encrypted and sent to our payment processor to be kept secure. See "Security" below for more data.

Listings, Projects, and Other Content: We collect and store content that you create, input, submit, post, upload, transmit, store, or display in the process of using our website. Such content may include listings, projects, sample images, final assets, as well as the content of your project comments. This also includes any other sensitive or personal data you include, but were not asked for by Commiss.io.

Other Submissions: We also collect other data that you submit to our websites or as you participate in interactive features of the Commiss.io services. This can include participating in a survey, contest, promotion, activity or event, as well as requesting customer support. This Privacy Statement also applies to any interactions with us via third party social media sites.

IN SHORT,

Through your ordinary use of the site, you'll probably provide us with some data. This includes the types of personal data to the left. We'll keep it safe as outlined in this document.

Creators need to provide us more data so we can verify their identity and get them paid.

Data Passively Collected

Log Files: As is true with most online services, we collect certain data and store it in log files when you interact with the Commiss.io services. This data can include IP addresses, browser data, internet access provider, URLs of referring/exit pages, operating system, date/time stamp, device ID, mobile carrier, and similar data. Some URLs may include data such as username, page titles, and other view data. In general, we attempt to strip out personal data before use. Any non-anonymized use is treated in accordance with this privacy statement.

Analytics: We use Google Analytics, which automatically helps us collect usage data in order to help us improve our products and services. This service collects data in a way similar to our automatic logging.

Authentication and Fraud Detection: In order to help protect you from fraud, we may collect data about you and your interactions with our services. This is done through our payments provider in order to help identify potentially fraudulent activity.

IN SHORT,

We automatically collect data related to the usage of the site. This helps us track engagement, errors, and make improvements to the site.

How We Use Personal Data We Collect

Our primary purpose in collecting personal data is to provide you with a secure, efficient, and customized experience when buying or selling creative services. As such, we may use your personal data to:

  • Provide, operate, maintain, improve, and promote Commiss.io services
  • Enable you to access and use our services
  • Process transactions through our payment provider and send notices about your transactions
  • Send transactional messages, such as sending replies to customer support messages, notifying you of activity on your projects, and updating you on important changes to our services
  • Send promotional communications such as providing data about promotions, service improvements, newsletters, contests, and other updates. You can opt out of receiving these communications as outlined later under "Your Choices"
  • Monitor and analyze trends, usage, and activities in connection with our services and for marketing purposes
  • Verify your identity with our payment processor and partners when you start selling on our platform
  • Investigate and prevent fraudulent transactions, unauthorized access, and activities that are illegal or violate our Terms of Service, Client Agreement, or Creator Agreement
  • Personalize our services, such as providing content and features that match your interests and preferences
  • Enable you to share and promote content you submit through the site, including promoting your creator account
  • For other purposes with your consent.

Aggregate analytics data: We may use aggregate data, including log and configuration data, to understand how our services are being used. We may generate usage data from web logs, analytics logs, and other content provided to us. If this data is shared externally, we will not include personal data except as outlined in this statement.

IN SHORT,

We may use your personal data internally for a variety of purposes. Often this relates to providing better services, and sending you notices when you need them.

We also take steps to verify identities to help prevent fraud, impersonation, and misappropriation.

Cookies and Tracking Data

When you access our services, we (including our partners) may place small data files on your computer or other device. These may be in the form of cookies, pixel tags, e-tags, or HTML5 local storage. We use these technologies to recognize you, keep you logged in to your account, customize our services, measure performance, mitigate risk and prevent fraud, and to promote trust and safety across our services.

Your browser may include the option to disable cookies or other tracking technologies. You are permitted to do so, but doing so may interfere with your ability to use our services properly.

Do Not Track: Do Not Track is an optional browser setting that allows you to express preferences regarding third-party tracking. We do not currently respond to browser "do not track" signals. We are currently monitoring developments with this technology and may respond to these signals in the future.

Advertising: We may elect to partner with advertisers who use online behavioral advertising ("OBA"). Companies who are members of the Network Advertising Initiative, or who subscribe to the Digital Advertising Alliance's Self-Regulatory Principles for Online Behavioral Advertising, may allow you to opt-out of personalized advertisements.. For more data, including opt-out tools, please visit: http://www.aboutads.info/ and http://www.networkadvertising.org/choices/. If you are within the European Union, please visit http://www.youronlinechoices.eu/.

IN SHORT,

We use tracking technologies in order to provide a personalized experience and log you into your account. Our partners use them to help us provide our services, and in some cases to provide advertising.

You can opt-out of online behavioral advertising at the links provided to the left.

Data Sharing and Disclosure

We do not share or disclose any of your Personal Data or submitted content with third parties except as described in this statement. We do not sell your data.

We may share your data under the following circumstances:

With creators: We may share certain non-public data with creators where you have given consent, such as your email address. We may also allow creators to contact you, with your consent, with access to tools that allow for contact without the sharing of your personal data.

Other Commiss.io Users: We may share certain data with other Commiss.io users. This includes data you make publicly accessible, such as your username, profile image, and listings. We may also share data with Commiss.io users you have agreed to interact with, such as when you engage in a project. This may include project assets, comments, and the amount currently paid toward a project. Unless we are legally required to do so, such as to comply with a subpoena or payment processor rules, at no point do we reveal payment data to the other party without your explicit consent.

IN SHORT,

We share some data with other users, like things you publish publicly, or when you and the other user have an established relationship through the platform.

