Effective August 5, 2019
Grafiti, Inc. 109 S. 5th Street Suite LG102, Brooklyn NY 11249
THE INFORMATION WE COLLECT AND HOW IT IS USED
Automatically collected information
Our servers automatically collect the following information regarding devices that access our site or app: device characteristics (including device ID for mobile devices), operating system, browser type, IP address, username from stored cookies if present, dates and times of each login, page and image viewing statistics, and incoming and outgoing links. We also log the metadata associated with any uploaded graphics, which can include, for example, images, charts, visuals, data, video, multimedia, and the like. We use this automatically collected anonymous data to analyze how our site and app are used so as to keep them optimized, to determine the popularity and usefulness of various features, to maintain the integrity of user accounts so that each user can see their posts and third-party interactions (i.e., likes, votes, shares, comments, and the like) to them, and to enable users with usernames to access their postings, collections, subscriptions, and user information. We also use such data to enable us to comply with copyright law, with 18 USC §2258A (illegal content), and to respond to lawful requests by public authorities, including national security, courts, and law enforcement.
None of the automatically collected information is personally identifying data – that is, data that could identify a specific individual. Some of this automatically collected information may be shared with third-party partners who provide content to Grafiti. These third parties could potentially combine our anonymous data with other data they have to enable them to identify individuals.
Interactively collected information
When you sign in with a username, we handle it in the same way as an automatically collected username except that if you don’t allow cookies, you have to enter your username each time you log in. A username is, by nature, publicly posted information.
We collect whatever personal data about you that you choose to give us, such as a contact email address (which we do not make public), first name, last name, and other profile information. We do not require you to use an account to upload content, and if you create an account with Grafiti, you do not have to provide any personal information.
If you are located in the EEA and wish to open an account, and do not use your real name, we suggest that you select a username and email address that reveal nothing about your identity. If you give us an email address, Grafiti may send you informational messages from time to time; we will try to make them fun and interesting but of course you will be able to opt out at any time.
INFORMATION YOU POST
Grafiti does not “collect” the content you post: images, comments, messages, etc., and – with respect to persons in the EEA – does not “process” or determine any purposes for processing of any information that you manifestly make public. In particular, all content uploaded to Grafiti is public – whether uploaded directly without going through a user account or uploaded via a user account – and has its own URL. No matter what your privacy settings are, all content can always be accessed and viewed by anyone who types in that exact URL. No content uploaded to Grafiti is ever completely hidden from public view. This is mainly to ensure that Grafiti, which allows anonymous postings, will not be used as a platform for illegality. Grafiti may monitor and police user uploads and user messaging, such as comments.
POST / CONTENT PRIVACY
Uploading content creates a “post” that can be shared to the community. The individual content, such as images, videos, charts, data, and the like inside the post are referred to collectively as “shared data.” Shared data will be publicly viewable and accessible by the Grafiti community, as well as to the public at large. Shared data may be susceptible to comments, sharing, and liking, voting, and appear in a user’s profile.
ACCESSING, CORRECTING, AND LIMITING USE OF YOUR DATA
Because Grafiti does not collect information about the identity of our users and we do not receive any information from third parties enabling us to identify our users, we have no means of knowing, or providing you with information about, whatever anonymous data about you we might have on our servers – unless you have a username. If you have a username, you may log in and access your data, correct whatever information you deem to be incorrect, opt out of information sharing with our content partners, or delete your account. For legal reasons we may retain backup and/or archival copies of information prior to your corrections, amendments, or deletions.
We take every reasonable precaution to protect the data on our servers from loss, misuse, unauthorized access, disclosure, alteration, or destruction, considering the risk level and the nature of the data. You are responsible for taking every reasonable precaution on your end to protect any unauthorized person from accessing your Grafiti account.
These terms are governed by Delaware law, excluding its conflicts of law principles, and if there is a lawsuit between a user outside the EEA and Grafiti, jurisdiction and venue will lie exclusively in the jurisdiction where the Grafiti is located, if within the United States, or otherwise. If you are a user located within the EEA and have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may, under certain conditions, invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information please see https://www.privacyshield.gov/article?id=ANNEX-I-introduction.