Third Parties: We may share your personal data with third parties in limited circumstances. This includes:

  • Service Providers: We work with third party service providers to provide hosting, maintenance, back-up, storage, payment processing, analytics, and other services for us. We may provide these service providers with your personal data for the purposes of providing those services for us. These providers are authorized to use this data only for the purpose of providing us with these services. Some of our pages, such as support pages, may use white-labeling techniques to serve content from our service providers while maintaining the look and feel of our site. You are providing your data to these third parties acting on our behalf.
  • Fraud prevention and risk management: We may share data with firms that help detect and mitigate the risk of fraudulent activities. This is done through our payment processors, and is only for the purpose of protecting our users and services.
  • Social media widgets: Our services may contain social media features, such as the Twitter "tweet" button. These features may collect your IP address, which page you are visiting, and may set a cookie to enable the feature to function properly. These widgets are hosted by a third party. Your interactions with these services are governed by the privacy policy of the company providing it.
  • Compliance with laws, law enforcement requests, and protecting our rights: We may disclose your personal data to a third party if we believe it is necessary pursuant to a subpoena, court order, or other legal process or requirement; when we need to do so to comply with any applicable law, regulation, or credit card rules; or when we believe, in our discretion, that the disclosure is necessary to prevent physical harm, to prevent financial loss, to report suspected illegal activity, or to investigate suspected violations of our Terms of Service, Client Agreement, or Creator Agreement.
  • Business Transfers: We may share or transfer your personal data in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal data as well as any choices you may have.
  • Anonymized and aggregated data: We may share aggregated or anonymized data that does not identify you with the parties described above.
  • With your consent: We will share your personal data with other third parties when we have your consent to do so.

We do not share personal data about you with third parties for their marketing purposes without your permission.

IN SHORT,

We share your data with service providers, but they can only do as we ask. We also share data to help detect and prevent fraud, and when we are legally required to do so. We may also share your data in relation to a potential sale or acquisition of our company.

Your Choices

You can opt out of receiving promotional communications by using the unsubscribe link within each email or updating your email preferences (login required) on our website. You can also contact us using the data listed at the end of this document. Though the opt-out is usually processed quickly, please allow up to 10 business days for removal.

Opting out of promotional communications does not opt you out of receiving transactional messages. You can opt out from some transactional messages in your settings, but many notifications related to your account are required, such as support responses, payment invoices, or Terms of Service updates.

You may be able to opt-out of online behavioral advertising as outlined under the tracking technologies section of this document.

IN SHORT,

You can opt out of promotional emails, such as newsletters, but not transactional emails, such as invoices and receipts.

Data Subject Rights: Accessing, Updating, and Deleting Your Data

If you are based in the European Union, Commiss.io respects your rights under the General Data Protection Regulation. The methods by which you can exercise these rights are outlined below. If you are not based in the EU, you may still exercise the choices outlined below.

You can review and edit your personal data at any time by logging into your account and reviewing your account settings and profile. You can also contact us using the data at the bottom of this document. By contacting us, you may request also request the categories of data collected, the source of the data, and whom we may have shared the data with.

You can edit and remove public content using the editing tools associated with that content. In general, you cannot remove posts or content made on current or previous projects.You can contact us to remove personal data from projects and comments. We will let you know if we cannot comply with that request, and why.

You can delete your account by contacting us. If you delete your account, we will mark it as such and remove most of your personal data; however, some data related to previous projects may be retained and remain available to the other party on your prior projects. This may include personal data associated with content you submitted, such as your display name or a signature on a submitted asset. If you are based in the European Union, we will fully comply with all requirements under the Right to Erasure.

Data Storage and Retention

For signed in and guest accounts, we will retain your account data as long as your account is active, or as reasonably useful for commercial purposes, or as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Otherwise, if the data is not associated with a specific user or guest account, we will retain the data as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

IN SHORT,

You can edit your personal data in your settings. You can also edit public data through the editing tools associated with that content. We can usually remove personal data from projects and project comments.

You can delete your account by contacting us, but some data will be retained for compliance purposes. We may need to retain some account data under certain circumstances, we will explain why.

Security and Data Protection

We may host data with hosting providers in numerous countries. In general, most of our hosting takes place in the United States. The servers on which personal data is stored are kept in a secure environment. We take reasonable efforts to guard your personal data, including data encryption, firewalls, and data access authorization controls. However, no security is impermeable. We cannot guarantee that all data will be absolutely safe from intrusion by others. In addition, if you provide personal data through comments, descriptions, or outside of situations where you are directly asked, we cannot guarantee that we will be able to meet all obligations you may have related to that data.

All data transmitted to and from our websites and services are encrypted using the industry standard SSL/TLS (https).

To safeguard payment data, and payee data, we transmit this directly to our payment processor. This data is encrypted in transit and not stored on our servers at any point. This data includes payment data (credit card numbers, billing addresses, etc.) as well as creator data (address, bank account data, etc.). Our payment providers hold world-class security certifications. You can view their security statement: Stripe Security.

IN SHORT,

We take industry standard steps to ensure your personal data is secure. We require secure connections with our services. Access to personal data is restricted amongst our staff.

Payment data, including credit card numbers and creator data, are not stored on our servers. We store this data directly with our payment processors for safety.

Transfers Outside of the European Union

If you are based in the European Union, you consent to the transfer of your personal data to Commiss.io servers and tools provided by our hosting partners. These include servers within the United States. You have the right to withdraw this consent at any time, and we will cease the transfer of any additional data from the EU to our servers. You may access the additional rights provided to you under the General Data Protection Regulation as outlined under Data Subject Rights above.

IN SHORT,

EU residents consent to the transfer of their data to our servers. You can withdraw this consent at any time as outlined above.

Contact Us

If you have any questions or concerns regarding this privacy statement, please contact us at: privacy@commiss.io

You can also send us postal mail:

Commiss.io
PO Box 26196
San Jose, CA 95126

IN SHORT,

Contact us if you have any questions, we love to hear from you!

You can also send us a letter, but it might take us longer to respond.